Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
File: a461a201-5dfd-4f29-b790-759ae6e51a1f.roa (raw, json)
Hash identifier: PQDNVOTOnMAY07MeNMBJ3He+KjbX0V/DQDCZVH3zTAM=
Subject key identifier: 5C:32:85:EB:09:B3:F8:47:48:80:BF:C5:6F:80:1B:5A:B0:D6:E1:74
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 21C1FA47157DBD0B50051F59864CFF066D38BE26
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.104.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:c1:fa:47:15:7d:bd:0b:50:05:1f:59:86:4c:ff:06:6d:38:be:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:4d:12:d3:89:c5:e8:cf:02:a4:4c:c9:85:80:
fd:8f:de:cd:c1:6e:6e:76:4f:b7:23:3f:64:d4:5d:
35:5f:14:8e:3b:23:b1:a9:ce:2d:8e:c9:d8:a6:e3:
9b:2a:e5:79:89:86:40:f2:c3:a6:e3:d6:5f:5a:23:
89:ec:f1:e0:ef:70:15:96:58:6f:e8:e6:09:af:6d:
8a:86:6d:00:c0:aa:37:c6:85:cb:2e:b5:6e:90:31:
cb:5c:41:68:bf:14:8c:d8:33:11:96:a6:22:a5:f9:
4f:dd:9b:68:dc:88:00:1e:ce:6f:2c:fc:a8:1e:75:
ec:88:93:95:4e:56:3d:9e:a4:55:5d:8e:30:97:cd:
fc:35:bf:78:fa:3b:c9:ff:a5:b3:69:fe:01:60:b6:
72:b8:d7:33:ba:6e:c1:34:16:aa:1f:2a:e2:da:98:
76:ae:fd:3d:d0:a6:48:8a:d2:1e:ce:84:ec:3a:0d:
ed:6c:7e:a6:84:a0:af:b0:a8:b9:fb:5f:b9:fe:ca:
97:c4:78:3f:2b:00:24:cd:2a:03:67:13:c1:27:ae:
15:eb:90:b5:ef:76:f1:d2:7f:ab:95:6a:d9:3b:2e:
a3:7e:ed:98:ef:11:c8:2b:78:57:c2:33:27:03:8b:
25:00:32:fa:d5:94:61:56:33:9e:63:a5:5a:de:56:
88:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:32:85:EB:09:B3:F8:47:48:80:BF:C5:6F:80:1B:5A:B0:D6:E1:74
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a461a201-5dfd-4f29-b790-759ae6e51a1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.104.0/21
Signature Algorithm: sha256WithRSAEncryption
80:dc:dc:c5:ec:a2:f7:df:21:0e:3b:ac:7a:7a:8e:a7:5d:15:
81:fd:ce:d2:12:f6:eb:30:42:b9:88:cd:08:c2:a0:d3:15:b0:
48:41:e4:44:15:c0:5f:19:89:86:04:11:be:33:04:50:a5:0b:
cd:67:48:d4:82:c3:23:e2:99:76:0d:55:45:8e:1e:5d:76:1e:
77:93:49:14:18:3e:e0:95:9d:b7:0b:d9:ba:5f:fb:8e:62:0a:
ce:90:1f:34:14:f7:e9:24:43:c1:32:21:06:af:9a:ad:21:1f:
c0:22:bb:03:94:7f:26:7b:34:55:9a:a2:6b:2c:45:43:df:1e:
bf:ef:0a:b9:4f:ed:da:aa:99:93:0a:86:7c:85:86:f8:e8:d2:
c5:61:51:ca:58:02:48:66:79:0d:a3:1a:70:00:0a:ff:0d:ee:
c2:1b:d3:08:9a:e4:0d:2b:ea:99:8b:cb:f7:88:27:c7:a9:d9:
7f:a3:54:69:7e:50:6c:2f:43:87:07:d3:4f:10:a6:3f:c6:d0:
73:be:e5:f2:da:79:d5:13:a0:63:25:93:46:dd:8f:24:e8:09:
59:ed:f0:f3:1f:c1:c6:85:30:dd:8d:ef:ea:a9:0f:5e:fe:68:
a0:99:17:e7:c1:9d:59:9d:2c:a0:27:67:85:12:b7:8c:39:80:
d6:7d:a2:21
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIcH6RxV9vQtQBR9Zhkz/Bm04viYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjkwMDAwMDBaFw0yNTAxMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0ODc2M2M4YzRkZGI5M2IzMDY4ZGRiMTcxNDQ0ZDkwNzkwYjgxNzBjMzY1
YTgzZTA2OTZhMmY0NzRlY2QwMDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALFNEtOJxejPAqRMyYWA/Y/ezcFubnZPtyM/ZNRdNV8UjjsjsanOLY7J2Kbj
myrleYmGQPLDpuPWX1ojiezx4O9wFZZYb+jmCa9tioZtAMCqN8aFyy61bpAxy1xB
aL8UjNgzEZamIqX5T92baNyIAB7Obyz8qB517IiTlU5WPZ6kVV2OMJfN/DW/ePo7
yf+ls2n+AWC2crjXM7puwTQWqh8q4tqYdq79PdCmSIrSHs6E7DoN7Wx+poSgr7Co
uftfuf7Kl8R4PysAJM0qA2cTwSeuFeuQte928dJ/q5Vq2Tsuo37tmO8RyCt4V8Iz
JwOLJQAy+tWUYVYznmOlWt5WiPECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRcMoXr
CbP4R0iAv8VvgBtasNbhdDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTQ2MWEyMDEtNWRmZC00ZjI5LWI3OTAtNzU5YWU2ZTUxYTFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAaDAN
BgkqhkiG9w0BAQsFAAOCAQEAgNzcxeyi998hDjusenqOp10Vgf3O0hL26zBCuYjN
CMKg0xWwSEHkRBXAXxmJhgQRvjMEUKULzWdI1ILDI+KZdg1VRY4eXXYed5NJFBg+
4JWdtwvZul/7jmIKzpAfNBT36SRDwTIhBq+arSEfwCK7A5R/Jns0VZqiayxFQ98e
v+8KuU/t2qqZkwqGfIWG+OjSxWFRylgCSGZ5DaMacAAK/w3uwhvTCJrkDSvqmYvL
94gnx6nZf6NUaX5QbC9DhwfTTxCmP8bQc77l8tp51ROgYyWTRt2PJOgJWe3w8x/B
xoUw3Y3v6qkPXv5ooJkX58GdWZ0soCdnhRK3jDmA1n2iIQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:38 2025 by rpki-client