Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c864a337-1849-4930-bc3c-6984d2b51a7e.roa
File: c864a337-1849-4930-bc3c-6984d2b51a7e.roa (raw, json)
Hash identifier: lnVYkmlIU3wahMt5duz4NpHFbBaQpRr7rdXzvgv9t0A=
Subject key identifier: D7:EB:5E:40:16:8F:0C:22:65:BC:72:CE:27:2D:91:F3:E3:D1:0C:DA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 390E91265E1D3A68B78076EE69A341E46E8DC0C3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c864a337-1849-4930-bc3c-6984d2b51a7e.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.216.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:0e:91:26:5e:1d:3a:68:b7:80:76:ee:69:a3:41:e4:6e:8d:c0:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:a1:27:05:c1:90:b0:74:8f:c6:bd:29:98:39:
83:10:4d:be:2d:a9:69:a1:f5:a3:a9:59:5e:3d:93:
f1:2a:11:b4:dc:22:b0:fc:b1:fe:12:25:b2:1c:ad:
96:ff:4c:b5:b2:a2:35:2a:bb:f1:07:2e:b1:30:d7:
cf:a8:0f:b7:07:70:bd:88:bf:46:3a:54:b4:5f:bd:
97:8f:d2:b8:41:bf:0b:82:25:cc:08:71:d9:7a:89:
58:63:15:dd:95:52:bc:df:17:5b:f5:de:6f:8a:55:
3f:b1:81:26:c4:40:13:77:2c:8c:e1:86:7f:f1:ae:
d0:88:48:22:0d:63:91:4c:0d:67:65:cb:b0:25:1b:
f1:8f:0f:fb:75:c5:9c:14:6a:48:eb:d4:3f:73:bd:
37:cc:60:ed:35:99:af:94:3c:80:58:b6:a3:3d:fe:
82:6b:31:50:ca:ab:a6:0f:2f:cd:fb:36:c3:29:16:
a8:db:37:c1:bb:e3:81:b8:54:fb:1c:ee:76:9b:c0:
8a:80:a6:a9:f2:31:04:54:eb:76:0d:b4:fc:ac:c8:
f5:24:4b:2d:76:da:bc:f3:b3:99:1b:e8:a3:2e:14:
45:ed:21:8d:22:01:ee:ae:16:4a:fe:aa:6a:23:a7:
0e:97:0c:90:a7:36:5d:bc:51:a6:4b:c4:73:0e:69:
de:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:EB:5E:40:16:8F:0C:22:65:BC:72:CE:27:2D:91:F3:E3:D1:0C:DA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c864a337-1849-4930-bc3c-6984d2b51a7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.216.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2a:82:b9:78:02:ba:d9:3d:dd:f0:52:ab:a5:43:48:08:d8:bb:
62:a4:cc:26:0f:69:fd:22:5f:af:b7:3e:16:d3:fd:86:46:5e:
25:2d:be:a5:a5:80:48:b9:f0:ea:0d:b7:85:12:a9:32:f4:c4:
df:ba:2c:d6:52:4e:bb:ba:54:49:1d:51:ae:bc:73:14:b8:6b:
5f:ae:d6:74:d6:90:9e:5e:12:c9:09:a8:3f:84:ec:42:b1:45:
ca:68:0e:ff:ca:cc:dd:9e:bd:3c:46:12:64:5a:4f:0c:67:f7:
b6:f1:ed:8d:d4:52:8f:23:15:d8:d5:ba:78:03:29:d9:57:de:
e7:e6:43:9f:10:76:e0:2e:6f:d5:d9:fc:df:b6:78:07:8b:67:
89:b2:b4:05:ad:f4:05:f1:90:8c:9c:11:70:3d:14:d2:d0:8d:
4c:b9:a3:bf:45:24:93:7c:ea:06:66:aa:28:32:7f:fd:95:cd:
db:08:c9:6a:eb:01:e9:e0:10:be:a6:c5:d0:ff:d6:30:47:b0:
3b:cf:6d:ce:59:8d:f1:dd:7a:10:56:ab:c8:09:bd:c1:b0:e0:
ba:e5:29:f8:d7:65:a6:a6:e2:99:f7:21:99:7f:54:4a:3b:74:
34:5a:0b:11:36:d5:e7:0d:95:dc:2b:2a:0a:37:d9:e6:58:60:
36:f5:35:0b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOQ6RJl4dOmi3gHbuaaNB5G6NwMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDA3N2M1MTMwNjQ5OGJlODgyNzU5NWM4YTlkM2U3N2I0NDM4ODE2NzNlYzUx
ZDg0NmYwNjZjOWU2MWQ0NDFkMWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK2hJwXBkLB0j8a9KZg5gxBNvi2paaH1o6lZXj2T8SoRtNwisPyx/hIlshyt
lv9MtbKiNSq78QcusTDXz6gPtwdwvYi/RjpUtF+9l4/SuEG/C4IlzAhx2XqJWGMV
3ZVSvN8XW/Xeb4pVP7GBJsRAE3csjOGGf/Gu0IhIIg1jkUwNZ2XLsCUb8Y8P+3XF
nBRqSOvUP3O9N8xg7TWZr5Q8gFi2oz3+gmsxUMqrpg8vzfs2wykWqNs3wbvjgbhU
+xzudpvAioCmqfIxBFTrdg20/KzI9SRLLXbavPOzmRvooy4URe0hjSIB7q4WSv6q
aiOnDpcMkKc2XbxRpkvEcw5p3m0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTX615A
Fo8MImW8cs4nLZHz49EM2jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yzg2NGEzMzctMTg0OS00OTMwLWJjM2MtNjk4NGQyYjUxYTdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPYMA0G
CSqGSIb3DQEBCwUAA4IBAQAqgrl4ArrZPd3wUqulQ0gI2LtipMwmD2n9Il+vtz4W
0/2GRl4lLb6lpYBIufDqDbeFEqky9MTfuizWUk67ulRJHVGuvHMUuGtfrtZ01pCe
XhLJCag/hOxCsUXKaA7/yszdnr08RhJkWk8MZ/e28e2N1FKPIxXY1bp4AynZV97n
5kOfEHbgLm/V2fzftngHi2eJsrQFrfQF8ZCMnBFwPRTS0I1MuaO/RSSTfOoGZqoo
Mn/9lc3bCMlq6wHp4BC+psXQ/9YwR7A7z23OWY3x3XoQVqvICb3BsOC65Sn412Wm
puKZ9yGZf1RKO3Q0WgsRNtXnDZXcKyoKN9nmWGA29TUL
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:44 2025 by rpki-client