Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de2bba33-294e-4f48-b36f-b2ba0435d372.roa
File: de2bba33-294e-4f48-b36f-b2ba0435d372.roa (raw, json)
Hash identifier: U9z6wwmlG1kqPr8i2wu933crBpN4XpULfjbSh7bKnG0=
Subject key identifier: 38:F5:E4:64:13:3B:45:9C:30:B4:1D:E3:95:99:05:2E:F2:4F:C7:96
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4EE80FDFB6E0C3417D92872B60FC97880F6DD852
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de2bba33-294e-4f48-b36f-b2ba0435d372.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.110.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:e8:0f:df:b6:e0:c3:41:7d:92:87:2b:60:fc:97:88:0f:6d:d8:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:ae:1d:6b:fb:0c:29:4e:cb:d8:15:72:6f:75:
de:89:9b:24:1a:a6:03:57:d4:00:54:d3:5b:23:39:
25:12:80:6a:da:0a:36:e9:fe:5e:58:a3:5a:b2:ca:
d9:31:17:7e:ed:5e:0f:82:ba:c5:5a:da:ed:33:e1:
4d:c1:a3:bc:11:70:b8:9d:bf:68:e2:7a:84:df:38:
82:f8:26:5c:49:cf:56:0b:44:e4:bf:61:2a:d4:6d:
d7:da:a8:19:ba:e7:06:24:78:ec:5b:23:d3:d5:1e:
db:09:1c:a9:7b:e4:3c:5a:70:7a:12:11:ba:9d:08:
90:18:2e:ed:25:09:07:76:00:c9:13:c5:f4:d1:43:
73:72:00:16:f0:84:12:6f:bb:ee:65:69:f4:3e:18:
84:1e:a2:ac:f9:16:1d:8d:b9:a9:f3:61:a1:ae:fd:
96:2b:d3:4b:0d:6d:82:8b:27:5b:9c:03:ce:45:91:
db:41:2d:f1:21:14:38:90:21:a0:b8:35:0a:d6:94:
89:d8:41:04:c9:a7:2e:83:fd:d3:b0:03:a5:70:8a:
01:83:59:61:37:0e:87:50:92:16:d1:bf:c7:15:0c:
f2:51:ce:b4:1d:f3:a2:96:16:2d:47:70:c1:e5:e2:
2e:59:8c:3b:ad:77:cf:12:77:e2:e2:f1:31:7a:b7:
80:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:F5:E4:64:13:3B:45:9C:30:B4:1D:E3:95:99:05:2E:F2:4F:C7:96
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/de2bba33-294e-4f48-b36f-b2ba0435d372.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.110.0.0/16
Signature Algorithm: sha256WithRSAEncryption
ad:da:16:70:32:45:6e:45:85:af:cd:0c:52:ca:05:5e:66:54:
94:09:57:e2:0e:98:1b:3a:23:31:25:76:02:a2:75:ad:43:d6:
30:3c:ff:19:54:4d:fb:5c:d1:a7:81:3b:17:0a:21:6d:1f:40:
80:f8:5e:cf:e5:4f:da:b1:d8:36:6d:80:cc:a9:5a:f0:48:37:
4f:25:e1:15:aa:da:db:5b:16:24:fc:08:43:5e:4d:80:57:e7:
b9:cd:1b:2b:37:8d:e1:90:b1:3d:4e:91:93:ea:29:19:18:0b:
c5:e4:e2:bc:6d:7f:f5:af:8e:e5:f0:fb:3a:df:4e:9b:fb:52:
8a:3f:e4:94:2a:97:b2:34:a7:a9:fb:fa:da:6e:05:3e:8e:1a:
4d:eb:ea:d3:43:a3:8a:70:48:43:6a:df:85:03:7b:cf:9d:0a:
2f:57:5b:5b:59:c6:98:0f:a1:64:a2:20:2e:51:32:86:36:62:
67:a0:ba:39:c2:88:fc:d3:86:31:64:23:22:a9:a0:d2:e8:92:
49:8a:7c:d9:1a:90:01:c9:de:93:5b:d8:1d:4e:e4:90:8b:58:
f4:3f:c1:12:24:6d:88:97:8d:5e:f5:30:0e:76:a7:5b:db:34:
98:1f:66:7f:a6:8c:9f:14:6e:fe:82:1a:0e:d5:8d:91:c2:25:
ba:52:dc:8f
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUTugP37bgw0F9kocrYPyXiA9t2FIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGI4MWI3NzUyNmQ0NWY2NTc5Y2I4YzcwMjdjZTZlZGFlMGUwYmM2MWVjOGVm
MThlMzMxNjg1ZjhhN2M0ZGIzZmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAO6uHWv7DClOy9gVcm913ombJBqmA1fUAFTTWyM5JRKAatoKNun+XlijWrLK
2TEXfu1eD4K6xVra7TPhTcGjvBFwuJ2/aOJ6hN84gvgmXEnPVgtE5L9hKtRt19qo
GbrnBiR47Fsj09Ue2wkcqXvkPFpwehIRup0IkBgu7SUJB3YAyRPF9NFDc3IAFvCE
Em+77mVp9D4YhB6irPkWHY25qfNhoa79livTSw1tgosnW5wDzkWR20Et8SEUOJAh
oLg1CtaUidhBBMmnLoP907ADpXCKAYNZYTcOh1CSFtG/xxUM8lHOtB3zopYWLUdw
weXiLlmMO613zxJ34uLxMXq3gP0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ49eRk
EztFnDC0HeOVmQUu8k/HljAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGUyYmJhMzMtMjk0ZS00ZjQ4LWIzNmYtYjJiYTA0MzVkMzcyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNuMA0G
CSqGSIb3DQEBCwUAA4IBAQCt2hZwMkVuRYWvzQxSygVeZlSUCVfiDpgbOiMxJXYC
onWtQ9YwPP8ZVE37XNGngTsXCiFtH0CA+F7P5U/asdg2bYDMqVrwSDdPJeEVqtrb
WxYk/AhDXk2AV+e5zRsrN43hkLE9TpGT6ikZGAvF5OK8bX/1r47l8Ps6306b+1KK
P+SUKpeyNKep+/rabgU+jhpN6+rTQ6OKcEhDat+FA3vPnQovV1tbWcaYD6FkoiAu
UTKGNmJnoLo5woj804YxZCMiqaDS6JJJinzZGpAByd6TW9gdTuSQi1j0P8ESJG2I
l41e9TAOdqdb2zSYH2Z/poyfFG7+ghoO1Y2RwiW6UtyP
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:39:41 2025 by rpki-client