Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa
File: a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa (raw, json)
Hash identifier: 29IrB6NPsYJvbcTgKKOKXADXhBEV4IqYFP83x1f5Sb0=
Subject key identifier: 00:0E:90:B6:F6:00:BC:30:FC:61:34:89:41:3B:DF:31:AE:42:78:20
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C12CF4A230F984205AB03A48EF3ABC56084376C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.164.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:12:cf:4a:23:0f:98:42:05:ab:03:a4:8e:f3:ab:c5:60:84:37:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:60:d1:5e:26:de:20:17:41:11:79:9d:f0:96:
f8:ca:41:7d:8e:18:d3:07:6a:ab:72:7d:19:2c:f9:
0e:15:28:39:c2:9c:af:46:7e:6c:08:fc:cd:c2:80:
b9:d8:49:e0:99:d5:08:6c:03:33:a5:0c:47:03:d4:
be:8d:84:2d:a9:20:4a:00:b7:a8:e5:c3:ec:46:5c:
b7:81:17:03:d6:dc:01:64:3d:b2:57:76:df:54:7c:
af:8f:90:4e:2d:08:9c:0d:da:e6:c8:36:ea:88:d4:
3f:d4:13:e3:cf:8e:09:c4:a4:da:e5:41:6b:a1:23:
e4:d5:56:92:fa:c3:72:a0:8a:a2:5c:61:68:a6:61:
1c:11:11:7d:00:dc:fd:7e:f9:d8:48:44:de:28:33:
79:a2:1d:4a:05:57:f6:e0:26:dc:cd:c7:25:55:4f:
60:c1:2c:e6:76:c8:b8:f2:b7:ba:f8:01:e7:56:f4:
6b:56:88:eb:be:9b:ce:d2:47:c1:63:3a:25:0c:ce:
f9:ea:3a:23:d4:6b:c3:80:f8:af:a3:e2:ea:4b:67:
81:ed:d0:f3:35:78:1c:24:8d:2d:90:11:67:b7:bf:
59:5d:ea:62:3a:27:0a:8f:55:42:7f:c8:45:8f:98:
74:65:2d:fb:c4:8f:49:e6:74:e5:e6:df:05:a8:b0:
04:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:0E:90:B6:F6:00:BC:30:FC:61:34:89:41:3B:DF:31:AE:42:78:20
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a2ec30ed-974a-43a5-b46e-c1e08243cbdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.164.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b4:0a:44:fe:86:33:7a:a5:62:af:38:23:95:e2:00:fe:e4:0c:
32:da:f0:cb:f1:b6:48:ec:2c:86:90:00:9e:1a:79:6a:03:49:
fa:fb:16:f0:d7:35:ea:32:a9:dc:ab:b7:d4:e3:5d:db:a4:df:
0e:ff:29:2b:cc:b6:ff:c5:ea:11:74:01:21:60:a5:89:6e:a9:
28:ef:e9:b0:0b:69:c0:47:48:14:4b:8e:8c:54:05:67:2c:72:
8d:cb:47:a9:db:d7:a4:ad:d7:32:b4:86:3e:a1:98:60:2f:1f:
32:d0:e7:a2:13:37:8f:83:7b:db:f2:10:04:dd:08:fe:41:1e:
81:14:09:97:d4:b1:c3:b8:94:ca:21:96:2b:62:22:14:d6:6c:
95:a0:98:c9:a5:89:ca:24:11:5a:0d:61:d9:0f:cf:4e:30:ec:
3d:2c:0e:01:5e:0b:b8:73:51:12:8a:46:dd:33:af:a9:a8:b0:
67:f0:0b:c4:e5:44:63:f8:10:92:11:89:17:32:6f:c0:ea:68:
40:c1:84:74:34:57:be:79:a3:4d:5d:c2:1f:b5:e0:6e:ee:6e:
3e:70:0c:8a:6f:e4:09:4a:6a:26:11:35:6f:ba:48:20:66:48:
bb:66:58:42:2a:b9:f1:75:d6:9f:46:5f:bf:56:1e:a4:a2:82:
b0:8f:7f:d8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDBLPSiMPmEIFqwOkjvOrxWCEN2wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM1Y2ZkNTExYzgzNmFlYWEyYjMzYWNjMjllNGE5MmNmMGMwOWY4ZWI1ZmFi
ZTE0MTRiMDM2NmE3NThlZjUzYzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZg0V4m3iAXQRF5nfCW+MpBfY4Y0wdqq3J9GSz5DhUoOcKcr0Z+bAj8zcKA
udhJ4JnVCGwDM6UMRwPUvo2ELakgSgC3qOXD7EZct4EXA9bcAWQ9sld231R8r4+Q
Ti0InA3a5sg26ojUP9QT48+OCcSk2uVBa6Ej5NVWkvrDcqCKolxhaKZhHBERfQDc
/X752EhE3igzeaIdSgVX9uAm3M3HJVVPYMEs5nbIuPK3uvgB51b0a1aI676bztJH
wWM6JQzO+eo6I9Rrw4D4r6Pi6ktnge3Q8zV4HCSNLZARZ7e/WV3qYjonCo9VQn/I
RY+YdGUt+8SPSeZ05ebfBaiwBPsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQADpC2
9gC8MPxhNIlBO98xrkJ4IDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTJlYzMwZWQtOTc0YS00M2E1LWI0NmUtYzFlMDgyNDNjYmRiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOkMA0G
CSqGSIb3DQEBCwUAA4IBAQC0CkT+hjN6pWKvOCOV4gD+5Awy2vDL8bZI7CyGkACe
GnlqA0n6+xbw1zXqMqncq7fU413bpN8O/ykrzLb/xeoRdAEhYKWJbqko7+mwC2nA
R0gUS46MVAVnLHKNy0ep29ekrdcytIY+oZhgLx8y0OeiEzePg3vb8hAE3Qj+QR6B
FAmX1LHDuJTKIZYrYiIU1myVoJjJpYnKJBFaDWHZD89OMOw9LA4BXgu4c1ESikbd
M6+pqLBn8AvE5URj+BCSEYkXMm/A6mhAwYR0NFe+eaNNXcIfteBu7m4+cAyKb+QJ
SmomETVvukggZki7ZlhCKrnxddafRl+/Vh6kooKwj3/Y
-----END CERTIFICATE-----
Generated at Tue Apr 8 09:47:07 2025 by rpki-client