Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19ed8e91-54d7-4564-8b59-b6260df59d4d.roa
File: 19ed8e91-54d7-4564-8b59-b6260df59d4d.roa (raw, json)
Hash identifier: 5GTaBPBAnsHAtY6tK6wYC9qWvcAySWpXCa6+uULkHGQ=
Subject key identifier: 00:36:FA:AD:BC:AF:11:6C:86:B7:B2:9B:FE:AF:19:7F:67:F0:FE:74
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 15D88C1CA51B295563CE0E81ABEA528FC0AB4ED4
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19ed8e91-54d7-4564-8b59-b6260df59d4d.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.34.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:d8:8c:1c:a5:1b:29:55:63:ce:0e:81:ab:ea:52:8f:c0:ab:4e:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d2:f8:eb:e3:8c:01:94:d3:0b:81:61:e6:6b:
23:22:8f:ad:08:c7:f5:e8:25:8f:79:e0:48:6a:23:
30:82:45:ef:61:62:14:ca:af:5d:d1:77:eb:4b:b7:
b7:55:73:0f:11:0c:7c:e6:f1:46:1e:69:c4:63:47:
86:cd:24:98:75:aa:9c:1b:ac:62:a1:6e:65:f6:9f:
f7:1f:2b:0e:ad:6e:fb:b2:66:95:b9:ff:c5:e4:44:
e0:aa:6f:2f:60:ae:08:7d:cf:02:23:0b:5d:72:e7:
0b:09:3c:67:6a:57:af:08:de:e9:6f:7c:ca:c2:3f:
b9:ba:2d:3a:72:a6:a7:6a:84:91:48:5b:0f:c9:e8:
35:2f:17:d7:51:8e:92:f7:22:de:71:e6:4d:e8:dc:
62:94:b1:ea:b9:80:02:66:c0:bb:98:5d:7d:fb:cb:
bc:6d:82:6a:51:49:3b:a6:46:33:ca:29:bc:8a:4b:
03:97:3a:60:12:50:0d:d1:23:d6:7f:f2:be:62:4b:
5d:ab:30:f2:00:9d:cd:a6:45:a8:0a:43:15:7f:e9:
72:21:75:39:d7:5b:d2:09:2d:aa:a7:02:6e:14:90:
72:b6:01:dd:46:4d:62:f8:b3:87:e0:88:a9:c5:66:
e7:1a:ea:e9:94:0e:8c:e5:f0:b7:3f:0b:34:2b:3a:
fa:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:36:FA:AD:BC:AF:11:6C:86:B7:B2:9B:FE:AF:19:7F:67:F0:FE:74
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/19ed8e91-54d7-4564-8b59-b6260df59d4d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.34.0.0/15
Signature Algorithm: sha256WithRSAEncryption
82:ba:ff:0f:12:99:3e:99:4d:68:cc:0e:35:c0:c0:58:85:a1:
36:8d:b7:6b:a3:61:8d:c9:64:b5:80:9f:a5:c1:5c:a4:b4:ad:
5e:b8:23:3a:fe:eb:58:94:42:67:47:01:c6:b2:8d:67:93:db:
9d:82:d7:da:69:b5:bd:ec:8c:3b:1d:55:4e:23:88:38:96:a6:
58:68:2a:fa:79:b6:f8:ac:5f:38:a8:70:e9:9a:7f:f2:21:38:
c7:9b:49:3b:c3:e8:c9:c6:b5:05:0c:80:d5:24:02:08:c8:18:
67:bf:ef:39:28:89:7c:2a:0d:77:85:03:12:3f:e4:b8:31:d2:
d1:fb:dd:eb:70:32:f7:a8:a7:4f:54:af:21:10:67:93:be:a6:
db:97:09:25:5b:82:86:86:46:64:95:a8:0c:16:53:12:ee:5a:
63:22:56:e9:9f:79:8a:34:2b:d2:53:fd:67:dd:77:09:36:33:
b6:84:29:2a:4f:78:79:3f:93:84:5f:e4:4b:76:bc:49:51:cb:
42:30:e2:1d:b7:9a:7e:45:c4:98:1d:0b:c9:15:93:14:53:42:
70:d4:ed:38:c8:40:01:bf:3d:0b:38:f9:73:a9:df:b0:f3:c4:
19:e2:46:67:55:0b:82:e2:26:09:9f:80:de:4e:33:6e:0d:97:
02:3b:c4:a3
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFdiMHKUbKVVjzg6Bq+pSj8CrTtQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGM0ZDgxNWZjMDI0MWU3MmM3ZjhhMzllNTJlMDJkZDE3ZmQ0NzY3ZTJmYWJl
YTU4Y2Y4MGI1MmYwMGM0ZjIyOTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMvS+OvjjAGU0wuBYeZrIyKPrQjH9eglj3ngSGojMIJF72FiFMqvXdF360u3
t1VzDxEMfObxRh5pxGNHhs0kmHWqnBusYqFuZfaf9x8rDq1u+7Jmlbn/xeRE4Kpv
L2CuCH3PAiMLXXLnCwk8Z2pXrwje6W98ysI/ubotOnKmp2qEkUhbD8noNS8X11GO
kvci3nHmTejcYpSx6rmAAmbAu5hdffvLvG2CalFJO6ZGM8opvIpLA5c6YBJQDdEj
1n/yvmJLXasw8gCdzaZFqApDFX/pciF1Oddb0gktqqcCbhSQcrYB3UZNYvizh+CI
qcVm5xrq6ZQOjOXwtz8LNCs6+vUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQANvqt
vK8RbIa3spv+rxl/Z/D+dDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MTllZDhlOTEtNTRkNy00NTY0LThiNTktYjYyNjBkZjU5ZDRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMiMA0G
CSqGSIb3DQEBCwUAA4IBAQCCuv8PEpk+mU1ozA41wMBYhaE2jbdro2GNyWS1gJ+l
wVyktK1euCM6/utYlEJnRwHGso1nk9udgtfaabW97Iw7HVVOI4g4lqZYaCr6ebb4
rF84qHDpmn/yITjHm0k7w+jJxrUFDIDVJAIIyBhnv+85KIl8Kg13hQMSP+S4MdLR
+93rcDL3qKdPVK8hEGeTvqbblwklW4KGhkZklagMFlMS7lpjIlbpn3mKNCvSU/1n
3XcJNjO2hCkqT3h5P5OEX+RLdrxJUctCMOIdt5p+RcSYHQvJFZMUU0Jw1O04yEAB
vz0LOPlzqd+w88QZ4kZnVQuC4iYJn4DeTjNuDZcCO8Sj
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:21 2025 by rpki-client