Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
File: bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa (raw, json)
Hash identifier: zOSHew75DYgncJuSi6+7l6jXun9msmhn/QbTN2lKmSs=
Subject key identifier: 0B:AF:BC:FC:EF:4F:B0:7A:AE:E1:6D:BD:62:4D:E6:46:47:7C:59:25
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 61387AB58625576D9D67AE16F8F942920C634454
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:38:7a:b5:86:25:57:6d:9d:67:ae:16:f8:f9:42:92:0c:63:44:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1b:22:d4:df:a6:37:d4:65:c7:d8:12:98:b9:
75:f3:15:6e:02:c0:dc:dd:f4:27:36:99:5b:9f:8e:
42:36:14:bf:47:94:97:f1:32:cc:34:e0:e6:1b:16:
ca:53:5e:67:e3:51:8c:ef:28:8e:b8:0a:dd:68:9f:
17:22:38:80:0f:8f:4d:3d:dc:d7:5b:35:d0:8c:1c:
74:5c:02:89:21:b4:f7:22:9f:d5:ca:aa:cb:f5:f5:
ad:59:88:3d:81:d2:2a:e6:6c:5b:55:76:5d:f7:56:
32:93:12:14:be:4f:83:fd:1e:b4:fd:51:de:34:99:
48:15:98:cd:bd:ee:4d:76:29:92:f6:c8:83:d9:fd:
8a:9a:72:28:c1:ba:fc:60:92:44:44:a0:92:bb:6e:
e8:2c:b7:be:f3:95:1c:d8:94:9c:c8:93:35:a7:97:
dc:2e:28:45:b9:0b:50:85:ac:fd:19:eb:59:c3:1f:
c0:33:e7:f2:3e:c5:2f:9d:15:95:fa:e4:76:25:fb:
fd:ea:c8:cc:aa:48:ea:b2:06:6d:a9:c7:ef:1f:01:
01:8f:6c:3b:60:98:e6:ac:ab:58:90:72:b1:08:7e:
2c:02:ca:0d:3c:68:a0:ec:62:0b:cf:f0:ca:b1:ba:
94:42:ac:79:f2:1e:33:ed:50:83:06:96:96:04:5f:
49:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:AF:BC:FC:EF:4F:B0:7A:AE:E1:6D:BD:62:4D:E6:46:47:7C:59:25
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bc2f4f9f-62ab-4d53-895c-22469f5cbef3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
21:78:da:66:9d:4f:ba:ff:34:6f:f6:0f:c9:3d:81:f0:68:c6:
47:e7:9c:f1:74:10:ca:48:dc:fc:d3:03:ac:f9:57:33:f1:54:
24:be:24:1f:a7:cd:46:5e:8d:44:b5:63:25:c6:19:3b:56:94:
bb:45:32:45:91:cc:f9:9d:9b:7c:c8:db:cf:67:3b:e2:12:cb:
5e:83:4d:a4:65:34:68:54:48:2c:67:4a:5b:84:87:3e:a8:7f:
46:8b:c4:90:87:94:ee:cf:77:af:0b:6f:46:cc:28:dd:3c:33:
c4:45:1d:c8:27:17:dd:aa:6d:bc:7a:aa:27:c4:dc:9f:7b:94:
ca:4b:83:6f:78:8f:77:ea:8e:44:a6:2a:30:1b:c1:eb:ef:1b:
cb:ab:b6:4a:19:c3:7c:f9:30:7d:e3:e3:0f:24:4d:b6:6a:6f:
ac:e4:88:e5:28:88:50:da:d0:ed:fd:99:d7:02:bb:15:52:8c:
cc:d8:0a:87:5c:20:80:dc:93:c0:47:78:6f:9c:38:04:92:66:
0b:06:46:48:7e:a9:1f:91:51:8f:45:34:6d:51:b2:c7:cf:16:
37:2e:2f:6a:07:61:9e:91:24:88:ad:a9:4f:21:75:e3:1d:14:
b7:c5:f7:f8:3d:47:60:92:af:57:7d:fb:82:6a:f4:e1:c9:14:
82:d4:ba:f4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYTh6tYYlV22dZ64W+PlCkgxjRFQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE4MWRiNDFkYzg1MjA4ZDJhYmUzOWFlNGRkZjhhODk3Yjg4Y2YyOWYyYzkw
MzZmZGM5NTk2OTkzMzRjMDY1MmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMwbItTfpjfUZcfYEpi5dfMVbgLA3N30JzaZW5+OQjYUv0eUl/EyzDTg5hsW
ylNeZ+NRjO8ojrgK3WifFyI4gA+PTT3c11s10IwcdFwCiSG09yKf1cqqy/X1rVmI
PYHSKuZsW1V2XfdWMpMSFL5Pg/0etP1R3jSZSBWYzb3uTXYpkvbIg9n9ippyKMG6
/GCSRESgkrtu6Cy3vvOVHNiUnMiTNaeX3C4oRbkLUIWs/RnrWcMfwDPn8j7FL50V
lfrkdiX7/erIzKpI6rIGbanH7x8BAY9sO2CY5qyrWJBysQh+LALKDTxooOxiC8/w
yrG6lEKsefIeM+1QgwaWlgRfSb0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQLr7z8
70+weq7hbb1iTeZGR3xZJTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmMyZjRmOWYtNjJhYi00ZDUzLTg5NWMtMjI0NjlmNWNiZWYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQAheNpmnU+6/zRv9g/JPYHwaMZH55zxdBDKSNz80wOs
+Vcz8VQkviQfp81GXo1EtWMlxhk7VpS7RTJFkcz5nZt8yNvPZzviEsteg02kZTRo
VEgsZ0pbhIc+qH9Gi8SQh5Tuz3evC29GzCjdPDPERR3IJxfdqm28eqonxNyfe5TK
S4NveI936o5EpiowG8Hr7xvLq7ZKGcN8+TB94+MPJE22am+s5IjlKIhQ2tDt/ZnX
ArsVUozM2AqHXCCA3JPAR3hvnDgEkmYLBkZIfqkfkVGPRTRtUbLHzxY3Li9qB2Ge
kSSIralPIXXjHRS3xff4PUdgkq9XffuCavThyRSC1Lr0
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:13:33 2025 by rpki-client