Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/be32e063-2484-4f24-b3d4-21b5c8f55455.roa
File: be32e063-2484-4f24-b3d4-21b5c8f55455.roa (raw, json)
Hash identifier: 3lzqPAdOgsQr6yhU37/N2Gx9KNLL+MVCPgcZTnBg8Kk=
Subject key identifier: 39:C9:94:66:6B:9B:5B:F2:B6:E2:42:DF:C5:69:52:89:96:CD:08:A2
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3E21F14A4955D7066BB9087B358C745ECFA5377A
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/be32e063-2484-4f24-b3d4-21b5c8f55455.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:21:f1:4a:49:55:d7:06:6b:b9:08:7b:35:8c:74:5e:cf:a5:37:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:46:ce:40:6c:f5:fe:83:99:5c:8a:27:42:39:
f7:9a:c6:45:89:57:da:29:cc:70:67:96:aa:0e:a1:
82:14:50:c2:bc:b3:3c:51:32:f8:1a:b0:08:d0:55:
dd:8d:a9:41:4e:80:1e:2f:3d:08:33:8b:aa:1b:f8:
5b:11:05:0f:4f:e9:71:ea:7c:b1:56:22:95:1f:3f:
3c:d5:04:b8:fc:c4:48:74:cc:d1:b4:b9:6d:76:d4:
91:86:9b:36:9b:5e:e6:d0:56:99:fc:4c:f4:9f:23:
64:c3:a5:ac:90:99:71:5c:02:1f:d7:c3:f8:82:6f:
c9:c7:4a:96:04:20:80:a9:c4:d0:2c:ce:bf:d1:63:
31:01:4d:6d:dd:5e:7b:1a:1b:04:cb:57:57:2a:8b:
c2:ee:64:57:b6:30:4e:cf:5b:f7:98:8a:c9:62:ea:
11:9c:66:af:08:78:63:fb:f4:60:c5:ca:7e:9e:52:
d4:8f:48:2f:c7:85:e0:d1:a5:e3:74:44:12:1d:63:
5d:3e:84:fe:50:f5:a8:e2:ee:ec:b7:92:6b:73:11:
a5:32:1d:51:3f:0f:c7:cd:42:d3:e2:13:95:d7:14:
28:fc:24:2a:e9:af:38:fc:d7:0a:0b:6d:9e:cb:3f:
82:20:94:3a:0f:2e:79:67:41:59:f7:14:65:ce:07:
06:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:C9:94:66:6B:9B:5B:F2:B6:E2:42:DF:C5:69:52:89:96:CD:08:A2
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/be32e063-2484-4f24-b3d4-21b5c8f55455.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
8c:fd:6f:53:4d:b0:b9:9c:8b:e0:b8:50:bf:2e:7f:c5:c5:5c:
65:2f:e4:85:1c:5f:a0:62:22:37:67:c3:c3:1e:49:a1:a4:a5:
2b:a6:3b:9d:88:f8:e9:a3:46:d9:70:40:2b:37:09:c8:ed:a1:
a6:1c:bc:48:62:5b:3e:72:5a:87:d3:e1:43:ff:8a:6e:77:f1:
77:4e:83:b3:b4:f6:e3:b4:71:f2:0b:7d:4b:ee:ae:83:89:43:
36:99:c7:d4:38:35:26:0f:ca:36:64:a6:6d:08:c0:df:93:3d:
61:63:ca:4f:81:9a:01:dc:bb:fa:70:78:78:1a:a4:50:5d:d5:
db:2e:86:49:ed:bf:89:93:58:a3:d1:10:b3:b9:e6:08:39:53:
eb:56:0e:d2:9c:f5:bb:d7:1f:81:29:02:98:66:86:00:42:51:
a0:dc:79:97:38:fe:43:a7:2c:d6:bd:24:f7:a7:44:a0:73:fe:
db:82:63:f7:8f:b3:bf:d3:0d:29:ce:a5:80:14:3e:73:a3:c9:
82:d1:d2:75:42:96:98:1e:02:45:d2:7c:ec:f3:ef:ef:5a:87:
e8:8e:50:3a:57:e0:d1:9c:d9:23:c7:e6:f8:e7:c7:0a:e3:10:
60:af:fd:98:f9:02:87:8a:9c:30:82:b1:8e:65:66:a0:b0:5a:
f0:73:56:64
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPiHxSklV1wZruQh7NYx0Xs+lN3owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDBjMWZiYWY3OTM2N2QxMzcwOTVjNmJhZDZiZmRiNTM5MWU3M2ZmNjc1ZDUx
OTM2NDg2MzlkMGE5NGRkMmE4NWYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJlGzkBs9f6DmVyKJ0I595rGRYlX2inMcGeWqg6hghRQwryzPFEy+BqwCNBV
3Y2pQU6AHi89CDOLqhv4WxEFD0/pcep8sVYilR8/PNUEuPzESHTM0bS5bXbUkYab
Npte5tBWmfxM9J8jZMOlrJCZcVwCH9fD+IJvycdKlgQggKnE0CzOv9FjMQFNbd1e
exobBMtXVyqLwu5kV7YwTs9b95iKyWLqEZxmrwh4Y/v0YMXKfp5S1I9IL8eF4NGl
43REEh1jXT6E/lD1qOLu7LeSa3MRpTIdUT8Px81C0+ITldcUKPwkKumvOPzXCgtt
nss/giCUOg8ueWdBWfcUZc4HBssCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ5yZRm
a5tb8rbiQt/FaVKJls0IojAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmUzMmUwNjMtMjQ4NC00ZjI0LWIzZDQtMjFiNWM4ZjU1NDU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQCM/W9TTbC5nIvguFC/Ln/FxVxlL+SFHF+gYiI3Z8PD
HkmhpKUrpjudiPjpo0bZcEArNwnI7aGmHLxIYls+clqH0+FD/4pud/F3ToOztPbj
tHHyC31L7q6DiUM2mcfUODUmD8o2ZKZtCMDfkz1hY8pPgZoB3Lv6cHh4GqRQXdXb
LoZJ7b+Jk1ij0RCzueYIOVPrVg7SnPW71x+BKQKYZoYAQlGg3HmXOP5DpyzWvST3
p0Sgc/7bgmP3j7O/0w0pzqWAFD5zo8mC0dJ1QpaYHgJF0nzs8+/vWofojlA6V+DR
nNkjx+b458cK4xBgr/2Y+QKHipwwgrGOZWagsFrwc1Zk
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:49 2025 by rpki-client