Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f7ff52a8-9cd5-4878-bf2f-18941574c9bd.roa
File: f7ff52a8-9cd5-4878-bf2f-18941574c9bd.roa (raw, json)
Hash identifier: E3dCPsr0QyU5Yu41Y+IlOLQRsV1R/kLXhzO1a5YVicc=
Subject key identifier: 2E:BA:D5:45:5C:FC:A6:90:04:64:44:44:F4:AF:B1:41:DB:CB:FB:7C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4983665CD9400285AF5B584E8DD710B4425F9129
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f7ff52a8-9cd5-4878-bf2f-18941574c9bd.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 51.188.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:83:66:5c:d9:40:02:85:af:5b:58:4e:8d:d7:10:b4:42:5f:91:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:c8:17:57:ad:32:d0:58:16:f6:27:20:a1:16:
36:b2:37:fe:81:5a:9c:58:07:54:20:95:4a:31:02:
b8:98:73:e5:5a:e9:41:cc:db:3b:c3:b6:ec:20:e7:
31:4e:96:16:ac:a5:52:1b:2b:1c:01:b9:86:74:38:
ac:c4:08:db:26:2d:96:d7:ee:e8:57:d0:5f:2a:93:
17:7e:a7:bd:51:99:5d:0a:56:2a:eb:1e:c8:f8:b5:
60:17:4e:91:1f:96:9a:15:7f:10:ad:bb:db:d4:f0:
b0:aa:4f:48:6f:da:41:10:ac:3a:38:b3:77:f5:d9:
2e:a4:aa:bc:1f:38:84:d6:ab:6c:2c:19:5e:bb:b2:
94:1c:20:81:cb:bd:09:ee:96:7c:de:1a:a1:bb:c8:
46:3e:05:b3:d0:0c:9c:bc:80:b9:ff:4d:b8:d5:b8:
94:a6:65:13:10:21:08:cd:d7:1d:a6:59:20:4a:bb:
eb:08:46:2e:b1:53:9a:0c:2a:df:ad:55:97:23:20:
16:67:a2:6e:16:2d:e1:0d:b2:65:a2:db:05:7d:19:
57:d2:b1:a0:ee:34:ac:bb:9f:1f:8d:dd:fb:90:91:
e5:63:69:e9:22:89:22:e7:ec:df:88:a7:bc:bf:08:
7b:cf:b5:38:ac:d5:38:92:00:b4:af:0d:cb:83:b8:
a6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:BA:D5:45:5C:FC:A6:90:04:64:44:44:F4:AF:B1:41:DB:CB:FB:7C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/f7ff52a8-9cd5-4878-bf2f-18941574c9bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.188.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a2:0c:76:f7:c4:b3:75:34:09:31:9b:ae:53:92:35:88:ce:bf:
29:dd:04:56:ef:d8:8f:b2:62:00:1a:da:36:52:d6:e3:9c:90:
a6:f8:49:bf:7e:6c:54:7d:e4:5d:79:ac:d2:8d:d1:e7:1b:f8:
b3:a2:0a:7d:0a:2e:1e:17:2c:55:b9:5d:13:25:0d:b7:e9:31:
89:94:fe:40:4a:63:00:96:a7:87:af:7b:34:6f:92:dc:b4:a8:
e7:f5:97:55:f2:53:f9:31:49:f3:b7:b3:a2:0a:f9:f8:98:18:
46:e7:9c:56:2c:c3:5a:f0:dd:58:e9:a9:44:2a:00:9a:98:e0:
ce:a7:a0:73:f0:00:d1:f0:ea:18:91:2d:cc:d5:75:5f:35:a0:
cc:a6:0e:7f:5a:fa:15:04:a3:4d:98:b5:8c:4d:5c:3e:34:e1:
99:25:10:d6:8d:2f:01:0a:5c:7b:1d:f9:4d:4c:f0:db:0a:65:
bc:db:70:c6:05:c5:13:2c:69:54:7e:b2:02:26:ba:8e:c6:4c:
cd:7c:45:7b:16:2c:ed:56:9b:05:f1:1b:d5:5a:86:f2:78:49:
4e:28:fb:b5:f6:ef:33:df:12:fd:71:89:f5:9d:d5:66:52:df:
d0:6a:29:62:42:da:b8:b7:d1:4f:72:86:f4:1f:94:7f:f9:e7:
ab:cc:58:f1
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSYNmXNlAAoWvW1hOjdcQtEJfkSkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjZjBiNmYxZDIyODFhYTFhZTlmZTZhOTRkZjFkYjgzMWE4YzE5NzU5M2I3
Y2Y0YzQ4YjRkM2Y0YjMyZjkzMjYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzIF1etMtBYFvYnIKEWNrI3/oFanFgHVCCVSjECuJhz5VrpQczbO8O27CDn
MU6WFqylUhsrHAG5hnQ4rMQI2yYtltfu6FfQXyqTF36nvVGZXQpWKuseyPi1YBdO
kR+WmhV/EK2729TwsKpPSG/aQRCsOjizd/XZLqSqvB84hNarbCwZXruylBwggcu9
Ce6WfN4aobvIRj4Fs9AMnLyAuf9NuNW4lKZlExAhCM3XHaZZIEq76whGLrFTmgwq
361VlyMgFmeibhYt4Q2yZaLbBX0ZV9KxoO40rLufH43d+5CR5WNp6SKJIufs34in
vL8Ie8+1OKzVOJIAtK8Ny4O4po8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQuutVF
XPymkARkRET0r7FB28v7fDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZjdmZjUyYTgtOWNkNS00ODc4LWJmMmYtMTg5NDE1NzRjOWJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO8MA0G
CSqGSIb3DQEBCwUAA4IBAQCiDHb3xLN1NAkxm65TkjWIzr8p3QRW79iPsmIAGto2
UtbjnJCm+Em/fmxUfeRdeazSjdHnG/izogp9Ci4eFyxVuV0TJQ236TGJlP5ASmMA
lqeHr3s0b5LctKjn9ZdV8lP5MUnzt7OiCvn4mBhG55xWLMNa8N1Y6alEKgCamODO
p6Bz8ADR8OoYkS3M1XVfNaDMpg5/WvoVBKNNmLWMTVw+NOGZJRDWjS8BClx7HflN
TPDbCmW823DGBcUTLGlUfrICJrqOxkzNfEV7FiztVpsF8RvVWobyeElOKPu19u8z
3xL9cYn1ndVmUt/QailiQtq4t9FPcob0H5R/+eerzFjx
-----END CERTIFICATE-----
Generated at Sun Apr 6 00:03:01 2025 by rpki-client