Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a4d0611b-6ace-49c7-bbb6-ff031993f658.roa
File: a4d0611b-6ace-49c7-bbb6-ff031993f658.roa (raw, json)
Hash identifier: zDXvQi1gbYB8evGwQWLpkZ+5DXtCNS7Tze0yxsHqCtI=
Subject key identifier: 4C:15:05:AD:F4:33:C4:C3:DD:FB:CA:52:98:EE:43:1A:0D:F3:C8:E2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 545FCCD0C80C1044928517661D643D85048B92CB
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a4d0611b-6ace-49c7-bbb6-ff031993f658.roa
Signing time: Mon 02 Dec 2024 00:00:00 +0000
ROA not before: Mon 02 Dec 2024 00:00:00 +0000
ROA not after: Mon 06 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.112.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:5f:cc:d0:c8:0c:10:44:92:85:17:66:1d:64:3d:85:04:8b:92:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 2 00:00:00 2024 GMT
Not After : Jan 6 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2d:c6:e8:33:47:76:68:79:21:78:4e:5c:eb:
ca:e8:46:56:d7:d2:ad:93:2e:07:6c:95:db:47:fc:
db:6f:f3:c6:99:f5:20:33:78:7b:da:45:53:fe:b6:
06:20:68:1c:d2:2c:b1:eb:6e:72:7e:1b:5b:df:cc:
b5:2b:25:d4:f1:7f:c2:ad:e9:d6:d3:d1:bb:2a:79:
11:1d:3d:88:1e:b2:c0:8c:2d:08:05:2c:e1:cb:b0:
d7:c5:a7:c4:05:83:39:3f:3e:71:ac:cb:0a:3f:af:
a5:3c:e8:63:c0:cb:a2:97:4d:b2:3a:75:e6:db:c6:
df:0d:f1:55:f3:14:53:ae:a9:e3:7d:58:89:4c:66:
4d:6f:88:c3:8d:ad:5b:43:aa:6f:c5:cf:b8:b3:cd:
03:99:52:2e:14:53:97:d5:a5:37:56:be:73:86:b5:
f6:92:5c:83:80:d0:c9:37:b5:74:7f:af:e3:ef:3b:
72:84:d9:97:2b:41:65:8f:ec:c4:cd:dd:da:99:27:
5a:3a:42:31:58:ed:8c:f3:ad:3b:d8:44:3e:d5:bc:
93:f6:54:3d:6f:b6:6c:10:b1:f9:a7:be:cb:c7:76:
cb:e5:0c:74:de:4a:41:81:53:6c:04:94:cc:42:e3:
a1:64:dd:f8:0b:fc:ae:80:a0:c2:75:7e:7a:0a:77:
86:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:15:05:AD:F4:33:C4:C3:DD:FB:CA:52:98:EE:43:1A:0D:F3:C8:E2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a4d0611b-6ace-49c7-bbb6-ff031993f658.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.112.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b7:f8:38:3c:9c:3b:bf:1b:c0:1f:5a:68:6c:e7:92:0b:20:e5:
7c:44:34:3d:46:a1:c7:a5:1f:73:d2:9f:67:2e:d6:66:4b:5d:
27:de:a0:4c:ae:a2:45:62:ff:0d:f7:7c:8a:e3:ae:55:4f:57:
7a:d9:fb:e5:c4:0a:8f:b2:96:e2:25:fc:82:41:d8:91:5d:d6:
38:21:10:3b:8b:c3:f3:61:45:b4:53:c8:2b:10:54:0e:3f:17:
a0:0d:e5:89:83:f3:f7:03:a6:74:52:ed:63:7b:97:ff:82:56:
f2:a7:77:b5:13:45:cd:ac:f6:2b:16:37:fb:32:2e:d7:6b:19:
d6:9a:b7:e9:f3:74:28:f5:12:5b:2b:d5:50:76:74:99:8e:de:
11:22:26:78:9f:2e:fe:39:8a:ef:c2:57:c2:5e:2a:ea:b0:b0:
ce:35:41:0b:3a:53:e7:ef:7d:92:06:7b:d5:0b:83:db:32:a9:
62:6f:b9:26:02:f0:b7:f1:d5:7e:22:ac:b5:d3:f9:bd:8b:56:
74:76:3f:de:de:d3:55:84:7e:0e:a6:9d:cc:1f:32:c9:52:e4:
04:e8:e9:4e:0b:5c:78:d5:56:9d:df:c4:f1:b0:13:fb:aa:93:
05:21:ca:97:b4:b2:a9:fa:51:1a:5e:ea:ae:03:74:fa:af:5a:
95:b4:2b:5c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVF/M0MgMEESShRdmHWQ9hQSLksswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMDIwMDAwMDBaFw0yNTAxMDYyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0ZWZhMWMzZTM2NTdmNGJiNGNiODZhZDY3MWUzNzNlNjQ2ODBhM2QwYmU2
OTg5MjhjNmZiNGRiNmExNzg5ZmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALwtxugzR3ZoeSF4TlzryuhGVtfSrZMuB2yV20f822/zxpn1IDN4e9pFU/62
BiBoHNIssetucn4bW9/MtSsl1PF/wq3p1tPRuyp5ER09iB6ywIwtCAUs4cuw18Wn
xAWDOT8+cazLCj+vpTzoY8DLopdNsjp15tvG3w3xVfMUU66p431YiUxmTW+Iw42t
W0Oqb8XPuLPNA5lSLhRTl9WlN1a+c4a19pJcg4DQyTe1dH+v4+87coTZlytBZY/s
xM3d2pknWjpCMVjtjPOtO9hEPtW8k/ZUPW+2bBCx+ae+y8d2y+UMdN5KQYFTbASU
zELjoWTd+Av8roCgwnV+egp3hmUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRMFQWt
9DPEw937ylKY7kMaDfPI4jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTRkMDYxMWItNmFjZS00OWM3LWJiYjYtZmYwMzE5OTNmNjU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNwMA0G
CSqGSIb3DQEBCwUAA4IBAQC3+Dg8nDu/G8AfWmhs55ILIOV8RDQ9RqHHpR9z0p9n
LtZmS10n3qBMrqJFYv8N93yK465VT1d62fvlxAqPspbiJfyCQdiRXdY4IRA7i8Pz
YUW0U8grEFQOPxegDeWJg/P3A6Z0Uu1je5f/glbyp3e1E0XNrPYrFjf7Mi7XaxnW
mrfp83Qo9RJbK9VQdnSZjt4RIiZ4ny7+OYrvwlfCXirqsLDONUELOlPn732SBnvV
C4PbMqlib7kmAvC38dV+Iqy10/m9i1Z0dj/e3tNVhH4Opp3MHzLJUuQE6OlOC1x4
1Vad38TxsBP7qpMFIcqXtLKp+lEaXuquA3T6r1qVtCtc
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:39:31 2025 by rpki-client