Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
File: e4b516c1-e154-4f18-af17-f71694b6015c.roa (raw, json)
Hash identifier: f8YBmBmT/lmTi20i5N2BwWEOyOaR0aOSbiLJOEuCRkM=
Subject key identifier: BD:86:47:0F:B2:7A:E8:59:AA:8A:CF:A8:E7:F7:E7:1E:73:F7:7B:A0
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4F40C21493417B32C833C1DD91FD570E32B1BCAA
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:40:c2:14:93:41:7b:32:c8:33:c1:dd:91:fd:57:0e:32:b1:bc:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:1c:e2:1b:14:7b:6a:36:09:62:82:dc:8a:c1:
1e:53:2f:f3:21:15:6d:d5:ad:1a:9e:5c:7b:11:79:
70:fc:64:07:ce:f0:31:3b:e6:64:e7:fd:4c:f8:63:
c4:09:b0:e8:a8:3a:b3:c7:84:4c:be:2f:d5:de:2d:
78:58:0c:e9:92:d1:22:5f:05:8d:e4:76:fa:b0:c6:
07:f6:82:99:42:c6:33:5a:e3:02:e7:0e:77:9b:aa:
fd:77:f4:6f:45:eb:88:76:34:59:c5:5b:9c:5b:61:
dd:ab:1d:da:db:9c:54:d7:60:25:7b:3c:5b:81:8a:
ee:fb:64:61:57:11:9c:0d:e1:d0:af:6c:9d:4f:62:
52:83:23:9d:5d:35:c0:c7:40:2f:c0:56:d5:ae:bd:
93:21:d9:69:c6:b1:b3:34:e4:42:e3:34:8d:24:89:
2c:74:fd:2c:99:3a:e7:ff:de:1d:0a:ea:60:55:b9:
6b:2d:0c:21:00:e4:10:d7:98:93:2c:8e:b7:dc:c1:
80:c6:84:d1:3f:15:ca:37:37:fe:9c:5d:2c:68:cd:
0f:14:67:4c:01:7f:67:0b:49:a6:6e:36:40:55:34:
ad:14:71:89:08:c3:e8:28:72:06:31:1f:f5:0d:43:
94:c0:ac:a1:5b:9b:09:83:5f:aa:ef:fa:0a:80:7a:
d5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:86:47:0F:B2:7A:E8:59:AA:8A:CF:A8:E7:F7:E7:1E:73:F7:7B:A0
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e4b516c1-e154-4f18-af17-f71694b6015c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0f:a9:56:6a:2c:cc:3e:76:3c:63:25:c7:13:ca:60:e7:18:02:
b2:18:09:07:f8:31:bf:ce:c1:a6:4c:d7:f5:d5:d0:aa:3e:8d:
20:32:10:d7:87:8b:93:a0:11:37:00:86:3f:fc:6c:9d:89:ef:
99:20:d8:ab:43:e4:64:f4:33:8c:25:f5:8b:d8:35:08:cc:7c:
b3:2d:42:e8:01:49:66:a9:24:01:12:42:08:42:2a:2f:d2:27:
cd:9b:fd:d4:95:09:13:9d:74:db:e6:26:7e:15:34:a0:c1:ed:
64:21:ff:2c:9c:f5:7b:1a:f6:de:0a:76:0a:e6:46:cf:8f:31:
d8:16:21:79:f2:9c:fb:a3:af:c5:5b:e9:6b:55:67:d1:a7:31:
a3:98:1c:28:45:4b:38:13:5f:51:0b:07:c4:d5:6f:a6:4b:dd:
36:64:bf:33:d8:25:a1:96:82:a1:f1:a5:01:b9:cf:59:09:69:
01:c4:7e:84:8c:9d:db:83:50:7f:d3:b0:0d:47:04:99:94:d4:
e4:72:2e:8c:bd:a5:c2:38:63:9e:ff:27:c1:c2:46:84:a3:38:
dd:2b:87:8e:76:f5:b3:a8:08:c3:5c:38:56:01:b3:89:80:5f:
b2:d1:f7:9a:78:8c:85:94:fb:37:d9:45:1f:aa:99:3b:69:08:
8a:b3:8b:75
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUT0DCFJNBezLIM8Hdkf1XDjKxvKowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyY2MyMDU0OWY4Zjc0N2NkZjlhY2Y3MmJiYjNiNzJkZjM2YTM1OTU1MjA1
Y2E3ODgxMDFkYmQ0ZGM0NTFkZDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALsc4hsUe2o2CWKC3IrBHlMv8yEVbdWtGp5cexF5cPxkB87wMTvmZOf9TPhj
xAmw6Kg6s8eETL4v1d4teFgM6ZLRIl8FjeR2+rDGB/aCmULGM1rjAucOd5uq/Xf0
b0XriHY0WcVbnFth3asd2tucVNdgJXs8W4GK7vtkYVcRnA3h0K9snU9iUoMjnV01
wMdAL8BW1a69kyHZacaxszTkQuM0jSSJLHT9LJk65//eHQrqYFW5ay0MIQDkENeY
kyyOt9zBgMaE0T8Vyjc3/pxdLGjNDxRnTAF/ZwtJpm42QFU0rRRxiQjD6ChyBjEf
9Q1DlMCsoVubCYNfqu/6CoB61WMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS9hkcP
snroWaqKz6jn9+cec/d7oDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTRiNTE2YzEtZTE1NC00ZjE4LWFmMTctZjcxNjk0YjYwMTVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQAPqVZqLMw+djxjJccTymDnGAKyGAkH+DG/zsGmTNf1
1dCqPo0gMhDXh4uToBE3AIY//Gydie+ZINirQ+Rk9DOMJfWL2DUIzHyzLULoAUlm
qSQBEkIIQiov0ifNm/3UlQkTnXTb5iZ+FTSgwe1kIf8snPV7GvbeCnYK5kbPjzHY
FiF58pz7o6/FW+lrVWfRpzGjmBwoRUs4E19RCwfE1W+mS902ZL8z2CWhloKh8aUB
uc9ZCWkBxH6EjJ3bg1B/07ANRwSZlNTkci6MvaXCOGOe/yfBwkaEozjdK4eOdvWz
qAjDXDhWAbOJgF+y0feaeIyFlPs32UUfqpk7aQiKs4t1
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:13:35 2025 by rpki-client