Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/92aa3163-803c-4865-acea-681184356c4d.roa
File: 92aa3163-803c-4865-acea-681184356c4d.roa (raw, json)
Hash identifier: HHy5aP9C9KUWHXtGwc0efKkkurTin52xMOF05+MAnrc=
Subject key identifier: 5D:2D:85:A1:FA:C4:71:2D:40:8C:34:B2:7D:C2:33:FC:71:B0:57:D1
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 05979AE3CA751DECC135C95C4B7AFD9AA5600662
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/92aa3163-803c-4865-acea-681184356c4d.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:97:9a:e3:ca:75:1d:ec:c1:35:c9:5c:4b:7a:fd:9a:a5:60:06:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:6d:a4:02:49:a2:c2:35:b3:55:16:8e:20:e9:
dc:ad:91:9c:3b:b5:b2:0e:3b:e5:9a:6b:d8:34:a2:
8c:03:c4:ad:b7:04:6f:3d:b9:e8:e1:de:70:5e:30:
79:5c:c7:75:ec:a9:e5:68:84:23:71:c7:29:39:bc:
1d:1c:c2:14:e5:ed:12:c1:fa:78:f0:2c:43:92:3a:
cc:a4:29:bc:8c:4a:ed:c8:b2:05:6e:9e:a8:2a:54:
19:d8:4d:2e:2e:81:64:1d:10:d9:ec:55:ac:51:09:
5a:b0:40:1e:e0:93:d1:92:00:51:34:ab:0b:5d:96:
50:4e:6a:93:c1:02:cf:e2:35:84:d8:bc:b8:76:c9:
17:35:47:25:e5:f1:5c:45:cb:66:7d:08:90:0b:72:
75:e1:28:fc:ee:c3:45:5a:0d:88:72:07:95:5d:12:
45:e7:92:bb:31:df:19:71:5d:45:19:4b:9a:35:0b:
a5:78:c2:76:50:4b:33:72:13:ce:2f:eb:3c:1c:b4:
78:b5:4b:a6:6a:ca:64:f6:de:78:1a:b2:b5:ff:eb:
26:7e:02:12:fb:76:aa:c9:4d:db:14:8e:ec:27:47:
66:66:89:e8:22:23:95:ac:17:49:18:62:3b:8a:6a:
a7:a3:92:f7:c6:b9:8b:f4:0c:d4:23:7c:9c:88:b3:
2f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:2D:85:A1:FA:C4:71:2D:40:8C:34:B2:7D:C2:33:FC:71:B0:57:D1
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/92aa3163-803c-4865-acea-681184356c4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
3e:3d:de:57:e7:a2:53:52:d9:08:ff:7f:c7:73:7b:07:bf:99:
f7:e8:42:9e:c3:a1:b2:09:2d:e7:a2:2d:19:e7:55:c9:8e:e9:
64:27:57:11:4f:72:53:09:94:7d:4c:0e:f2:be:d6:89:b6:bd:
c2:ff:a2:4c:8f:2e:0a:c2:bc:54:0d:5f:9a:d6:15:4b:3b:28:
97:67:06:8c:e2:b1:8f:31:70:02:30:41:1b:d6:35:be:b9:79:
46:e9:e6:ba:2e:e8:34:60:86:b9:de:17:f3:5b:42:1d:a0:be:
39:d9:b3:a5:7f:ca:58:a2:12:d3:55:56:18:03:5b:1e:5d:11:
ab:fb:64:b7:f9:4a:08:e5:d2:8d:4a:86:e2:40:54:1b:03:74:
14:5a:be:26:87:73:ee:90:32:c3:c7:f2:5d:f6:29:5b:cf:52:
27:83:62:86:f0:24:70:89:82:bc:ca:14:18:52:d4:3f:cb:dc:
81:f6:e8:83:43:eb:a0:e6:a6:a2:d8:d3:7d:fb:87:bd:6a:63:
ef:6a:de:08:ab:29:f1:b6:28:dd:aa:4d:7d:70:28:10:83:06:
46:d9:6d:66:0a:dc:4f:ea:ad:3e:43:4a:8e:04:93:21:f2:8b:
74:e1:55:09:7a:95:20:2e:01:8a:83:b6:30:3b:01:b5:c2:ca:
7f:31:18:04
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBZea48p1HezBNclcS3r9mqVgBmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNiZWEyMGI0ODA3NmZjZWZhMDZiZTBkYzhiODdlZmNjOTA4ZGYzMmFjMDc3
YzFhOGMzYjJkMTA2YmEyYjM3YzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9tpAJJosI1s1UWjiDp3K2RnDu1sg475Zpr2DSijAPErbcEbz256OHecF4w
eVzHdeyp5WiEI3HHKTm8HRzCFOXtEsH6ePAsQ5I6zKQpvIxK7ciyBW6eqCpUGdhN
Li6BZB0Q2exVrFEJWrBAHuCT0ZIAUTSrC12WUE5qk8ECz+I1hNi8uHbJFzVHJeXx
XEXLZn0IkAtydeEo/O7DRVoNiHIHlV0SReeSuzHfGXFdRRlLmjULpXjCdlBLM3IT
zi/rPBy0eLVLpmrKZPbeeBqytf/rJn4CEvt2qslN2xSO7CdHZmaJ6CIjlawXSRhi
O4pqp6OS98a5i/QM1CN8nIizLw0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdLYWh
+sRxLUCMNLJ9wjP8cbBX0TAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTJhYTMxNjMtODAzYy00ODY1LWFjZWEtNjgxMTg0MzU2YzRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQA+Pd5X56JTUtkI/3/Hc3sHv5n36EKew6GyCS3noi0Z
51XJjulkJ1cRT3JTCZR9TA7yvtaJtr3C/6JMjy4KwrxUDV+a1hVLOyiXZwaM4rGP
MXACMEEb1jW+uXlG6ea6Lug0YIa53hfzW0IdoL452bOlf8pYohLTVVYYA1seXRGr
+2S3+UoI5dKNSobiQFQbA3QUWr4mh3PukDLDx/Jd9ilbz1Ing2KG8CRwiYK8yhQY
UtQ/y9yB9uiDQ+ug5qai2NN9+4e9amPvat4Iqynxtijdqk19cCgQgwZG2W1mCtxP
6q0+Q0qOBJMh8ot04VUJepUgLgGKg7YwOwG1wsp/MRgE
-----END CERTIFICATE-----
Generated at Wed Apr 9 02:27:46 2025 by rpki-client