Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/93fb8cf7-eb5c-4c22-89ab-1cabf9c9d510.roa
File: 93fb8cf7-eb5c-4c22-89ab-1cabf9c9d510.roa (raw, json)
Hash identifier: 830Ud+Wt03xPrTAcRG/ViE6RELaZNjjpINsl6rl8lyc=
Subject key identifier: 61:C3:1F:A9:AE:22:26:B0:A8:F4:35:0D:61:A8:28:65:F5:E7:2A:65
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7B924D33B09A9F150052897A90AFABE3FFAA4262
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/93fb8cf7-eb5c-4c22-89ab-1cabf9c9d510.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.125.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:92:4d:33:b0:9a:9f:15:00:52:89:7a:90:af:ab:e3:ff:aa:42:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:07:17:f4:bf:15:10:02:00:2e:f4:51:cb:f4:
be:c9:76:87:06:c8:10:51:e7:36:6b:22:2d:ef:68:
b2:ed:d1:80:e2:66:d2:8a:dd:c4:b6:4d:45:04:5e:
73:2d:a8:a8:c6:b8:aa:ae:f9:38:c4:dd:c2:28:8c:
f0:bd:46:35:d4:01:76:7b:49:c4:87:85:96:5c:e2:
1d:23:b9:1a:e4:0e:64:1a:33:3f:d2:13:e1:5b:2a:
aa:a2:6e:66:e0:00:15:78:28:78:ac:6c:b0:23:55:
4a:78:0e:c2:c3:67:c6:e6:dd:3e:2f:a8:b2:02:96:
01:25:ea:6f:65:d5:b2:41:7c:76:25:c8:61:53:d4:
6b:55:9d:2e:83:f8:f4:06:25:af:4c:97:1d:bc:0d:
e0:48:6c:61:96:92:8b:45:3e:6d:27:b2:25:f3:9f:
cc:05:f2:60:e9:96:bf:8c:67:b7:43:0d:7b:9a:27:
87:a8:db:42:d3:97:e3:77:19:da:09:51:17:dd:9d:
6c:71:13:3c:f9:1b:01:43:72:e3:59:69:12:02:10:
7e:8d:d8:40:ec:a6:89:ca:b9:41:0b:06:45:b6:6e:
6d:9f:b8:56:35:e4:6a:f6:d3:3e:88:b6:7f:c4:c2:
b6:84:89:ce:d5:52:68:47:4a:ed:24:30:a3:60:88:
11:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C3:1F:A9:AE:22:26:B0:A8:F4:35:0D:61:A8:28:65:F5:E7:2A:65
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/93fb8cf7-eb5c-4c22-89ab-1cabf9c9d510.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.125.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5c:df:21:f6:06:f3:29:f6:e1:9f:64:96:45:1a:5a:99:17:84:
19:23:ab:7b:e4:ca:f9:3a:52:be:d5:b4:eb:ed:89:fd:b0:13:
aa:4a:a9:d7:05:ae:5e:4d:f2:aa:c1:4d:29:a5:92:7d:2f:c8:
0a:49:6f:3f:68:4a:17:76:04:40:c6:97:67:ba:51:51:e4:0c:
8e:c1:e1:dc:95:29:20:04:fa:84:8d:b0:19:4c:84:c6:81:a7:
f2:00:a8:7d:ef:fd:ac:cb:56:b7:ba:5b:19:e1:4f:ef:44:0d:
8a:81:05:37:5d:3b:46:93:96:a7:bb:32:a1:ea:72:6e:42:e4:
37:65:57:84:44:a6:82:6d:c2:91:69:0e:33:ba:69:75:95:37:
89:0c:33:6d:56:07:7f:1c:4e:26:1e:01:c9:cd:58:84:5c:01:
a2:5e:72:bb:cc:59:37:bd:dc:15:91:11:73:61:fc:f5:08:2c:
cd:c6:ec:46:6d:63:13:45:80:97:6f:3c:9a:04:26:f7:cb:6c:
0d:d2:97:da:ba:62:9a:f6:ac:0d:ec:e5:15:1d:dd:8c:2d:89:
42:be:66:71:d2:5e:d3:9c:c8:55:0b:07:6e:f2:7d:92:57:71:
74:5e:c4:be:0b:4b:9a:2e:43:76:d3:e8:28:7f:88:ec:75:db:
07:66:c2:2a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUe5JNM7CanxUAUol6kK+r4/+qQmIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDc4NGE2NTQzZjFkMWVlNjFmMjM1MzQzYTU5NzQ5Njc3N2QyNTE2MjA2OGVh
OTZmNWQ2MTQyMjg5ZGRhYmM2OGQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwHF/S/FRACAC70Ucv0vsl2hwbIEFHnNmsiLe9osu3RgOJm0ordxLZNRQRe
cy2oqMa4qq75OMTdwiiM8L1GNdQBdntJxIeFllziHSO5GuQOZBozP9IT4VsqqqJu
ZuAAFXgoeKxssCNVSngOwsNnxubdPi+osgKWASXqb2XVskF8diXIYVPUa1WdLoP4
9AYlr0yXHbwN4EhsYZaSi0U+bSeyJfOfzAXyYOmWv4xnt0MNe5onh6jbQtOX43cZ
2glRF92dbHETPPkbAUNy41lpEgIQfo3YQOymicq5QQsGRbZubZ+4VjXkavbTPoi2
f8TCtoSJztVSaEdK7SQwo2CIEe8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRhwx+p
riImsKj0NQ1hqChl9ecqZTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTNmYjhjZjctZWI1Yy00YzIyLTg5YWItMWNhYmY5YzlkNTEwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN9MA0G
CSqGSIb3DQEBCwUAA4IBAQBc3yH2BvMp9uGfZJZFGlqZF4QZI6t75Mr5OlK+1bTr
7Yn9sBOqSqnXBa5eTfKqwU0ppZJ9L8gKSW8/aEoXdgRAxpdnulFR5AyOweHclSkg
BPqEjbAZTITGgafyAKh97/2sy1a3ulsZ4U/vRA2KgQU3XTtGk5anuzKh6nJuQuQ3
ZVeERKaCbcKRaQ4zuml1lTeJDDNtVgd/HE4mHgHJzViEXAGiXnK7zFk3vdwVkRFz
Yfz1CCzNxuxGbWMTRYCXbzyaBCb3y2wN0pfaumKa9qwN7OUVHd2MLYlCvmZx0l7T
nMhVCwdu8n2SV3F0XsS+C0uaLkN20+gof4jsddsHZsIq
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:02:58 2025 by rpki-client