Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c6e5629f-2225-4c0c-962b-6950ec611f11.roa
File: c6e5629f-2225-4c0c-962b-6950ec611f11.roa (raw, json)
Hash identifier: 7B8HweZJ30uYgr90CHn9xHsTGF/Wm4GpUA6h5hnGGHI=
Subject key identifier: 56:AD:38:00:B7:BB:59:CB:1F:DA:E2:7A:E1:FF:00:67:16:9B:48:4E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0FE2D0E7ABEE36E6AC157FE9552F115A79572533
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c6e5629f-2225-4c0c-962b-6950ec611f11.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:e2:d0:e7:ab:ee:36:e6:ac:15:7f:e9:55:2f:11:5a:79:57:25:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fb:79:00:5c:b9:4d:67:21:4f:cd:4e:c3:e5:
d4:4d:b5:41:b2:94:d8:cb:a3:b3:24:ba:f0:b9:b9:
17:bc:3c:33:dd:d8:31:70:02:2f:e2:0b:77:ad:f4:
88:80:f4:44:3e:ee:6b:d9:6e:46:26:6d:2b:e7:e1:
bf:41:3b:a5:ef:f8:be:75:22:2f:50:92:71:48:98:
de:fe:d2:22:ac:1d:9f:4b:9d:a3:d9:86:4b:98:17:
4e:3c:95:bb:0d:38:03:b1:6f:55:a5:18:97:99:15:
bd:af:0f:60:7d:1e:0a:9a:11:5e:5b:77:26:62:00:
e1:bf:40:59:3a:5b:c7:52:33:7a:26:38:66:c0:51:
97:1a:c1:96:df:5a:33:b4:0b:b1:ce:fd:9f:fb:cc:
3e:65:e1:89:94:d7:3d:38:f7:a9:e3:2c:7a:30:e3:
59:2b:76:ab:df:34:53:67:dd:0f:ff:37:80:86:de:
77:2f:f8:ba:a6:95:1f:3c:e8:13:4b:26:29:7a:9e:
4d:cb:29:7c:ab:c0:e4:df:a4:a6:a9:d9:88:eb:e1:
2f:8e:f3:c3:f6:34:48:5b:6f:f5:2a:2f:04:3a:75:
f7:6e:67:66:8d:6d:9b:0c:ed:a8:ce:28:32:b5:df:
b1:bb:18:3c:b1:99:7e:5c:f5:df:0b:e1:ec:05:05:
2d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:AD:38:00:B7:BB:59:CB:1F:DA:E2:7A:E1:FF:00:67:16:9B:48:4E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c6e5629f-2225-4c0c-962b-6950ec611f11.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
6f:bf:ab:58:91:8d:9a:9a:0a:cf:34:30:d9:4a:10:05:e8:a7:
46:3c:de:84:94:61:bf:36:51:41:d0:ac:4b:b9:76:a5:76:90:
45:d3:ab:8b:c1:2f:2e:2c:1f:3b:bd:4f:ea:cc:ec:29:72:a8:
4b:a0:1d:95:7c:19:e8:6b:6c:a4:45:08:1d:66:96:82:2f:08:
bd:b9:aa:7c:96:8a:a8:c1:bd:f4:dc:0d:83:28:7f:8e:dd:42:
fd:7b:a1:10:f5:0a:f3:db:3a:e1:b1:57:30:4f:81:50:22:01:
9a:4f:af:9a:c5:14:26:8e:cd:81:01:81:7a:ed:af:c2:af:54:
7e:e0:69:25:10:19:d9:f7:a0:3b:0d:58:52:03:1e:97:27:b2:
bf:a3:16:91:3b:8d:91:34:c0:3b:c6:f5:3e:ba:76:15:f5:1b:
7c:87:b6:01:1c:dd:ff:67:ef:6e:8c:7b:f9:16:d9:08:58:37:
d6:ba:b8:8b:72:ec:77:20:ac:ba:28:44:c2:89:7f:00:f6:24:
fc:16:54:dc:a6:16:50:07:1c:6d:56:1a:3e:1c:c9:c0:80:ae:
7e:b8:ee:6f:59:f8:11:e3:08:8e:71:bb:b7:88:5b:ca:0e:e7:
bd:ca:ee:bf:8b:1c:0c:40:e0:38:79:fc:af:89:44:aa:d3:85:
e0:6d:09:70
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUD+LQ56vuNuasFX/pVS8RWnlXJTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNjQ5NTJlMTYxZGE0MzhiOTdiMzA1Y2NjNmFkY2I2MWY5YmM1Zjc3YzY0
ZmY4ZWUwNDVlZWQwMDVlNzRjZDYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMz7eQBcuU1nIU/NTsPl1E21QbKU2MujsyS68Lm5F7w8M93YMXACL+ILd630
iID0RD7ua9luRiZtK+fhv0E7pe/4vnUiL1CScUiY3v7SIqwdn0udo9mGS5gXTjyV
uw04A7FvVaUYl5kVva8PYH0eCpoRXlt3JmIA4b9AWTpbx1IzeiY4ZsBRlxrBlt9a
M7QLsc79n/vMPmXhiZTXPTj3qeMsejDjWSt2q980U2fdD/83gIbedy/4uqaVHzzo
E0smKXqeTcspfKvA5N+kpqnZiOvhL47zw/Y0SFtv9SovBDp1925nZo1tmwztqM4o
MrXfsbsYPLGZflz13wvh7AUFLTMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRWrTgA
t7tZyx/a4nrh/wBnFptITjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzZlNTYyOWYtMjIyNS00YzBjLTk2MmItNjk1MGVjNjExZjExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQBvv6tYkY2amgrPNDDZShAF6KdGPN6ElGG/NlFB0KxL
uXaldpBF06uLwS8uLB87vU/qzOwpcqhLoB2VfBnoa2ykRQgdZpaCLwi9uap8loqo
wb303A2DKH+O3UL9e6EQ9Qrz2zrhsVcwT4FQIgGaT6+axRQmjs2BAYF67a/Cr1R+
4GklEBnZ96A7DVhSAx6XJ7K/oxaRO42RNMA7xvU+unYV9Rt8h7YBHN3/Z+9ujHv5
FtkIWDfWuriLcux3IKy6KETCiX8A9iT8FlTcphZQBxxtVho+HMnAgK5+uO5vWfgR
4wiOcbu3iFvKDue9yu6/ixwMQOA4efyviUSq04XgbQlw
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:51:52 2025 by rpki-client