Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cd3318b5-2879-4be5-ab89-dd65461ef6fe.roa
File: cd3318b5-2879-4be5-ab89-dd65461ef6fe.roa (raw, json)
Hash identifier: DB7kpMHIBrGSBNF+HQHpP6AkHbtkbojoQvEJAbw5Ev0=
Subject key identifier: 9A:22:82:35:D7:76:E1:86:92:48:9D:25:E1:FC:C1:47:67:26:D9:C8
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 01C91BFD9B5EBD458BDEFF820AC428A74FE68CE6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cd3318b5-2879-4be5-ab89-dd65461ef6fe.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:c9:1b:fd:9b:5e:bd:45:8b:de:ff:82:0a:c4:28:a7:4f:e6:8c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:98:10:9a:0b:d1:9d:61:34:bc:ac:9a:c6:d6:
43:d4:35:b4:2e:cf:91:61:99:14:4b:5c:13:3a:7b:
43:2c:d7:a6:90:fd:fd:6b:66:9b:9b:22:62:5c:9f:
ef:3d:39:4f:1b:33:6a:3b:1c:c9:09:1f:6d:64:78:
fd:85:f4:cb:4c:bd:42:8d:2b:88:fd:c1:4d:f0:b9:
60:bb:1d:56:4a:44:bd:08:21:ae:5a:23:e4:1d:0d:
31:4e:3e:ac:fa:7a:b7:ad:f8:c2:20:a2:0a:86:f4:
19:57:e0:ac:1a:af:b4:5c:2e:44:41:cc:23:6c:19:
4c:0a:98:56:f5:a1:79:cc:57:13:4a:9e:24:c1:58:
91:bb:21:ed:fa:91:ab:53:87:65:8e:d2:61:31:16:
33:62:c6:cc:88:67:cd:f1:37:91:24:7f:5d:c0:94:
2c:79:1f:7f:d8:a9:c2:a3:07:0e:f4:5d:2e:3a:ed:
ea:ad:54:f2:5e:c4:8f:cd:02:e4:1d:c2:21:01:df:
9e:c8:e4:5a:aa:fc:1b:3d:f7:f0:3f:c5:18:f2:9a:
b9:b1:41:f5:0d:cc:16:53:ff:dd:f3:b0:d0:59:08:
43:d8:05:a4:86:c3:ec:27:31:5b:6b:5c:e2:58:32:
64:81:f8:22:0a:a3:2e:2a:0c:a2:6d:64:0d:16:5d:
b8:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:22:82:35:D7:76:E1:86:92:48:9D:25:E1:FC:C1:47:67:26:D9:C8
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cd3318b5-2879-4be5-ab89-dd65461ef6fe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
86:75:f3:30:6e:8f:17:d0:1f:72:4e:be:31:15:85:65:1c:df:
ca:f9:9f:f6:d0:76:86:13:ba:f3:5f:24:12:88:08:16:e9:f8:
4f:93:98:4e:0c:8b:69:e7:9e:17:8c:eb:bc:09:e9:5b:e4:e9:
33:02:99:4f:f5:9a:ff:70:96:fd:8b:87:0a:f6:23:13:77:34:
8d:9a:6e:4f:e8:46:29:01:4f:6c:19:5e:44:11:b7:48:4b:2e:
8d:2e:30:85:90:8c:93:d2:9b:c8:d1:bc:dc:ef:6e:ad:9e:82:
2d:a1:86:86:a7:4f:45:3a:fa:10:f3:3f:55:aa:6f:d3:e8:f8:
2e:11:6f:9d:04:47:1e:df:0c:e9:dc:01:15:be:f1:19:16:18:
04:76:1a:74:cd:2f:b5:c0:fc:1b:bc:bf:d7:70:6d:d6:f2:31:
8b:5c:7f:7f:c8:97:d1:ad:bd:4d:97:9b:32:2a:9f:35:53:44:
e7:fc:2d:46:4e:2e:46:28:1d:23:85:16:55:dd:ed:f5:e3:03:
9d:7d:44:11:b7:06:de:91:0f:e9:ab:a6:3c:7e:02:74:8b:95:
6d:1e:6c:76:ea:8a:15:ff:61:67:8c:b2:5e:ae:39:2e:a6:cb:
b9:50:b2:e1:a4:79:11:43:f1:23:57:c5:87:65:5f:71:63:1d:
20:a3:d5:e5
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAckb/ZtevUWL3v+CCsQop0/mjOYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhMWJlZTg5ZWQzODU2NmI3Y2NmZWJkZWEyYWMxNTk0NWVjN2FlZTFmNjFm
OWU4NmFjNjE5Y2NlZjNjZjUzZjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWYEJoL0Z1hNLysmsbWQ9Q1tC7PkWGZFEtcEzp7QyzXppD9/Wtmm5siYlyf
7z05TxszajscyQkfbWR4/YX0y0y9Qo0riP3BTfC5YLsdVkpEvQghrloj5B0NMU4+
rPp6t634wiCiCob0GVfgrBqvtFwuREHMI2wZTAqYVvWhecxXE0qeJMFYkbsh7fqR
q1OHZY7SYTEWM2LGzIhnzfE3kSR/XcCULHkff9ipwqMHDvRdLjrt6q1U8l7Ej80C
5B3CIQHfnsjkWqr8Gz338D/FGPKaubFB9Q3MFlP/3fOw0FkIQ9gFpIbD7CcxW2tc
4lgyZIH4IgqjLioMom1kDRZduPUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSaIoI1
13bhhpJInSXh/MFHZybZyDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2QzMzE4YjUtMjg3OS00YmU1LWFiODktZGQ2NTQ2MWVmNmZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQCGdfMwbo8X0B9yTr4xFYVlHN/K+Z/20HaGE7rzXyQS
iAgW6fhPk5hODItp554XjOu8Celb5OkzAplP9Zr/cJb9i4cK9iMTdzSNmm5P6EYp
AU9sGV5EEbdISy6NLjCFkIyT0pvI0bzc726tnoItoYaGp09FOvoQ8z9Vqm/T6Pgu
EW+dBEce3wzp3AEVvvEZFhgEdhp0zS+1wPwbvL/XcG3W8jGLXH9/yJfRrb1Nl5sy
Kp81U0Tn/C1GTi5GKB0jhRZV3e314wOdfUQRtwbekQ/pq6Y8fgJ0i5VtHmx26ooV
/2FnjLJerjkupsu5ULLhpHkRQ/EjV8WHZV9xYx0go9Xl
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:13:37 2025 by rpki-client