Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa
File: 7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa (raw, json)
Hash identifier: l20EZwRtqjQ8jNEPZ4ddgHTFe9a4Phdg1zBxfwZR3pw=
Subject key identifier: E3:EE:47:CB:78:BD:CA:83:23:D9:59:D6:3F:DB:23:C7:E4:4C:2C:9B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4AF17D572A346400886E2B0C41BB6FAA13E8BCED
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.214.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:f1:7d:57:2a:34:64:00:88:6e:2b:0c:41:bb:6f:aa:13:e8:bc:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:43:c8:5e:ea:dc:d4:c5:c6:e4:63:db:dc:ce:
4a:48:87:3e:43:da:2e:df:dd:a1:55:fa:3f:e4:4b:
fa:b5:0c:39:28:1d:97:a6:37:e6:76:7a:43:5d:ff:
ea:dd:58:e3:f6:de:3f:a0:5b:d5:94:37:fb:fa:2b:
f8:98:4c:fe:1e:3c:d0:9b:a3:0a:93:b7:cb:0b:11:
80:df:ef:02:52:70:ef:e8:76:dc:d8:0e:ab:99:73:
e6:19:a6:e9:10:c9:f7:0f:1c:fa:a2:d1:a0:88:66:
43:a9:6d:3a:61:a2:3e:09:ad:ff:f2:bb:74:a0:e6:
aa:5d:c9:4f:8f:30:79:72:a5:2a:ed:82:f1:9e:ba:
d4:98:d9:f0:b9:40:c1:46:fd:5b:37:51:9a:54:f6:
0a:99:7c:a2:d5:8c:1d:85:46:e3:1b:ec:84:8e:64:
8d:27:a4:73:f2:50:05:ec:d2:49:e0:20:5b:d5:fb:
f4:b5:3c:d0:4f:e2:1d:d0:26:e5:17:fe:f1:70:4d:
ab:00:0e:e1:7d:61:e2:3d:bd:c2:40:9d:81:26:de:
4d:a2:0f:f0:b0:7a:f0:9c:89:66:b5:b5:f8:07:aa:
f7:59:db:76:bb:6f:aa:5a:09:b4:1f:55:68:53:40:
cf:91:33:55:8e:1f:23:23:fa:7d:61:dd:54:b8:6b:
12:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:EE:47:CB:78:BD:CA:83:23:D9:59:D6:3F:DB:23:C7:E4:4C:2C:9B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/7f742b91-ded4-4d8e-bd36-0b187f27fb23.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.214.0.0/15
Signature Algorithm: sha256WithRSAEncryption
28:a8:46:d3:89:af:59:ca:53:e2:3e:32:cf:f8:cf:e5:96:ca:
b7:cb:67:d6:5a:6b:e9:c6:bb:47:f0:a9:7d:e3:d5:e7:f6:40:
90:ea:3c:cc:05:9a:a8:fd:c4:28:c0:44:7b:70:2a:36:7a:79:
42:9e:57:f4:cc:97:8b:4f:d9:52:95:d8:38:e3:9b:01:6b:4a:
2d:34:40:88:5b:e8:2e:2d:96:1d:99:6f:a8:f0:27:f5:d1:72:
07:2f:01:9a:c5:fe:b4:05:39:5c:4b:a2:90:2e:29:f5:5f:b8:
d7:49:47:f7:0f:ac:7c:ac:f4:a4:02:c8:ca:b0:e1:29:94:04:
27:72:00:b1:23:2f:b7:d5:d2:ad:ab:8e:ec:82:ff:d3:1a:41:
40:79:be:60:32:1b:bd:d6:88:5d:d6:7c:bd:61:51:b3:92:31:
c7:58:53:00:02:bf:b8:ed:58:a3:cf:85:05:23:97:9a:c7:34:
4c:71:db:a3:da:c9:29:cd:ad:29:b6:ce:5d:36:34:cd:fc:6a:
af:20:0d:05:22:61:1c:26:c0:6e:aa:dc:ba:6e:fe:05:d6:fd:
5f:49:14:e3:e1:72:7b:8a:a7:69:a6:5f:d9:f2:b5:6e:25:c7:
c4:fe:85:dc:f8:0c:94:96:f2:77:a1:2f:19:d8:14:cb:0c:99:
ca:94:4d:51
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSvF9Vyo0ZACIbisMQbtvqhPovO0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGZkNDFiOGMxZjRjZGQ0ZTM5YjQ4NDdiZmVlODJmMDEwZGViYTRiZjViNWQ0
ZmEwOTQ1YWE3ZjVlNmJiNjBjMGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL5DyF7q3NTFxuRj29zOSkiHPkPaLt/doVX6P+RL+rUMOSgdl6Y35nZ6Q13/
6t1Y4/beP6Bb1ZQ3+/or+JhM/h480JujCpO3ywsRgN/vAlJw7+h23NgOq5lz5hmm
6RDJ9w8c+qLRoIhmQ6ltOmGiPgmt//K7dKDmql3JT48weXKlKu2C8Z661JjZ8LlA
wUb9WzdRmlT2Cpl8otWMHYVG4xvshI5kjSekc/JQBezSSeAgW9X79LU80E/iHdAm
5Rf+8XBNqwAO4X1h4j29wkCdgSbeTaIP8LB68JyJZrW1+Aeq91nbdrtvqloJtB9V
aFNAz5EzVY4fIyP6fWHdVLhrEk8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTj7kfL
eL3KgyPZWdY/2yPH5EwsmzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
N2Y3NDJiOTEtZGVkNC00ZDhlLWJkMzYtMGIxODdmMjdmYjIzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPWMA0G
CSqGSIb3DQEBCwUAA4IBAQAoqEbTia9ZylPiPjLP+M/llsq3y2fWWmvpxrtH8Kl9
49Xn9kCQ6jzMBZqo/cQowER7cCo2enlCnlf0zJeLT9lSldg445sBa0otNECIW+gu
LZYdmW+o8Cf10XIHLwGaxf60BTlcS6KQLin1X7jXSUf3D6x8rPSkAsjKsOEplAQn
cgCxIy+31dKtq47sgv/TGkFAeb5gMhu91ohd1ny9YVGzkjHHWFMAAr+47Vijz4UF
I5eaxzRMcduj2skpza0pts5dNjTN/GqvIA0FImEcJsBuqty6bv4F1v1fSRTj4XJ7
iqdppl/Z8rVuJcfE/oXc+AyUlvJ3oS8Z2BTLDJnKlE1R
-----END CERTIFICATE-----
Generated at Tue Apr 8 23:34:16 2025 by rpki-client