Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/77b69854-7acc-4257-9488-ffcab8197c82.roa
File: 77b69854-7acc-4257-9488-ffcab8197c82.roa (raw, json)
Hash identifier: Oe+jIF8tHE6CVDixz6Lf5xQGhGYdEz2MoTfALnqoNIY=
Subject key identifier: E8:88:7C:CC:35:9E:B0:3B:A5:60:F5:A6:5D:A2:2D:B7:F0:82:04:85
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0DB5F8C2FC342E17A09F23357595E58D9643ED0C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/77b69854-7acc-4257-9488-ffcab8197c82.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.131.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:b5:f8:c2:fc:34:2e:17:a0:9f:23:35:75:95:e5:8d:96:43:ed:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:5e:38:63:e0:60:0f:eb:aa:31:9b:32:e2:60:
42:02:0c:9e:3b:d0:15:cb:97:42:2c:8d:eb:ac:fd:
ed:c4:5e:77:b5:a4:c9:58:d7:de:a6:1e:75:a8:9c:
9c:17:8b:de:6f:fd:c0:d4:d7:b2:db:f6:c1:2d:f7:
39:07:4b:6d:71:78:54:a5:fe:b0:07:27:72:19:bb:
3a:cb:62:cb:3e:bf:5b:1b:f5:95:b3:69:47:28:b4:
4a:6f:50:a4:51:c7:22:6b:74:85:2e:5a:ce:87:cc:
36:10:5a:5b:e6:aa:58:37:d0:e5:c0:32:b2:1d:21:
19:c5:09:ab:6a:2a:7b:e1:a9:3c:08:f0:5d:bd:8f:
99:3b:7a:d6:ed:19:84:d8:d3:25:9a:d7:68:23:fa:
19:dd:79:bc:6a:bc:0b:c7:40:8b:5b:65:19:49:f1:
1c:2d:c5:25:e9:06:29:c2:5a:19:79:25:ad:24:ee:
2c:fc:10:2a:a6:5a:8d:ad:3e:5c:25:9b:35:81:8d:
92:8a:03:97:0b:31:a2:d2:90:a6:24:d9:fb:8b:b8:
d6:d6:9b:f2:e5:8d:c4:3a:7e:b1:84:1b:31:2b:75:
cc:30:06:9b:29:2e:72:eb:dd:65:95:ee:77:1c:ea:
ec:c6:e6:d1:f7:c4:3e:5b:c3:d7:5f:cd:ab:62:7a:
23:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:88:7C:CC:35:9E:B0:3B:A5:60:F5:A6:5D:A2:2D:B7:F0:82:04:85
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/77b69854-7acc-4257-9488-ffcab8197c82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.131.0.0/16
Signature Algorithm: sha256WithRSAEncryption
48:e4:82:e8:c1:7a:fd:2a:1c:70:4b:d1:c1:5d:11:e3:66:3f:
e9:39:f1:d3:09:5f:c9:7a:06:4d:5d:13:3e:83:eb:bd:47:cc:
fe:1c:45:c9:6e:d0:7a:f4:f8:eb:5c:7e:f5:38:7b:7f:7a:be:
ac:79:05:3d:d6:71:84:7f:7c:dc:08:e9:4b:4d:d6:fc:31:2c:
e7:93:66:e2:4a:4a:f1:78:c2:31:49:e7:c6:3d:2a:87:61:d1:
fd:0f:ab:85:47:56:b4:05:8f:3a:5a:51:37:ad:ad:2a:50:6d:
44:06:8e:e4:fd:1e:53:37:d8:91:d2:87:c3:7c:8c:7a:9f:22:
af:2a:59:0c:dd:37:94:c8:c6:ac:dc:86:88:b9:14:c1:9a:b3:
3c:ce:d4:7f:e8:91:95:2a:c4:3f:69:0b:f7:70:90:44:47:1c:
f3:d3:f2:c8:5e:51:5c:e3:ad:4b:c4:93:bc:6e:12:05:08:5e:
6f:ff:40:3a:6a:8c:b5:6d:49:76:9b:37:17:a9:3a:cc:cd:8f:
3f:2a:ad:b4:79:27:bd:dc:11:f9:c1:d9:73:6c:93:b1:18:d4:
d1:a0:81:6f:03:89:84:e5:0e:32:22:d4:69:a8:e2:66:95:f6:
f1:00:ce:72:98:26:88:fe:c5:7e:a4:6b:6e:45:26:98:49:b0:
53:f9:4c:52
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDbX4wvw0LhegnyM1dZXljZZD7QwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIzNGJlMDFlZDViNmYxNjVmNmM1ODZhOWIyZGRkNWZiNGNlYWI4MTQ5NmI4
YWZkNDE2ZGQ2YzBkYmM4N2YxY2MxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANJeOGPgYA/rqjGbMuJgQgIMnjvQFcuXQiyN66z97cRed7WkyVjX3qYedaic
nBeL3m/9wNTXstv2wS33OQdLbXF4VKX+sAcnchm7Ostiyz6/Wxv1lbNpRyi0Sm9Q
pFHHImt0hS5azofMNhBaW+aqWDfQ5cAysh0hGcUJq2oqe+GpPAjwXb2PmTt61u0Z
hNjTJZrXaCP6Gd15vGq8C8dAi1tlGUnxHC3FJekGKcJaGXklrSTuLPwQKqZaja0+
XCWbNYGNkooDlwsxotKQpiTZ+4u41tab8uWNxDp+sYQbMSt1zDAGmykucuvdZZXu
dxzq7Mbm0ffEPlvD11/Nq2J6I4MCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBToiHzM
NZ6wO6Vg9aZdoi238IIEhTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzdiNjk4NTQtN2FjYy00MjU3LTk0ODgtZmZjYWI4MTk3YzgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADODMA0G
CSqGSIb3DQEBCwUAA4IBAQBI5ILowXr9KhxwS9HBXRHjZj/pOfHTCV/JegZNXRM+
g+u9R8z+HEXJbtB69PjrXH71OHt/er6seQU91nGEf3zcCOlLTdb8MSznk2biSkrx
eMIxSefGPSqHYdH9D6uFR1a0BY86WlE3ra0qUG1EBo7k/R5TN9iR0ofDfIx6nyKv
KlkM3TeUyMas3IaIuRTBmrM8ztR/6JGVKsQ/aQv3cJBERxzz0/LIXlFc461LxJO8
bhIFCF5v/0A6aoy1bUl2mzcXqTrMzY8/Kq20eSe93BH5wdlzbJOxGNTRoIFvA4mE
5Q4yItRpqOJmlfbxAM5ymCaI/sV+pGtuRSaYSbBT+UxS
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:24:51 2025 by rpki-client