Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b135dbe-8c68-40c8-9510-c1daab9595af.roa
File: 9b135dbe-8c68-40c8-9510-c1daab9595af.roa (raw, json)
Hash identifier: SqqzhvSpf3tDmuArEoOVD2MWW+71Qai/G4LV4jvAIPg=
Subject key identifier: 4D:C5:D8:8E:17:94:4C:9A:F5:2E:2F:0F:EF:17:6C:5F:73:78:F1:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 1F0FC6406824B670C360E334711A8682F746ADA6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b135dbe-8c68-40c8-9510-c1daab9595af.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:0f:c6:40:68:24:b6:70:c3:60:e3:34:71:1a:86:82:f7:46:ad:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:0c:c5:70:31:4e:a7:49:b5:28:2c:bd:4a:c8:
12:bd:81:79:36:ab:aa:d0:e8:3a:c0:2d:21:a3:4b:
33:89:28:86:4e:ec:8d:30:27:c7:2e:55:a9:85:e3:
f1:cd:9e:74:12:d6:5a:b9:76:99:78:1e:31:9d:bb:
b5:43:2d:a5:2e:12:f1:5e:91:ef:68:0b:c6:a2:7e:
57:1c:f7:ab:26:fa:e3:d7:a8:cd:08:d8:c2:5b:16:
b7:a4:d2:00:97:8f:13:bc:61:66:85:68:74:96:5e:
76:d1:9a:1a:59:07:b4:71:89:21:ea:fb:ba:a1:d2:
92:42:98:ab:0e:58:bd:7f:57:87:f8:aa:70:c3:37:
18:eb:c9:a8:57:8c:4f:0f:4a:70:f7:a4:61:dc:25:
24:92:46:a7:e0:3a:72:5b:73:d5:90:f4:d9:c3:94:
b6:3f:4f:96:54:7d:a2:76:5c:9f:f2:ae:c6:39:47:
86:ca:fc:ec:43:aa:07:23:d1:ed:2f:58:63:70:47:
a4:8f:87:15:4f:42:c7:14:a0:f7:d2:61:30:b8:77:
02:3f:74:c7:5a:7a:15:c0:59:75:a6:b8:f4:63:6b:
84:08:e0:ac:fb:cf:9d:a0:64:fa:05:85:5e:71:f4:
43:34:d9:e7:20:18:13:bc:7d:c7:c7:19:db:f0:bf:
aa:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:C5:D8:8E:17:94:4C:9A:F5:2E:2F:0F:EF:17:6C:5F:73:78:F1:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9b135dbe-8c68-40c8-9510-c1daab9595af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
44:22:b2:0c:08:bc:78:a4:d0:64:8f:0a:81:62:3a:7f:b0:ca:
f3:d9:08:b8:7e:6f:84:87:8f:ea:3f:74:6b:1d:15:5b:ef:74:
de:09:0b:17:b2:86:df:ea:c3:57:f7:87:39:74:85:30:7a:13:
83:24:90:2b:53:3c:ec:0a:19:57:f3:7a:0d:aa:6a:8d:04:b7:
ac:df:9a:e9:cc:e0:db:3f:7d:e6:83:12:aa:d6:be:8b:2d:ac:
3c:95:e3:30:ad:f7:1c:bf:cc:e6:e1:63:35:0d:bf:2e:eb:a3:
37:b0:73:b6:3f:36:5c:12:27:a5:08:71:16:54:df:13:2e:28:
89:65:49:90:67:d0:91:da:5c:0b:10:f3:5b:d5:e1:03:29:2b:
97:f2:d2:75:b1:ca:cd:cc:e6:07:e5:b2:3f:cd:59:0d:5c:1f:
dd:ae:a3:89:0c:5e:35:9d:82:0a:26:9c:b3:ca:4a:ae:e4:c0:
df:4d:4a:d3:96:20:35:b6:fd:26:73:ea:a8:3b:5a:b5:48:ce:
28:3c:3f:85:4a:c8:c4:f3:f9:1b:ef:6b:01:1f:ef:d8:41:d7:
3d:73:79:f3:54:5f:e2:e6:bb:f5:87:90:06:f4:39:71:f8:94:
2b:89:71:58:1f:c5:d7:1e:75:bb:08:bd:82:5f:8f:f0:fd:1f:
cf:0d:ad:76
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUHw/GQGgktnDDYOM0cRqGgvdGraYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3ZmU1NTc5MTdkYzA4ZjI1NzE0NDZlMjcxM2JiZWE1MThmYzZkYzU0MjA4
YmVmYzYyMGJlYWUxZmVmYTI0MWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJoMxXAxTqdJtSgsvUrIEr2BeTarqtDoOsAtIaNLM4kohk7sjTAnxy5VqYXj
8c2edBLWWrl2mXgeMZ27tUMtpS4S8V6R72gLxqJ+Vxz3qyb649eozQjYwlsWt6TS
AJePE7xhZoVodJZedtGaGlkHtHGJIer7uqHSkkKYqw5YvX9Xh/iqcMM3GOvJqFeM
Tw9KcPekYdwlJJJGp+A6cltz1ZD02cOUtj9PllR9onZcn/KuxjlHhsr87EOqByPR
7S9YY3BHpI+HFU9CxxSg99JhMLh3Aj90x1p6FcBZdaa49GNrhAjgrPvPnaBk+gWF
XnH0QzTZ5yAYE7x9x8cZ2/C/qhUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRNxdiO
F5RMmvUuLw/vF2xfc3jxyTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWIxMzVkYmUtOGM2OC00MGM4LTk1MTAtYzFkYWFiOTU5NWFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQBEIrIMCLx4pNBkjwqBYjp/sMrz2Qi4fm+Eh4/qP3Rr
HRVb73TeCQsXsobf6sNX94c5dIUwehODJJArUzzsChlX83oNqmqNBLes35rpzODb
P33mgxKq1r6LLaw8leMwrfccv8zm4WM1Db8u66M3sHO2PzZcEielCHEWVN8TLiiJ
ZUmQZ9CR2lwLEPNb1eEDKSuX8tJ1scrNzOYH5bI/zVkNXB/drqOJDF41nYIKJpyz
ykqu5MDfTUrTliA1tv0mc+qoO1q1SM4oPD+FSsjE8/kb72sBH+/YQdc9c3nzVF/i
5rv1h5AG9Dlx+JQriXFYH8XXHnW7CL2CX4/w/R/PDa12
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:59:25 2025 by rpki-client