Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/17350a8e-5c2b-4c64-be1a-19d7141edd53.roa
File: 17350a8e-5c2b-4c64-be1a-19d7141edd53.roa (raw, json)
Hash identifier: qu+eehOM0jExK8sMXybfStgM6LXD1YOHFTzbLjZupfI=
Subject key identifier: 38:E0:4F:98:90:3E:09:2F:A8:59:52:4E:83:DD:2A:3E:70:21:EF:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 02DF13BB4181B048095529FFBBA3617F52E4F73F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/17350a8e-5c2b-4c64-be1a-19d7141edd53.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.74.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:df:13:bb:41:81:b0:48:09:55:29:ff:bb:a3:61:7f:52:e4:f7:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:2e:bd:4d:2f:bb:1f:e8:d6:8b:9f:85:12:66:
1e:8a:cc:0a:8b:5f:5c:c3:e5:1a:6c:af:65:a9:8c:
d7:65:bf:ef:f3:41:4a:0a:2d:ec:44:75:9e:4e:e9:
2b:39:b0:0e:c0:84:dc:b1:ac:08:32:4f:f8:e5:19:
a5:4f:ca:51:69:fa:62:1d:7e:6a:37:18:27:be:29:
66:91:d7:b9:70:41:c7:97:8d:7f:c0:be:99:53:21:
1e:26:77:a4:60:ea:5c:d3:61:f5:f7:da:82:65:c4:
6a:c3:64:85:70:39:0c:72:b9:ca:d2:59:6b:38:68:
0c:3d:95:7d:a5:cd:01:cb:a9:22:63:25:44:5a:61:
f1:07:ec:33:f5:25:7f:9f:c8:03:07:21:8a:2d:34:
df:ad:bf:2d:03:aa:a1:3d:14:48:d8:9e:05:31:de:
6a:12:a6:9d:c3:1e:41:4f:a3:bf:dd:26:ae:cf:14:
9e:cd:7f:e4:50:aa:93:18:29:56:1a:ae:86:84:d9:
c2:2e:64:eb:e0:a5:1e:52:bf:d2:1c:10:84:35:6a:
95:e2:58:4f:0c:41:8d:6f:f3:60:e5:e9:a9:97:52:
13:5a:c4:5d:92:1b:5c:71:8e:6c:3d:fa:a8:3e:5f:
8f:49:25:90:05:e8:5e:3f:87:b7:73:9a:71:b2:da:
5a:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:E0:4F:98:90:3E:09:2F:A8:59:52:4E:83:DD:2A:3E:70:21:EF:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/17350a8e-5c2b-4c64-be1a-19d7141edd53.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.74.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5b:11:e3:c8:a0:b8:b3:9e:9e:b4:f9:50:ba:b2:6a:d9:c6:dd:
7e:a7:44:5c:55:ef:ea:04:f4:c2:0d:d6:b0:1e:e7:37:2d:49:
00:b3:5e:30:62:91:91:e9:e4:47:fb:35:e0:55:b3:b5:93:f5:
88:20:29:b7:ed:2c:ab:ba:8a:0f:42:0b:35:cd:23:c7:24:07:
e5:9b:e0:f7:72:98:74:66:fc:aa:35:66:97:70:44:0e:34:be:
c3:41:6f:d3:3a:8b:64:ce:80:0d:d5:dc:76:e2:77:cb:7d:d5:
59:28:0d:65:f8:dc:ef:cd:0e:7d:27:f1:66:bb:88:0b:c1:5b:
5b:77:33:27:45:20:45:9c:81:39:41:ab:d6:41:35:6a:01:21:
7a:29:b1:64:58:e1:93:a7:17:7a:50:1e:0c:ea:30:ba:42:23:
fa:39:1b:84:06:d9:1f:33:97:af:c0:6a:1a:37:6d:d7:6f:db:
b3:e6:0c:de:89:79:13:2c:ef:41:3f:18:a3:79:80:68:6a:86:
63:3b:66:79:ba:9d:a4:73:c4:86:17:23:1a:c7:68:57:2b:e9:
db:ab:06:a5:b6:99:f8:c1:5f:f3:52:32:c4:09:08:ca:8b:93:
d9:12:60:0f:7a:b4:93:b8:ba:00:c3:53:6b:28:f2:8f:19:28:
1c:fc:81:91
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUAt8Tu0GBsEgJVSn/u6Nhf1Lk9z8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlNzY4YzQxYjRmNDlkNjNlMTA2OTM1MDkyOTIxMDc1ZmNmMDRkMjZhOWFj
NWRlMDk5NjdmMjUwYWE0YjFiYTAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANkuvU0vux/o1oufhRJmHorMCotfXMPlGmyvZamM12W/7/NBSgot7ER1nk7p
KzmwDsCE3LGsCDJP+OUZpU/KUWn6Yh1+ajcYJ74pZpHXuXBBx5eNf8C+mVMhHiZ3
pGDqXNNh9ffagmXEasNkhXA5DHK5ytJZazhoDD2VfaXNAcupImMlRFph8QfsM/Ul
f5/IAwchii00362/LQOqoT0USNieBTHeahKmncMeQU+jv90mrs8Uns1/5FCqkxgp
VhquhoTZwi5k6+ClHlK/0hwQhDVqleJYTwxBjW/zYOXpqZdSE1rEXZIbXHGObD36
qD5fj0klkAXoXj+Ht3OacbLaWncCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ44E+Y
kD4JL6hZUk6D3So+cCHvJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTczNTBhOGUtNWMyYi00YzY0LWJlMWEtMTlkNzE0MWVkZDUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNKMA0G
CSqGSIb3DQEBCwUAA4IBAQBbEePIoLiznp60+VC6smrZxt1+p0RcVe/qBPTCDdaw
Huc3LUkAs14wYpGR6eRH+zXgVbO1k/WIICm37SyruooPQgs1zSPHJAflm+D3cph0
ZvyqNWaXcEQONL7DQW/TOotkzoAN1dx24nfLfdVZKA1l+NzvzQ59J/Fmu4gLwVtb
dzMnRSBFnIE5QavWQTVqASF6KbFkWOGTpxd6UB4M6jC6QiP6ORuEBtkfM5evwGoa
N23Xb9uz5gzeiXkTLO9BPxijeYBoaoZjO2Z5up2kc8SGFyMax2hXK+nbqwaltpn4
wV/zUjLECQjKi5PZEmAPerSTuLoAw1NrKPKPGSgc/IGR
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:06:26 2025 by rpki-client