Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1d0fc19c-dd37-4056-b427-b389226e4122.roa
File: 1d0fc19c-dd37-4056-b427-b389226e4122.roa (raw, json)
Hash identifier: yidNry9l4hdxGqxhBOHnwqbhxcJqUVQjprvtjkWTfcc=
Subject key identifier: A8:90:C8:78:60:F7:7B:98:C5:55:8E:C4:56:EE:F0:EC:B6:02:A6:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 6D85B5D6A6ADEAA12E068F60B27533F4E8A7956F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1d0fc19c-dd37-4056-b427-b389226e4122.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.122.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:85:b5:d6:a6:ad:ea:a1:2e:06:8f:60:b2:75:33:f4:e8:a7:95:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:f5:6d:d1:0c:69:d4:f2:dc:a2:e1:2d:b1:f5:
cd:9b:43:76:ae:78:57:7f:80:1d:9d:96:e0:cc:8a:
89:f7:c0:2a:78:65:3a:3f:26:cc:bd:85:1d:de:99:
21:d0:c0:47:a6:87:c9:31:16:22:5c:cd:47:78:98:
d3:0a:d2:4f:1c:0a:55:b2:cf:81:b4:51:b1:83:fe:
e4:4b:42:93:f8:92:c5:e5:c7:55:f7:16:4b:b5:89:
2e:a9:c3:f4:46:55:ae:d9:b1:b0:28:17:10:e7:59:
d7:39:b4:75:b3:04:41:5c:3a:f0:d3:49:4a:4b:d3:
d3:30:9b:c5:13:ed:f3:ef:53:3a:57:09:e2:b3:bc:
de:55:a1:6d:c4:8b:19:f8:39:c3:f4:ec:ae:a3:80:
89:5d:94:ea:e3:ae:1f:eb:59:95:c8:ab:2e:7c:18:
4f:0d:5f:07:93:7a:06:e1:c6:3d:e8:35:0e:14:a0:
43:d0:0e:e5:3b:15:26:20:5f:c0:f8:37:ab:91:91:
d0:6c:c8:b0:8c:06:04:12:e4:1f:81:05:fd:2b:26:
e7:7e:4e:9b:d9:4b:60:7d:cb:e1:4b:c4:ee:4f:04:
05:2c:f2:f0:93:5b:95:37:25:d4:80:53:49:62:48:
37:b6:8c:6a:02:a1:a8:72:83:5d:b3:04:80:b1:7b:
bb:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:90:C8:78:60:F7:7B:98:C5:55:8E:C4:56:EE:F0:EC:B6:02:A6:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1d0fc19c-dd37-4056-b427-b389226e4122.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.122.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c6:db:9d:d4:27:db:91:8b:e5:b5:e6:74:82:70:64:66:25:8a:
9e:d5:77:bf:1c:3b:de:b6:83:a4:64:44:7a:a8:bd:54:57:72:
46:d3:69:2f:0a:8e:b5:80:06:a5:2f:a5:cc:88:c3:54:af:60:
c0:ff:cd:39:d6:5d:1e:80:47:fe:07:9e:f1:8f:d2:a8:19:72:
32:3c:90:14:26:32:c0:28:35:fd:b9:7c:cd:79:65:50:37:7f:
b7:bf:50:82:8d:20:c3:ea:4c:a8:f7:9a:6d:1d:8c:c3:53:cb:
37:74:18:24:4e:4b:5f:68:15:5c:bf:c0:bc:a5:93:b2:cd:87:
92:68:b0:ff:d5:05:89:8d:ed:b6:9a:2b:ee:49:8a:04:0e:3d:
0e:1d:8d:76:08:90:4f:7a:e1:cc:81:ca:53:eb:f3:b8:c0:bb:
bc:35:ac:67:7a:3e:8a:65:1d:a0:7a:31:cc:3c:17:f2:74:1a:
df:9a:c2:a8:af:c2:94:f7:21:8e:62:ba:87:0e:80:89:d3:70:
64:ec:6f:a2:45:12:a2:c1:d6:0b:b9:23:e5:1d:80:87:b8:0c:
36:26:b4:26:45:ab:18:61:24:67:0c:9b:50:ce:fb:c7:19:57:
05:04:87:a1:df:61:1f:1c:f5:d7:b9:11:81:4b:00:21:b7:dc:
21:a9:9e:9a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUbYW11qat6qEuBo9gsnUz9OinlW8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5ZDFlMDRiZjFkYTRlYjcxYzFiNTExNmYwMTk3NTY2OTZiN2ZhOTQ4YzUx
Njc2ZjkwNjUyMzhiZWE2ZTUxNmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANb1bdEMadTy3KLhLbH1zZtDdq54V3+AHZ2W4MyKiffAKnhlOj8mzL2FHd6Z
IdDAR6aHyTEWIlzNR3iY0wrSTxwKVbLPgbRRsYP+5EtCk/iSxeXHVfcWS7WJLqnD
9EZVrtmxsCgXEOdZ1zm0dbMEQVw68NNJSkvT0zCbxRPt8+9TOlcJ4rO83lWhbcSL
Gfg5w/TsrqOAiV2U6uOuH+tZlcirLnwYTw1fB5N6BuHGPeg1DhSgQ9AO5TsVJiBf
wPg3q5GR0GzIsIwGBBLkH4EF/Ssm535Om9lLYH3L4UvE7k8EBSzy8JNblTcl1IBT
SWJIN7aMagKhqHKDXbMEgLF7u20CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSokMh4
YPd7mMVVjsRW7vDstgKm6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWQwZmMxOWMtZGQzNy00MDU2LWI0MjctYjM4OTIyNmU0MTIyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN6MA0G
CSqGSIb3DQEBCwUAA4IBAQDG253UJ9uRi+W15nSCcGRmJYqe1Xe/HDvetoOkZER6
qL1UV3JG02kvCo61gAalL6XMiMNUr2DA/8051l0egEf+B57xj9KoGXIyPJAUJjLA
KDX9uXzNeWVQN3+3v1CCjSDD6kyo95ptHYzDU8s3dBgkTktfaBVcv8C8pZOyzYeS
aLD/1QWJje22mivuSYoEDj0OHY12CJBPeuHMgcpT6/O4wLu8Naxnej6KZR2gejHM
PBfydBrfmsKor8KU9yGOYrqHDoCJ03Bk7G+iRRKiwdYLuSPlHYCHuAw2JrQmRasY
YSRnDJtQzvvHGVcFBIeh32EfHPXXuRGBSwAht9whqZ6a
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:24:00 2025 by rpki-client