Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f67407cf-5834-4984-bfd7-dae383ea166b.roa
File: f67407cf-5834-4984-bfd7-dae383ea166b.roa (raw, json)
Hash identifier: kBdkS7flEEnhpE6VJJAxKN1AoGuFTrHBb0KqTAgiCSU=
Subject key identifier: 56:E6:0B:BE:AC:2F:C4:BB:E1:CE:3A:3D:34:63:B1:2F:F2:41:CA:2C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 32C7B6C8BB0EB623FD1746F68863F1C2AD7F915E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f67407cf-5834-4984-bfd7-dae383ea166b.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.40.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:c7:b6:c8:bb:0e:b6:23:fd:17:46:f6:88:63:f1:c2:ad:7f:91:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:de:2e:2b:52:51:6b:f0:0d:2c:5b:21:4e:a6:
fb:d4:af:6e:c7:2a:39:b1:10:ec:c9:6d:7f:76:dd:
8b:2d:37:50:8b:fd:2f:41:b7:3f:17:35:5d:1c:29:
3a:0d:49:eb:6d:44:15:35:0a:85:30:9d:10:ed:38:
82:57:a8:b6:6e:ec:74:b7:f9:06:37:98:6b:48:47:
90:81:b9:cb:44:4c:31:de:a7:2f:23:34:28:a5:71:
3c:2e:ff:6d:d2:db:c0:c6:b5:6e:ef:4e:b5:f8:56:
01:71:97:7a:f3:a4:a3:78:fc:7b:49:3f:d4:57:01:
12:6a:b1:85:fe:99:7c:77:e6:8c:9a:83:bf:47:bb:
b2:7d:a1:93:0c:39:72:d5:95:3b:7d:93:5d:58:47:
a8:80:71:ba:a3:84:39:61:df:c5:0f:dc:68:88:c1:
f6:0e:c3:5c:26:f5:a0:06:90:a6:49:d9:35:b6:a3:
f3:7a:94:fb:18:86:df:dd:b2:0b:dd:40:c5:86:23:
d4:3f:27:4e:a1:16:73:9b:b6:bc:28:db:c6:f9:e1:
71:aa:fa:62:34:53:ae:0f:a4:3b:66:0c:2b:67:7f:
2f:91:45:e5:8f:f9:aa:69:e0:a8:31:59:82:d5:da:
f0:26:65:36:40:6e:03:f4:3f:48:25:d6:38:9d:4b:
3d:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:E6:0B:BE:AC:2F:C4:BB:E1:CE:3A:3D:34:63:B1:2F:F2:41:CA:2C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f67407cf-5834-4984-bfd7-dae383ea166b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.40.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:80:d8:8c:bf:30:90:78:d5:bb:0b:f2:29:d4:38:1f:37:7c:
66:d2:1a:3e:a6:bd:13:17:57:b5:04:48:fa:5f:bb:89:3c:75:
9e:58:87:50:66:05:78:59:b9:1e:38:6b:96:c4:da:3f:71:9b:
43:13:85:b4:d2:06:d3:d2:1f:87:bc:be:e4:28:de:83:bf:2d:
a7:16:90:c0:db:35:cf:03:0c:8e:4f:31:04:fb:d4:73:6f:d1:
c4:22:e6:2f:35:53:27:8b:5c:99:49:ef:10:75:8a:79:ee:e3:
8f:3f:42:86:1a:50:7b:99:f3:b8:70:b9:66:95:33:3c:17:f7:
5a:9f:2b:df:c8:72:8d:e9:f4:d7:52:9b:02:8e:f9:34:9d:0f:
24:52:02:61:cc:a0:01:e3:22:a2:92:35:26:86:4f:bd:6f:76:
47:fe:52:18:ea:ce:7e:42:e8:7f:07:30:3f:75:13:e8:52:8e:
e9:50:74:12:f1:e4:35:7e:bf:1c:5f:a1:72:35:f3:c8:44:2b:
e4:31:eb:ae:2d:90:5f:99:a1:18:05:0b:3d:05:02:35:01:b4:
7a:cb:93:ff:77:63:78:c4:a5:57:48:c7:55:c2:7f:fd:54:a4:
0a:1a:fa:bb:b5:de:0f:ca:00:6a:6d:51:e4:1e:d7:05:40:ac:
6d:f5:93:82
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUMse2yLsOtiP9F0b2iGPxwq1/kV4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0Y2Y2YTY0MGZjMzRlZjNiMmMxZWJjNDI0MjJkNGZmNmFjZjYxNTNiZmZi
OTA2Yjg0MTE5MzY1YTg5NmU1NDExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJveLitSUWvwDSxbIU6m+9SvbscqObEQ7Mltf3bdiy03UIv9L0G3Pxc1XRwp
Og1J621EFTUKhTCdEO04gleotm7sdLf5BjeYa0hHkIG5y0RMMd6nLyM0KKVxPC7/
bdLbwMa1bu9OtfhWAXGXevOko3j8e0k/1FcBEmqxhf6ZfHfmjJqDv0e7sn2hkww5
ctWVO32TXVhHqIBxuqOEOWHfxQ/caIjB9g7DXCb1oAaQpknZNbaj83qU+xiG392y
C91AxYYj1D8nTqEWc5u2vCjbxvnhcar6YjRTrg+kO2YMK2d/L5FF5Y/5qmngqDFZ
gtXa8CZlNkBuA/Q/SCXWOJ1LPcMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRW5gu+
rC/Eu+HOOj00Y7Ev8kHKLDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjY3NDA3Y2YtNTgzNC00OTg0LWJmZDctZGFlMzgzZWExNjZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMoMA0G
CSqGSIb3DQEBCwUAA4IBAQANgNiMvzCQeNW7C/Ip1DgfN3xm0ho+pr0TF1e1BEj6
X7uJPHWeWIdQZgV4WbkeOGuWxNo/cZtDE4W00gbT0h+HvL7kKN6Dvy2nFpDA2zXP
AwyOTzEE+9Rzb9HEIuYvNVMni1yZSe8QdYp57uOPP0KGGlB7mfO4cLlmlTM8F/da
nyvfyHKN6fTXUpsCjvk0nQ8kUgJhzKAB4yKikjUmhk+9b3ZH/lIY6s5+Quh/BzA/
dRPoUo7pUHQS8eQ1fr8cX6FyNfPIRCvkMeuuLZBfmaEYBQs9BQI1AbR6y5P/d2N4
xKVXSMdVwn/9VKQKGvq7td4PygBqbVHkHtcFQKxt9ZOC
-----END CERTIFICATE-----
Generated at Sat Apr 5 17:59:09 2025 by rpki-client