Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09232b8-719a-44e7-87fb-14733ec6c6e8.roa
File: f09232b8-719a-44e7-87fb-14733ec6c6e8.roa (raw, json)
Hash identifier: 4v943v1rgb8nnmhZLYBM5P2/TN8KuB9SICmOXmraj3g=
Subject key identifier: 5D:BD:59:06:A0:E4:56:B3:B1:24:43:15:60:D8:B5:22:5F:8B:BB:3C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2D8BF510A2B3A9032F38395A4B8FD636CFD8ECE9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09232b8-719a-44e7-87fb-14733ec6c6e8.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.34.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2d:8b:f5:10:a2:b3:a9:03:2f:38:39:5a:4b:8f:d6:36:cf:d8:ec:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9e:2a:77:a8:1a:cc:59:a9:bb:31:1a:ff:5c:
e1:ee:6b:83:61:a8:5d:c4:4b:8b:85:6d:ad:de:4e:
b8:6d:ba:37:cc:f2:11:a5:8f:b0:51:9b:8a:f6:85:
bd:12:ab:be:00:18:41:09:79:d2:8a:30:5d:cf:2e:
d0:f5:92:e8:b6:87:e5:98:7f:06:a4:82:b6:5f:09:
2c:ae:5a:cf:b6:3a:8e:d8:67:94:70:ed:49:e1:84:
db:1e:54:5f:89:32:62:e8:e7:78:6e:53:4a:59:25:
dc:74:36:9e:cd:f2:0b:af:2b:65:df:94:e5:34:51:
f5:8e:a1:c1:8a:51:a9:ce:2e:8f:d8:0d:06:db:f0:
05:f5:a6:ae:9f:b3:49:9c:2a:51:a0:1f:7e:bf:63:
a5:bf:37:5a:f1:a4:ca:60:86:8a:8b:e0:bb:08:90:
bb:29:92:24:56:01:c2:df:45:e5:d7:47:78:4e:92:
74:a2:48:51:c3:46:f8:00:6b:41:d3:cf:ec:47:84:
d6:81:51:78:31:80:26:fc:72:d0:e1:5f:7f:8c:62:
b3:d0:b1:96:d1:13:bb:09:66:87:69:d3:21:da:57:
40:f0:9c:c6:5b:8d:1f:c9:1c:1a:22:d5:43:25:57:
a4:6c:62:4a:07:2e:9d:42:91:1d:81:dc:51:8f:e5:
09:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:BD:59:06:A0:E4:56:B3:B1:24:43:15:60:D8:B5:22:5F:8B:BB:3C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f09232b8-719a-44e7-87fb-14733ec6c6e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
56:4f:86:70:34:ae:3e:b1:37:6e:2e:c8:86:18:91:00:5c:2a:
8a:8c:3f:cf:dd:38:df:a8:53:f9:b7:7f:f7:14:56:fe:04:65:
e9:99:03:61:10:a1:d5:fe:2d:c9:42:62:8d:18:cf:a9:25:ff:
10:e7:4c:3b:ae:a8:4c:0e:ec:30:6e:c5:43:df:0b:44:98:0c:
c6:d8:0d:26:76:87:93:45:3a:1c:a6:dd:33:c2:15:1e:c6:27:
48:e1:52:f7:0b:09:c8:ad:c3:28:1f:64:10:02:b8:56:be:09:
99:3b:26:ff:1d:be:1b:22:51:4b:32:d1:82:f1:37:89:54:51:
d4:7f:d3:17:14:06:65:d3:1c:29:48:7c:ff:95:78:e0:48:25:
d0:44:0d:9e:d6:8d:6e:a4:bd:1c:67:6c:cc:3b:b2:0e:e7:36:
de:57:a7:e3:5f:5d:72:69:50:85:6c:6e:04:58:d6:6a:08:9a:
bc:00:25:3c:71:b7:7a:0f:5a:a6:dc:9d:62:73:28:43:d7:b3:
27:0d:df:7c:ea:73:35:e9:c3:f0:c9:21:ed:28:0f:79:7b:d7:
db:1a:59:16:24:e6:23:8e:a8:67:b0:b4:1b:88:8f:b7:2b:08:
64:cf:ee:85:6c:e3:6a:21:2d:50:1f:cc:f7:18:ee:bf:30:dd:
3b:19:21:77
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULYv1EKKzqQMvODlaS4/WNs/Y7OkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGRjNTM4OTdmMGRlMDg5NjJiYzdmOWQxMDQ1YzEzOWMxNDA1OGQ1MGFjYzFl
NzcxMzZhY2M5NjNiYWE1MWNkZjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANSeKneoGsxZqbsxGv9c4e5rg2GoXcRLi4Vtrd5OuG26N8zyEaWPsFGbivaF
vRKrvgAYQQl50oowXc8u0PWS6LaH5Zh/BqSCtl8JLK5az7Y6jthnlHDtSeGE2x5U
X4kyYujneG5TSlkl3HQ2ns3yC68rZd+U5TRR9Y6hwYpRqc4uj9gNBtvwBfWmrp+z
SZwqUaAffr9jpb83WvGkymCGiovguwiQuymSJFYBwt9F5ddHeE6SdKJIUcNG+ABr
QdPP7EeE1oFReDGAJvxy0OFff4xis9CxltETuwlmh2nTIdpXQPCcxluNH8kcGiLV
QyVXpGxiSgcunUKRHYHcUY/lCXcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRdvVkG
oORWs7EkQxVg2LUiX4u7PDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjA5MjMyYjgtNzE5YS00NGU3LTg3ZmItMTQ3MzNlYzZjNmU4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQBWT4ZwNK4+sTduLsiGGJEAXCqKjD/P3TjfqFP5t3/3
FFb+BGXpmQNhEKHV/i3JQmKNGM+pJf8Q50w7rqhMDuwwbsVD3wtEmAzG2A0mdoeT
RTocpt0zwhUexidI4VL3CwnIrcMoH2QQArhWvgmZOyb/Hb4bIlFLMtGC8TeJVFHU
f9MXFAZl0xwpSHz/lXjgSCXQRA2e1o1upL0cZ2zMO7IO5zbeV6fjX11yaVCFbG4E
WNZqCJq8ACU8cbd6D1qm3J1icyhD17MnDd986nM16cPwySHtKA95e9fbGlkWJOYj
jqhnsLQbiI+3Kwhkz+6FbONqIS1QH8z3GO6/MN07GSF3
-----END CERTIFICATE-----
Generated at Sat Apr 5 15:31:43 2025 by rpki-client