Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15ca3bfd-cdcf-488b-a7f1-a2dfb7e29288.roa
File: 15ca3bfd-cdcf-488b-a7f1-a2dfb7e29288.roa (raw, json)
Hash identifier: xYi/0Ar3tBYOe23xMs2pRo7iUnW+Ex+eExYiHtpHNc4=
Subject key identifier: 1F:E1:F6:9C:62:EE:BE:B6:9B:A1:03:4C:D8:27:04:FF:BF:26:00:47
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 702191DD31AFFB79752D1C9CB985B09A844CD443
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15ca3bfd-cdcf-488b-a7f1-a2dfb7e29288.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.96.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:21:91:dd:31:af:fb:79:75:2d:1c:9c:b9:85:b0:9a:84:4c:d4:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:ea:00:c6:1c:6f:e5:fc:a0:fd:42:22:be:70:
5a:4d:98:d0:10:30:12:2f:99:ab:ae:88:26:fe:be:
5f:5e:98:85:2c:2b:c8:30:c2:79:4b:9a:79:05:ac:
bb:cb:8e:ca:a8:7a:65:c7:23:40:63:0d:04:15:52:
4b:b6:cf:1f:13:6f:b6:54:4e:bb:c2:83:e7:2d:35:
23:7f:8e:c9:a1:25:de:4b:4a:26:6b:7c:35:0f:61:
4f:d4:da:6a:ed:db:9c:55:37:a0:a1:98:f5:42:12:
01:b7:48:87:b1:91:34:4f:67:91:68:e0:3b:19:c4:
e0:70:f1:97:85:07:0e:9f:ec:f9:79:59:8f:f9:ec:
04:8e:a8:0d:59:ad:69:78:ce:eb:65:d2:48:bb:ac:
49:17:0e:18:e0:73:d8:f6:09:f7:d7:2d:34:c9:d0:
9c:6c:d4:9c:53:aa:84:48:4f:03:11:5d:f9:a4:2d:
9f:1e:bc:f2:f9:07:9e:a2:a9:77:cd:52:1c:05:fe:
01:6e:fa:55:82:6d:5d:48:61:20:ca:56:1c:62:c6:
f1:01:31:42:c3:c2:73:d4:56:d8:f4:b6:f1:1a:9e:
68:3c:57:58:70:ae:17:b5:9b:af:8a:bf:de:39:5c:
3d:21:b3:36:e8:25:eb:2d:db:96:63:79:25:a0:f6:
70:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:E1:F6:9C:62:EE:BE:B6:9B:A1:03:4C:D8:27:04:FF:BF:26:00:47
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/15ca3bfd-cdcf-488b-a7f1-a2dfb7e29288.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.96.0.0/14
Signature Algorithm: sha256WithRSAEncryption
cc:29:08:49:48:67:1d:41:45:54:7c:d5:c2:c2:82:9a:dc:03:
df:ed:7b:52:55:2b:46:6d:63:f1:ce:ba:38:36:8e:35:87:72:
55:e6:cf:ee:12:d8:8f:d4:fa:20:ed:10:00:5b:35:52:a1:9b:
fd:d4:a2:5e:fb:01:a6:a8:1a:c0:84:62:17:53:ba:7e:be:f2:
4c:bd:49:5c:e3:f4:49:22:3c:03:e9:98:b0:bc:0f:fe:06:20:
9b:ab:b5:c6:aa:61:fb:f3:14:92:80:10:a0:6c:c0:f1:32:52:
8c:a7:45:fd:9f:2b:93:4d:bf:3f:d5:66:f2:2f:ce:14:7c:36:
ff:18:a7:6c:9a:6b:9e:2a:5b:61:fd:5e:1c:77:5c:64:dc:05:
ad:51:58:66:a2:17:c5:c5:b7:02:a6:ea:c0:09:e2:e5:79:8d:
95:11:19:e8:04:f1:f5:b6:ef:c2:04:9e:ad:24:64:23:9e:46:
4d:f5:8c:46:7a:75:7e:de:5c:f4:14:02:0b:8b:13:b1:84:6f:
80:3e:ca:41:66:b9:d1:44:4e:5f:35:3f:08:a8:ac:2b:1c:54:
7d:c6:11:c3:44:c4:00:7e:f8:34:f7:7e:d3:d5:6a:44:69:72:
e2:0a:9e:88:57:8f:46:3c:ec:50:89:c4:4e:a9:c0:78:66:83:
c7:09:42:78
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcCGR3TGv+3l1LRycuYWwmoRM1EMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxOWUzYjE1OTE1MWUwODRiY2MyZjJmNDNhYjA0YzYxZTgzYjNhNTI3NTk5
NTFhYmU3YjA3NTdmYWM4ZTE1NzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOXqAMYcb+X8oP1CIr5wWk2Y0BAwEi+Zq66IJv6+X16YhSwryDDCeUuaeQWs
u8uOyqh6ZccjQGMNBBVSS7bPHxNvtlROu8KD5y01I3+OyaEl3ktKJmt8NQ9hT9Ta
au3bnFU3oKGY9UISAbdIh7GRNE9nkWjgOxnE4HDxl4UHDp/s+XlZj/nsBI6oDVmt
aXjO62XSSLusSRcOGOBz2PYJ99ctNMnQnGzUnFOqhEhPAxFd+aQtnx688vkHnqKp
d81SHAX+AW76VYJtXUhhIMpWHGLG8QExQsPCc9RW2PS28RqeaDxXWHCuF7Wbr4q/
3jlcPSGzNugl6y3blmN5JaD2cD0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQf4fac
Yu6+tpuhA0zYJwT/vyYARzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTVjYTNiZmQtY2RjZi00ODhiLWE3ZjEtYTJkZmI3ZTI5Mjg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNgMA0G
CSqGSIb3DQEBCwUAA4IBAQDMKQhJSGcdQUVUfNXCwoKa3APf7XtSVStGbWPxzro4
No41h3JV5s/uEtiP1Pog7RAAWzVSoZv91KJe+wGmqBrAhGIXU7p+vvJMvUlc4/RJ
IjwD6ZiwvA/+BiCbq7XGqmH78xSSgBCgbMDxMlKMp0X9nyuTTb8/1WbyL84UfDb/
GKdsmmueKlth/V4cd1xk3AWtUVhmohfFxbcCpurACeLleY2VERnoBPH1tu/CBJ6t
JGQjnkZN9YxGenV+3lz0FAILixOxhG+APspBZrnRRE5fNT8IqKwrHFR9xhHDRMQA
fvg0937T1WpEaXLiCp6IV49GPOxQicROqcB4ZoPHCUJ4
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:19:20 2025 by rpki-client