Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1171c547-ddc2-479f-91b8-52cc9e170312.roa
File: 1171c547-ddc2-479f-91b8-52cc9e170312.roa (raw, json)
Hash identifier: hTVDRGhoazb1SekNwPrbW8OfHan9qFE2CmH/7KlUthU=
Subject key identifier: 5D:7E:4F:13:4E:2B:ED:FF:6F:69:D8:54:E4:96:83:54:47:7B:BA:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 409D7CEE86A0054184C340C981AFA44E051732BD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1171c547-ddc2-479f-91b8-52cc9e170312.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:9d:7c:ee:86:a0:05:41:84:c3:40:c9:81:af:a4:4e:05:17:32:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=1630c53ea3e80ce4edc964fdbe4a7d97031c4813a046251d4368fcf1e2a2126b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:1e:36:45:f2:bf:16:87:27:dc:98:8a:6a:c3:
ef:11:8d:e4:fe:a7:d9:25:77:1f:64:9b:f3:2b:01:
c8:4d:d4:46:8d:b8:9c:4f:e4:02:21:d3:4d:46:e9:
20:79:1c:4b:1f:c9:21:bf:c7:ff:9e:a6:4b:37:eb:
69:69:4f:e1:3e:8f:f1:65:33:a7:ab:0d:5a:c4:87:
ee:91:b1:15:64:86:fc:f8:3e:ac:71:ff:2a:88:46:
71:53:1f:fd:dd:34:fc:ea:48:50:d5:6d:6d:81:58:
c6:82:09:44:29:ef:5a:3c:e9:f0:10:48:01:7a:17:
ce:c3:1e:85:92:25:3a:19:08:ae:27:3e:02:ad:ee:
d5:5a:8e:c8:90:b8:a8:4f:04:64:0d:ba:d9:31:25:
2d:dd:0d:8f:f5:c2:38:66:32:ed:10:5e:1b:97:6a:
3f:53:e2:f4:34:cf:a9:e2:1f:40:5c:26:c5:5d:c5:
6d:f4:2f:f9:01:eb:67:1d:44:57:6f:5b:fd:93:55:
4e:85:5e:38:cb:c1:42:95:ee:9d:68:a0:15:fb:7a:
93:68:33:05:c2:61:85:58:b8:a8:f2:48:e9:b1:ed:
16:25:4b:f9:13:c9:da:26:5f:29:a0:91:90:9d:bf:
6b:21:b6:29:e3:ac:6d:e1:81:17:c9:4a:3d:cd:0d:
df:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:7E:4F:13:4E:2B:ED:FF:6F:69:D8:54:E4:96:83:54:47:7B:BA:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1171c547-ddc2-479f-91b8-52cc9e170312.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.128.0/17
Signature Algorithm: sha256WithRSAEncryption
9f:ed:a7:d6:1a:3d:35:7a:32:8e:57:8e:7c:c4:14:29:05:c7:
14:e3:7a:f7:9f:07:ba:84:62:27:39:11:b1:07:f4:a9:6e:89:
67:99:7a:1a:2f:0e:af:ef:0d:36:ef:89:83:a9:26:5d:2e:2e:
96:54:c1:e8:0c:a7:5e:ef:f5:1f:15:5b:3f:8e:eb:74:25:71:
6f:9c:25:09:d1:cb:b0:aa:89:12:78:60:40:17:61:ac:82:bf:
81:53:55:bc:63:24:c9:6b:fe:71:32:ad:a4:a4:e8:60:5b:e8:
6d:b0:fb:49:f0:42:0d:80:f8:12:a2:44:61:48:8f:a3:1c:45:
4d:05:7c:1e:92:66:57:01:74:e2:7f:d6:d4:b8:68:f5:e9:8a:
89:ff:44:8b:4d:c7:90:6d:20:9c:31:2f:af:fc:43:1b:d7:fc:
d1:0e:8b:a1:03:03:d2:ab:e2:fb:8d:f0:bd:fe:b2:8f:53:18:
6a:e0:4c:d0:76:be:87:3d:30:94:45:9d:6e:69:3d:e0:31:e2:
cc:4a:28:60:62:0f:46:68:2a:34:1a:03:84:d6:2d:77:85:9b:
8a:21:e1:6f:6c:de:9a:e5:a7:60:37:7f:c8:37:e9:a2:df:0e:
98:f4:bc:76:6b:c8:fe:1c:7c:a0:d2:06:cd:45:24:82:be:15:
a8:23:0c:1c
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUQJ187oagBUGEw0DJga+kTgUXMr0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2MzBjNTNlYTNlODBjZTRlZGM5NjRmZGJlNGE3ZDk3MDMxYzQ4MTNhMDQ2
MjUxZDQzNjhmY2YxZTJhMjEyNmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUeNkXyvxaHJ9yYimrD7xGN5P6n2SV3H2Sb8ysByE3URo24nE/kAiHTTUbp
IHkcSx/JIb/H/56mSzfraWlP4T6P8WUzp6sNWsSH7pGxFWSG/Pg+rHH/KohGcVMf
/d00/OpIUNVtbYFYxoIJRCnvWjzp8BBIAXoXzsMehZIlOhkIric+Aq3u1VqOyJC4
qE8EZA262TElLd0Nj/XCOGYy7RBeG5dqP1Pi9DTPqeIfQFwmxV3FbfQv+QHrZx1E
V29b/ZNVToVeOMvBQpXunWigFft6k2gzBcJhhVi4qPJI6bHtFiVL+RPJ2iZfKaCR
kJ2/ayG2KeOsbeGBF8lKPc0N36ECAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRdfk8T
Tivt/29p2FTkloNUR3u6gjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTE3MWM1NDctZGRjMi00NzlmLTkxYjgtNTJjYzllMTcwMzEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBy4zgDAN
BgkqhkiG9w0BAQsFAAOCAQEAn+2n1ho9NXoyjleOfMQUKQXHFON6958HuoRiJzkR
sQf0qW6JZ5l6Gi8Or+8NNu+Jg6kmXS4ullTB6AynXu/1HxVbP47rdCVxb5wlCdHL
sKqJEnhgQBdhrIK/gVNVvGMkyWv+cTKtpKToYFvobbD7SfBCDYD4EqJEYUiPoxxF
TQV8HpJmVwF04n/W1Lho9emKif9Ei03HkG0gnDEvr/xDG9f80Q6LoQMD0qvi+43w
vf6yj1MYauBM0Ha+hz0wlEWdbmk94DHizEooYGIPRmgqNBoDhNYtd4WbiiHhb2ze
muWnYDd/yDfpot8OmPS8dmvI/hx8oNIGzUUkgr4VqCMMHA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:10:56 2025 by rpki-client