Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d1cb951-0a3b-460a-9669-128180570058.roa
File: 8d1cb951-0a3b-460a-9669-128180570058.roa (raw, json)
Hash identifier: sh9u6V9oRfEXghWxKPQ0rVMgg6+DMyYM/7FtMnS3hbk=
Subject key identifier: C0:70:0D:FB:B0:64:D0:21:C1:C8:90:A0:E0:6D:95:54:86:8A:90:DC
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1B751429FBAC1C3732A48812EA82C6A41E5C0500
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d1cb951-0a3b-460a-9669-128180570058.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.176.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:75:14:29:fb:ac:1c:37:32:a4:88:12:ea:82:c6:a4:1e:5c:05:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:ce:9b:62:24:d9:23:05:5f:e5:e2:84:91:00:
09:d3:32:76:17:06:c7:4b:44:d9:b9:ed:2c:e8:a7:
5c:da:78:77:8c:5f:f3:d3:73:27:e0:2c:b3:9b:16:
5a:fb:6e:d5:f3:99:b3:a0:e1:ec:95:e2:72:34:c0:
70:f9:d1:5a:45:6a:73:fa:ee:96:c4:ee:54:e9:33:
52:4c:2e:44:bb:84:da:08:40:08:0c:3b:d7:9f:25:
04:ba:ce:fd:34:07:46:f8:1c:21:86:f7:09:11:24:
b5:28:31:09:69:27:4b:20:6d:e0:07:85:08:cd:b2:
4b:f5:c9:ba:70:45:53:cf:d4:33:f5:9c:00:e0:f6:
7f:36:5e:af:00:8a:83:1a:4b:cb:5a:04:2c:87:32:
60:60:ec:04:0b:54:07:31:ef:80:2b:25:c4:4b:f4:
bc:9d:f5:22:59:b6:34:25:5c:c8:18:e1:cb:81:87:
a4:63:e7:c2:f9:e7:80:df:c3:87:60:65:b7:24:e2:
01:82:cd:5f:23:84:82:15:3a:f6:8c:2a:e3:08:31:
99:ce:0b:b8:c3:b6:cd:9f:dc:86:9b:43:b2:1d:b5:
17:2b:79:ab:c0:0b:21:68:94:31:49:12:bf:0c:27:
e2:bf:3b:29:23:9a:23:a8:64:a0:7b:1b:b0:4b:ef:
b9:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:70:0D:FB:B0:64:D0:21:C1:C8:90:A0:E0:6D:95:54:86:8A:90:DC
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8d1cb951-0a3b-460a-9669-128180570058.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.176.0.0/15
Signature Algorithm: sha256WithRSAEncryption
ac:49:7c:95:c9:c3:83:55:0c:5e:64:67:ac:b6:e0:d2:9a:e9:
2c:7a:87:5d:db:05:2c:e6:5b:fc:34:98:07:de:be:10:c3:fe:
23:f6:e4:8f:69:de:7b:10:dd:11:d3:13:c7:3c:ff:fc:fb:dd:
e5:4e:62:9d:d5:8a:76:26:e9:26:22:5f:9c:98:5e:4b:92:29:
f0:d5:05:94:46:bc:66:b9:a6:b6:5a:43:fc:89:cb:5c:a9:7f:
5d:7e:02:c1:10:06:ee:04:67:0a:b7:54:cd:56:0e:93:e2:69:
a5:21:41:bc:c5:42:b9:82:eb:2f:83:16:d0:f2:0d:2c:5a:c2:
9c:f9:d8:28:a1:db:45:77:93:06:c5:1f:e8:12:10:e2:c2:93:
45:f5:e4:08:95:c4:c0:72:a4:ff:52:2a:e9:0e:8f:71:05:7b:
2b:11:79:a8:20:b0:b3:2c:a1:1f:8c:09:27:97:bc:43:2c:86:
00:80:4f:5e:df:dd:0c:e4:43:b9:79:24:fb:da:db:a5:f1:52:
2d:89:df:da:04:be:cd:27:be:5f:14:90:e9:ba:43:5d:cd:41:
dc:6b:a1:97:02:ca:43:61:4b:48:44:dc:5b:61:06:1f:a7:a2:
13:e0:1d:03:fa:b7:06:07:c2:ad:3d:97:2f:e3:58:d3:fb:93:
10:c1:15:bc
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUG3UUKfusHDcypIgS6oLGpB5cBQAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDEzMmJiMWEzZDgwNjEwYzNhODUyM2E0ZGU1YmYwMGY3YjE5OWRhOTc0YTRi
MGUxMGI5NDBmZWNjYzM2YTkzNTQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALvOm2Ik2SMFX+XihJEACdMydhcGx0tE2bntLOinXNp4d4xf89NzJ+Ass5sW
Wvtu1fOZs6Dh7JXicjTAcPnRWkVqc/rulsTuVOkzUkwuRLuE2ghACAw7158lBLrO
/TQHRvgcIYb3CREktSgxCWknSyBt4AeFCM2yS/XJunBFU8/UM/WcAOD2fzZerwCK
gxpLy1oELIcyYGDsBAtUBzHvgCslxEv0vJ31Ilm2NCVcyBjhy4GHpGPnwvnngN/D
h2BltyTiAYLNXyOEghU69owq4wgxmc4LuMO2zZ/chptDsh21Fyt5q8ALIWiUMUkS
vwwn4r87KSOaI6hkoHsbsEvvuSMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTAcA37
sGTQIcHIkKDgbZVUhoqQ3DAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGQxY2I5NTEtMGEzYi00NjBhLTk2NjktMTI4MTgwNTcwMDU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOwMA0G
CSqGSIb3DQEBCwUAA4IBAQCsSXyVycODVQxeZGestuDSmukseodd2wUs5lv8NJgH
3r4Qw/4j9uSPad57EN0R0xPHPP/8+93lTmKd1Yp2JukmIl+cmF5Lkinw1QWURrxm
uaa2WkP8ictcqX9dfgLBEAbuBGcKt1TNVg6T4mmlIUG8xUK5gusvgxbQ8g0sWsKc
+dgoodtFd5MGxR/oEhDiwpNF9eQIlcTAcqT/UirpDo9xBXsrEXmoILCzLKEfjAkn
l7xDLIYAgE9e390M5EO5eST72tul8VItid/aBL7NJ75fFJDpukNdzUHca6GXAspD
YUtIRNxbYQYfp6IT4B0D+rcGB8KtPZcv41jT+5MQwRW8
-----END CERTIFICATE-----
Generated at Sat Apr 5 22:34:56 2025 by rpki-client