Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c739e23-5bae-43bd-bade-a1f5158b6cc3.roa
File: 9c739e23-5bae-43bd-bade-a1f5158b6cc3.roa (raw, json)
Hash identifier: SfNCq/+gCJU7lLL3knVXcmBnCmoIkjo5RorwIq1lDJk=
Subject key identifier: 6A:55:B4:F2:0D:E6:93:89:CC:22:86:51:62:36:5D:0E:88:C2:C5:C8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 79215170ABC74912E90EA5C421150E60914F0CB1
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c739e23-5bae-43bd-bade-a1f5158b6cc3.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:21:51:70:ab:c7:49:12:e9:0e:a5:c4:21:15:0e:60:91:4f:0c:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:be:bd:c6:ae:a8:b0:78:7a:34:47:7c:ac:94:
8e:8c:63:7b:f6:79:2d:17:95:b3:f9:c6:6b:bb:ec:
dd:41:d2:12:a3:9d:8f:74:12:eb:69:0e:87:0f:d7:
32:24:62:eb:cf:d5:c1:87:4f:bb:17:9d:a3:73:7b:
3e:7f:95:2b:38:e8:1b:2d:c6:f2:32:73:8b:4c:37:
5d:f4:77:e4:d1:69:f9:bc:3a:5d:e5:6e:2e:df:b1:
08:29:fe:62:f5:00:c0:e6:07:f7:1c:98:f8:d1:f5:
ef:9e:37:27:7a:a7:7e:30:6c:58:24:08:22:7d:cc:
bb:a8:4a:83:15:43:b7:73:ee:3a:a8:7c:fc:a4:fc:
a3:84:b4:45:ef:f1:7b:2b:9d:7a:51:df:70:58:d9:
59:52:04:28:42:30:47:9f:7f:d4:c6:22:84:99:97:
fc:0c:5b:b0:35:dc:74:8a:b9:48:68:94:1b:cd:8d:
08:b3:bf:07:56:19:fe:c3:4c:20:80:9b:9d:5e:1e:
a6:92:66:76:72:c8:9f:14:3f:f9:12:e9:36:f8:0f:
0b:02:1b:85:82:95:e0:aa:69:ff:75:62:f8:99:03:
e1:1a:99:6e:3d:75:71:19:3e:c1:92:00:fa:1c:4e:
d5:95:27:e1:00:0a:32:29:6d:9f:73:79:cb:e6:ea:
67:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:55:B4:F2:0D:E6:93:89:CC:22:86:51:62:36:5D:0E:88:C2:C5:C8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/9c739e23-5bae-43bd-bade-a1f5158b6cc3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b2:00:2a:5f:ed:67:e3:13:00:1f:9b:16:dd:8e:40:48:8e:11:
0e:5a:13:25:28:ef:f0:68:33:de:d3:6a:2f:7a:6f:00:11:ed:
ed:e8:54:ae:bf:69:4b:b3:ba:ec:a6:df:1e:f0:91:19:af:68:
8d:01:86:d5:0f:00:fc:b2:3f:3b:87:bb:2d:69:f1:fb:f8:86:
17:ee:ac:70:b4:15:78:bc:85:b0:c6:a2:99:71:a1:0e:1f:2c:
49:c3:7e:09:aa:85:82:6e:a5:ff:8e:d2:ac:0d:15:ba:3a:dc:
79:5e:60:2b:e9:a2:97:82:6d:c3:8d:84:3b:ad:f2:8a:f6:8d:
d7:ae:bf:b8:e9:74:02:c4:03:f4:50:ae:24:7e:d6:98:da:11:
bb:6b:a7:a7:da:f1:e7:be:a9:de:36:b8:01:53:b4:c4:48:00:
3d:cb:39:60:ee:f3:a9:bf:24:08:94:4f:66:4a:37:68:61:d5:
4b:bf:8e:4b:43:8f:ae:57:28:1e:65:04:c1:50:60:63:7b:81:
8d:1a:12:4e:89:46:94:51:fc:01:d9:2e:06:16:53:52:60:ed:
9b:a7:10:72:b2:b6:3c:ea:d2:04:96:6a:05:32:81:ac:e8:fe:
82:ec:7e:71:b7:b0:1e:62:ab:c6:b4:65:65:62:87:e9:fc:ba:
5e:0a:52:aa
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUeSFRcKvHSRLpDqXEIRUOYJFPDLEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjYTllZGFiMWE0NzA3ZTkxOTdlYTIwODdhNGJkZjM3MDg2MmIzYzZlZGNi
ZjIzNDQ0MDhiMjc1MWE0MDYwOWMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKy+vcauqLB4ejRHfKyUjoxje/Z5LReVs/nGa7vs3UHSEqOdj3QS62kOhw/X
MiRi68/VwYdPuxedo3N7Pn+VKzjoGy3G8jJzi0w3XfR35NFp+bw6XeVuLt+xCCn+
YvUAwOYH9xyY+NH17543J3qnfjBsWCQIIn3Mu6hKgxVDt3PuOqh8/KT8o4S0Re/x
eyudelHfcFjZWVIEKEIwR59/1MYihJmX/AxbsDXcdIq5SGiUG82NCLO/B1YZ/sNM
IICbnV4eppJmdnLInxQ/+RLpNvgPCwIbhYKV4Kpp/3Vi+JkD4RqZbj11cRk+wZIA
+hxO1ZUn4QAKMiltn3N5y+bqZ4kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRqVbTy
DeaTicwihlFiNl0OiMLFyDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OWM3MzllMjMtNWJhZS00M2JkLWJhZGUtYTFmNTE1OGI2Y2MzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQCyACpf7WfjEwAfmxbdjkBIjhEOWhMlKO/waDPe02ov
em8AEe3t6FSuv2lLs7rspt8e8JEZr2iNAYbVDwD8sj87h7stafH7+IYX7qxwtBV4
vIWwxqKZcaEOHyxJw34JqoWCbqX/jtKsDRW6Otx5XmAr6aKXgm3DjYQ7rfKK9o3X
rr+46XQCxAP0UK4kftaY2hG7a6en2vHnvqneNrgBU7TESAA9yzlg7vOpvyQIlE9m
SjdoYdVLv45LQ4+uVygeZQTBUGBje4GNGhJOiUaUUfwB2S4GFlNSYO2bpxBysrY8
6tIElmoFMoGs6P6C7H5xt7AeYqvGtGVlYofp/LpeClKq
-----END CERTIFICATE-----
Generated at Tue Apr 8 10:39:22 2025 by rpki-client