Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78a98b8d-81ac-4e41-a012-084be89be1cb.roa
File: 78a98b8d-81ac-4e41-a012-084be89be1cb.roa (raw, json)
Hash identifier: u5oDCI50IJ9e3eJKyjzDzbr8BALa08RxF8p8wNhis4o=
Subject key identifier: DF:07:59:93:37:77:BA:7D:D9:6D:03:82:11:83:18:F7:F1:E1:27:B6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 30E6D41F449AE597C6BE0570F8D031A1BEEE68C1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78a98b8d-81ac-4e41-a012-084be89be1cb.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.112.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:e6:d4:1f:44:9a:e5:97:c6:be:05:70:f8:d0:31:a1:be:ee:68:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:d7:cb:40:3b:ba:d1:28:e8:a8:bc:97:56:e5:
f0:c2:bb:79:1b:83:59:fc:a5:bb:62:f2:0e:30:60:
41:e2:99:ba:7e:37:4b:06:86:9e:82:f1:b4:43:ce:
4f:e3:b3:7e:ef:b4:48:80:a6:50:e5:ae:95:f8:87:
27:02:88:94:b9:26:2e:cf:a4:76:c1:17:24:57:0a:
c0:aa:fb:50:bf:b6:fd:61:86:0d:6d:b9:d0:b3:26:
2d:70:c6:0e:b6:56:8e:f4:6f:c0:54:ad:08:f2:08:
ad:fd:9f:66:bd:e0:fd:e5:94:5e:92:33:6e:ba:3a:
71:91:8c:14:07:84:84:d2:8f:62:d9:2d:ca:24:c4:
3d:32:50:b2:bd:59:9e:f6:21:ab:35:3c:0f:64:43:
b1:94:34:4e:13:e9:f5:42:16:c0:99:e9:58:ff:f0:
2d:5e:9d:cb:c0:9f:62:60:40:06:fc:0a:f9:ff:7e:
b1:60:cb:ef:95:1c:49:e0:f3:c7:3b:3c:0c:f9:63:
92:52:b8:34:71:1c:49:3f:36:d5:a4:ff:3a:cf:9a:
eb:79:b7:4f:e9:4f:bb:ed:d5:94:4c:ef:2d:9f:32:
73:d9:ab:c7:e1:23:59:64:ae:b5:24:07:66:2f:74:
14:29:f9:28:24:d5:d4:ab:1d:a6:7f:eb:fc:df:f2:
69:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:07:59:93:37:77:BA:7D:D9:6D:03:82:11:83:18:F7:F1:E1:27:B6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/78a98b8d-81ac-4e41-a012-084be89be1cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2a:a7:fb:68:dd:1c:f3:a7:1e:ec:fb:21:31:25:b3:33:a7:8f:
b5:13:57:84:5a:d6:5d:28:1e:bc:b2:fb:77:59:8d:ad:e8:ef:
f0:ee:d8:67:e0:12:c5:22:3a:86:53:2a:38:e3:89:36:c1:47:
88:92:c4:97:54:cf:d9:5a:b7:cb:f0:e5:86:58:95:56:68:66:
fc:e5:d2:cf:5c:32:6c:1e:b8:a2:79:b1:f6:b9:86:75:da:f7:
07:8c:9a:41:ba:bd:06:0c:6d:63:88:02:e8:c3:bf:02:e3:ea:
9a:56:e1:4f:d4:39:2a:a5:dd:c9:2e:fc:3a:d3:01:01:c9:b5:
be:e3:e9:9b:a2:4c:c3:b5:fb:29:d9:d2:84:1f:5f:e6:fb:a7:
56:6f:78:6a:d8:4a:94:51:03:3b:77:db:f7:69:b6:2b:ed:f6:
ad:03:f9:04:36:77:fa:69:ef:60:a5:e3:48:82:0e:a0:a0:1c:
3e:2d:1b:7d:3f:fb:ff:df:ea:cb:e4:40:e6:af:bb:df:34:6c:
78:4e:a0:a2:d9:d2:6e:79:4f:d7:db:eb:73:41:7b:b2:07:06:
6c:dc:9e:04:eb:97:6b:c3:ee:06:83:c7:88:2b:cd:a4:86:75:
d5:9e:7f:61:5b:c8:c2:8e:4c:74:cc:e3:04:6d:a7:e1:56:ec:
54:62:9e:9b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMObUH0Sa5ZfGvgVw+NAxob7uaMEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDIwMDAwMDBaFw0yNTAxMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4MGUzNTM3MjNiZTY0Zjk3ODFjZWJmMjZjNTQ5MjdmZWIxZjFiZjZmNzQy
ZjY3MTYxODZkYmJmMmYzMTc3ZDkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOzXy0A7utEo6Ki8l1bl8MK7eRuDWfylu2LyDjBgQeKZun43SwaGnoLxtEPO
T+Ozfu+0SICmUOWulfiHJwKIlLkmLs+kdsEXJFcKwKr7UL+2/WGGDW250LMmLXDG
DrZWjvRvwFStCPIIrf2fZr3g/eWUXpIzbro6cZGMFAeEhNKPYtktyiTEPTJQsr1Z
nvYhqzU8D2RDsZQ0ThPp9UIWwJnpWP/wLV6dy8CfYmBABvwK+f9+sWDL75UcSeDz
xzs8DPljklK4NHEcST821aT/Os+a63m3T+lPu+3VlEzvLZ8yc9mrx+EjWWSutSQH
Zi90FCn5KCTV1Ksdpn/r/N/yaRMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTfB1mT
N3e6fdltA4IRgxj38eEntjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzhhOThiOGQtODFhYy00ZTQxLWEwMTItMDg0YmU4OWJlMWNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQAqp/to3Rzzpx7s+yExJbMzp4+1E1eEWtZdKB68svt3
WY2t6O/w7thn4BLFIjqGUyo444k2wUeIksSXVM/ZWrfL8OWGWJVWaGb85dLPXDJs
HriiebH2uYZ12vcHjJpBur0GDG1jiALow78C4+qaVuFP1Dkqpd3JLvw60wEBybW+
4+mbokzDtfsp2dKEH1/m+6dWb3hq2EqUUQM7d9v3abYr7fatA/kENnf6ae9gpeNI
gg6goBw+LRt9P/v/3+rL5EDmr7vfNGx4TqCi2dJueU/X2+tzQXuyBwZs3J4E65dr
w+4Gg8eIK82khnXVnn9hW8jCjkx0zOMEbafhVuxUYp6b
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:13 2025 by rpki-client