Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88f52aa4-587a-4c53-908e-056e9d4b7bca.roa
File: 88f52aa4-587a-4c53-908e-056e9d4b7bca.roa (raw, json)
Hash identifier: 3ahnWn5KFMvQsZBiT21TRKdahXy+n8SWQYsTKeteVyk=
Subject key identifier: FF:AA:0D:1A:5B:BA:54:7D:81:0C:13:50:29:4E:04:A6:25:0F:1E:54
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 34641DED01A3FEC79DBFE14323555DC8696787E3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88f52aa4-587a-4c53-908e-056e9d4b7bca.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.232.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:64:1d:ed:01:a3:fe:c7:9d:bf:e1:43:23:55:5d:c8:69:67:87:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:3b:01:1b:07:05:92:2f:a3:e1:fa:eb:a1:80:
48:64:95:46:93:7d:a2:b7:01:41:e4:3e:88:eb:07:
31:9e:31:b5:cb:b3:4f:59:2b:e0:8d:ce:d1:88:f3:
3b:53:1b:a9:26:dd:74:fc:30:ce:60:ac:a9:d9:cd:
f0:bf:77:28:b5:05:95:8c:e3:33:2a:b4:e8:0a:d7:
79:b5:1b:8a:e0:d1:d6:c9:54:88:de:e6:ac:2e:f9:
de:9b:39:f8:6f:b5:5a:b9:54:6f:fa:ea:3d:59:c9:
83:d2:d1:d9:01:cf:a6:7f:18:55:4c:82:21:81:d8:
c8:6d:cf:41:28:e4:15:b9:6b:9b:b8:e2:31:ec:7b:
b0:52:dd:c3:25:d3:91:76:1b:b5:4a:91:4a:2e:bd:
5d:53:13:ed:7d:21:a3:74:79:3c:04:48:f1:43:10:
42:22:7a:46:e2:9d:02:a9:dd:7a:e1:74:ac:6f:ef:
f3:31:c1:c9:f3:c3:00:e3:22:b8:69:e3:3d:27:21:
3a:29:ba:7a:c8:93:78:ea:70:ca:76:1e:cc:4d:2f:
aa:c7:28:b8:c9:ef:94:3e:49:9c:3f:a9:87:90:ac:
f7:04:7e:7c:88:47:ff:94:58:c9:d6:99:49:1b:0a:
da:1e:72:90:05:6a:65:da:0f:10:6e:a0:67:0e:f3:
26:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:AA:0D:1A:5B:BA:54:7D:81:0C:13:50:29:4E:04:A6:25:0F:1E:54
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/88f52aa4-587a-4c53-908e-056e9d4b7bca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.232.0.0/15
Signature Algorithm: sha256WithRSAEncryption
9d:0e:76:34:c8:f1:fd:0e:27:c0:73:d7:d8:50:a4:0e:b7:cc:
76:76:81:78:47:57:3e:1b:36:c7:b3:30:90:00:9c:62:5d:d5:
93:1e:af:f1:f1:99:87:90:f4:c1:dd:7f:ce:ed:05:0b:26:d2:
51:2c:19:0a:3b:79:80:23:35:26:53:5e:3c:42:39:e7:1f:47:
e2:64:7d:58:f4:c1:82:6e:85:30:57:e2:5e:df:2e:57:ea:08:
2a:93:c0:2b:96:d5:0a:19:0f:46:d1:4b:fa:53:4d:9d:bb:02:
27:e5:01:6c:30:d5:e2:0f:b1:c9:3e:ce:c5:88:12:67:0e:f6:
ae:c0:25:1a:8d:88:ed:c0:37:4c:f2:86:48:eb:9e:3b:f6:76:
c6:13:ac:28:f7:db:fb:f9:73:d9:0f:4a:2b:10:da:3d:cf:fa:
34:1f:06:14:c8:c1:d9:c1:a8:30:28:98:2f:ff:b4:e0:b7:93:
87:c0:47:27:11:27:f9:b8:05:72:2f:6f:9d:5a:d0:60:44:26:
3b:18:aa:6d:37:74:6b:fa:58:3a:e7:9b:2c:81:fd:a4:37:4f:
46:9c:ac:19:a1:d5:b1:73:43:2f:43:59:c9:cd:cd:25:31:88:
42:16:05:af:21:3c:ee:f6:65:80:98:47:f7:7e:84:bd:cb:ef:
b9:80:fe:34
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUNGQd7QGj/sedv+FDI1VdyGlnh+MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDczOTIwYTE0MWIyNzA2ZjViZWVlOTI2M2U0MjJkNjk0NmU3MTBmOGJjNDVj
NjEwODAyNjE0OGI3MzM3NjFiYzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJE7ARsHBZIvo+H666GASGSVRpN9orcBQeQ+iOsHMZ4xtcuzT1kr4I3O0Yjz
O1MbqSbddPwwzmCsqdnN8L93KLUFlYzjMyq06ArXebUbiuDR1slUiN7mrC753ps5
+G+1WrlUb/rqPVnJg9LR2QHPpn8YVUyCIYHYyG3PQSjkFblrm7jiMex7sFLdwyXT
kXYbtUqRSi69XVMT7X0ho3R5PARI8UMQQiJ6RuKdAqndeuF0rG/v8zHByfPDAOMi
uGnjPSchOim6esiTeOpwynYezE0vqscouMnvlD5JnD+ph5Cs9wR+fIhH/5RYydaZ
SRsK2h5ykAVqZdoPEG6gZw7zJqsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT/qg0a
W7pUfYEME1ApTgSmJQ8eVDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ODhmNTJhYTQtNTg3YS00YzUzLTkwOGUtMDU2ZTlkNGI3YmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPoMA0G
CSqGSIb3DQEBCwUAA4IBAQCdDnY0yPH9DifAc9fYUKQOt8x2doF4R1c+GzbHszCQ
AJxiXdWTHq/x8ZmHkPTB3X/O7QULJtJRLBkKO3mAIzUmU148QjnnH0fiZH1Y9MGC
boUwV+Je3y5X6ggqk8ArltUKGQ9G0Uv6U02duwIn5QFsMNXiD7HJPs7FiBJnDvau
wCUajYjtwDdM8oZI65479nbGE6wo99v7+XPZD0orENo9z/o0HwYUyMHZwagwKJgv
/7Tgt5OHwEcnESf5uAVyL2+dWtBgRCY7GKptN3Rr+lg655ssgf2kN09GnKwZodWx
c0MvQ1nJzc0lMYhCFgWvITzu9mWAmEf3foS9y++5gP40
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:12 2025 by rpki-client