Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa
File: b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa (raw, json)
Hash identifier: R6ZqnZ+/tfmbzEZOer5uDhvU/4mrmd17v/++AhDsGCo=
Subject key identifier: 86:A8:C2:38:4E:56:CD:3D:65:89:53:82:DB:B8:6D:4C:E5:80:6A:98
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 29374AD8C13DACC1CC6ACB3EA3CE5E1757D711E7
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.3.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:37:4a:d8:c1:3d:ac:c1:cc:6a:cb:3e:a3:ce:5e:17:57:d7:11:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:41:e4:4e:dd:d5:af:a6:1b:d2:e2:bb:de:e3:
7f:52:19:ab:d8:52:92:1c:95:18:e5:1a:47:21:ab:
12:37:c1:19:3c:00:80:d0:4f:3e:87:34:3a:fe:25:
12:34:57:ef:87:9f:95:cc:14:7b:1c:bd:1e:44:75:
5d:07:2d:4a:99:9b:09:b8:5a:0a:41:8b:2b:b3:98:
25:07:3c:bc:3f:1f:03:27:ee:58:0a:b1:3f:11:5c:
7d:4a:76:8d:b6:11:2c:67:7e:db:fd:dd:ea:7c:b2:
2b:93:f4:13:b5:e6:52:81:b3:3b:7e:b4:31:f7:bc:
bf:73:6e:e9:4d:ee:a2:7d:b7:72:c3:e5:62:8c:f9:
c3:18:51:0f:5e:c4:04:25:39:39:63:97:37:cb:31:
d8:84:c5:48:72:6f:4c:6e:98:eb:b6:80:4c:7e:fa:
fa:65:8e:33:03:a7:0d:8f:65:36:b2:47:23:a0:5d:
db:23:a2:48:86:ff:59:5b:e2:c7:44:e4:6c:b4:0c:
d3:33:33:a4:33:43:f1:35:4d:97:39:12:a7:ce:66:
1d:d0:84:94:90:a2:7b:02:96:32:a5:4b:b1:61:4a:
0e:4a:8b:6e:f9:4e:03:8b:a7:ae:8b:c0:29:77:76:
06:35:21:58:4e:0a:91:00:5b:33:43:bb:0e:13:e1:
aa:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:A8:C2:38:4E:56:CD:3D:65:89:53:82:DB:B8:6D:4C:E5:80:6A:98
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b1f8fa83-54f1-44cc-a915-6249a6f6a284.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.3.0.0/16
Signature Algorithm: sha256WithRSAEncryption
55:1e:22:64:d8:39:77:53:c0:17:55:0b:0d:a8:2d:b9:58:46:
f4:45:33:55:9b:ea:54:32:46:7e:18:75:53:fd:87:9e:78:0a:
d0:ce:37:f7:dc:d8:ef:c5:02:32:ec:45:11:12:f4:16:dc:a7:
ee:ed:e0:a1:8c:67:c2:a0:48:b1:2f:4b:cc:20:aa:cb:62:a0:
75:f9:10:b9:31:51:7f:a7:14:24:2a:63:85:98:f5:14:7e:39:
ef:a6:63:cd:e6:6d:b1:2e:9a:d1:6b:3d:4d:b0:f9:1b:76:3b:
31:2b:d2:1c:d1:74:8e:87:a0:8b:3f:cb:5a:b0:5f:0e:9c:52:
81:9e:35:a2:a0:88:08:3c:c7:53:e5:de:9e:04:c9:66:61:6c:
34:14:81:1e:d3:48:22:a3:44:0c:c2:d5:a0:5a:60:11:f0:c4:
27:61:d8:61:06:6e:98:85:56:84:5d:97:c6:44:04:16:36:9c:
da:66:5f:97:22:cb:15:73:ce:8c:8f:cf:d9:01:76:24:a1:93:
68:6d:fa:e0:71:75:84:08:31:50:d0:63:46:40:2a:64:f6:ee:
68:3a:3c:b0:50:36:c9:ba:15:31:a1:45:55:47:b3:64:b3:00:
31:c7:6c:ca:f8:69:5c:69:3b:c5:90:fe:4f:0a:b8:c0:7b:6f:
e8:44:f9:2c
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKTdK2ME9rMHMass+o85eF1fXEecwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFmMzM0MDM3MGRkYWIyOGI0MjI0MjAzMjZlOGFiNzRiMWNmNzI2NDFmMzE5
YWEzNmEyNTBiODFiZTU3MjljMGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJJB5E7d1a+mG9Liu97jf1IZq9hSkhyVGOUaRyGrEjfBGTwAgNBPPoc0Ov4l
EjRX74eflcwUexy9HkR1XQctSpmbCbhaCkGLK7OYJQc8vD8fAyfuWAqxPxFcfUp2
jbYRLGd+2/3d6nyyK5P0E7XmUoGzO360Mfe8v3Nu6U3uon23csPlYoz5wxhRD17E
BCU5OWOXN8sx2ITFSHJvTG6Y67aATH76+mWOMwOnDY9lNrJHI6Bd2yOiSIb/WVvi
x0TkbLQM0zMzpDND8TVNlzkSp85mHdCElJCiewKWMqVLsWFKDkqLbvlOA4unrovA
KXd2BjUhWE4KkQBbM0O7DhPhqhcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSGqMI4
TlbNPWWJU4LbuG1M5YBqmDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YjFmOGZhODMtNTRmMS00NGNjLWE5MTUtNjI0OWE2ZjZhMjg0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMDMA0G
CSqGSIb3DQEBCwUAA4IBAQBVHiJk2Dl3U8AXVQsNqC25WEb0RTNVm+pUMkZ+GHVT
/YeeeArQzjf33NjvxQIy7EUREvQW3Kfu7eChjGfCoEixL0vMIKrLYqB1+RC5MVF/
pxQkKmOFmPUUfjnvpmPN5m2xLprRaz1NsPkbdjsxK9Ic0XSOh6CLP8tasF8OnFKB
njWioIgIPMdT5d6eBMlmYWw0FIEe00gio0QMwtWgWmAR8MQnYdhhBm6YhVaEXZfG
RAQWNpzaZl+XIssVc86Mj8/ZAXYkoZNobfrgcXWECDFQ0GNGQCpk9u5oOjywUDbJ
uhUxoUVVR7NkswAxx2zK+GlcaTvFkP5PCrjAe2/oRPks
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:38:35 2025 by rpki-client