Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa4e984-a5f7-4c42-8d75-506f4844be77.roa
File: 1fa4e984-a5f7-4c42-8d75-506f4844be77.roa (raw, json)
Hash identifier: U5Z3TF10rY147MUdbWpp+lD7InETP9ajODq9KR/xxnc=
Subject key identifier: 67:E8:6E:80:20:8A:03:03:89:90:A1:57:CE:89:51:86:53:D6:C2:C5
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 43A908207B823A7E4713B6E0C3D9481DB29886AF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa4e984-a5f7-4c42-8d75-506f4844be77.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.204.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:a9:08:20:7b:82:3a:7e:47:13:b6:e0:c3:d9:48:1d:b2:98:86:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:14:5e:5f:ad:37:15:51:4a:46:2e:f3:32:20:
82:2e:83:58:b3:ed:13:8a:57:9b:51:45:37:d5:4a:
36:08:33:4a:6f:b0:7e:0c:b9:c8:ff:5a:1f:bf:61:
fe:2e:3d:13:02:bc:66:83:21:95:4d:9f:32:ec:f4:
2e:89:19:62:35:b9:76:22:8f:9e:c6:ba:15:d0:e4:
e6:8a:03:9b:4d:73:71:53:38:d6:1c:93:0a:80:8e:
71:a3:37:a3:2d:85:37:22:2c:d5:90:57:1d:57:0d:
ef:ee:99:c2:76:11:5b:a3:34:83:8c:b9:ff:55:a6:
9e:61:d7:f8:bd:36:e6:e9:7a:2b:ac:66:72:5a:96:
dd:9b:18:4a:d4:d9:b0:98:b9:c6:c8:2b:bf:f2:68:
31:6c:fe:1c:ee:2c:08:ff:1c:8c:15:58:31:2b:22:
c7:be:03:5e:9a:e1:43:65:d3:43:1b:41:70:d8:c6:
9b:5b:4c:d6:8a:4d:85:e5:1c:10:83:48:c1:c2:c8:
47:f2:c3:55:78:65:eb:97:85:1f:b6:94:12:f9:d2:
3c:16:ee:2b:6c:d6:0e:17:f8:3f:61:73:ea:41:39:
40:c9:a3:69:26:f9:7d:32:f8:8e:3e:e1:23:b0:5b:
8e:4c:1a:61:f8:6f:97:3f:af:0a:1f:d8:e8:57:51:
2c:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:E8:6E:80:20:8A:03:03:89:90:A1:57:CE:89:51:86:53:D6:C2:C5
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/1fa4e984-a5f7-4c42-8d75-506f4844be77.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.204.0.0/15
Signature Algorithm: sha256WithRSAEncryption
b9:e9:54:64:20:f9:7a:58:9d:04:9c:f6:7a:4a:65:26:4e:ea:
68:84:06:a8:98:39:3c:a9:82:a1:0c:fe:0a:a3:1a:6c:c0:e3:
5c:9c:15:d9:67:a6:72:5a:4c:46:b8:fd:f5:fc:dc:49:19:72:
1d:ad:62:2b:5b:eb:98:91:4f:70:9b:26:53:2a:03:b0:68:07:
00:31:90:3b:71:40:50:30:f5:81:22:31:c5:b4:36:08:31:ae:
9a:e0:34:45:22:9c:f6:ca:d8:39:3b:fc:55:d8:e2:7a:84:be:
b8:f5:40:fa:10:42:aa:89:c2:fc:fa:86:b5:a0:60:9a:43:07:
68:69:80:2e:ea:8d:71:c8:41:70:33:07:64:fd:e8:e4:ea:43:
37:bc:68:10:98:17:f0:3c:79:49:ac:bc:74:80:91:8d:c6:e3:
df:64:56:a7:f4:d7:95:eb:2d:a9:bf:39:52:10:a0:dc:2a:ba:
99:10:c2:01:0b:c0:9c:c5:34:83:7b:ff:ca:28:9c:58:6d:76:
08:a6:1a:7e:f4:d3:e2:e4:62:c1:e4:6c:bf:b5:d0:d5:f3:13:
06:4b:4e:5b:60:f7:6d:e4:83:75:cf:4c:90:52:d1:e1:5e:05:
5a:e2:5d:05:c1:f2:7e:27:8d:9e:16:fe:d5:29:36:09:6f:2b:
54:74:6d:ee
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ6kIIHuCOn5HE7bgw9lIHbKYhq8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxNjI0ZGU3MzQwZjAzM2JlNjU4M2Y1ZTMxYzI4MWU1NWY1NmExNjZmMTZj
NDQ4NDExOTRiYTM0MTE5NjdmM2IxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJYUXl+tNxVRSkYu8zIggi6DWLPtE4pXm1FFN9VKNggzSm+wfgy5yP9aH79h
/i49EwK8ZoMhlU2fMuz0LokZYjW5diKPnsa6FdDk5ooDm01zcVM41hyTCoCOcaM3
oy2FNyIs1ZBXHVcN7+6ZwnYRW6M0g4y5/1WmnmHX+L025ul6K6xmclqW3ZsYStTZ
sJi5xsgrv/JoMWz+HO4sCP8cjBVYMSsix74DXprhQ2XTQxtBcNjGm1tM1opNheUc
EINIwcLIR/LDVXhl65eFH7aUEvnSPBbuK2zWDhf4P2Fz6kE5QMmjaSb5fTL4jj7h
I7BbjkwaYfhvlz+vCh/Y6FdRLAECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRn6G6A
IIoDA4mQoVfOiVGGU9bCxTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MWZhNGU5ODQtYTVmNy00YzQyLThkNzUtNTA2ZjQ4NDRiZTc3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPMMA0G
CSqGSIb3DQEBCwUAA4IBAQC56VRkIPl6WJ0EnPZ6SmUmTupohAaomDk8qYKhDP4K
oxpswONcnBXZZ6ZyWkxGuP31/NxJGXIdrWIrW+uYkU9wmyZTKgOwaAcAMZA7cUBQ
MPWBIjHFtDYIMa6a4DRFIpz2ytg5O/xV2OJ6hL649UD6EEKqicL8+oa1oGCaQwdo
aYAu6o1xyEFwMwdk/ejk6kM3vGgQmBfwPHlJrLx0gJGNxuPfZFan9NeV6y2pvzlS
EKDcKrqZEMIBC8CcxTSDe//KKJxYbXYIphp+9NPi5GLB5Gy/tdDV8xMGS05bYPdt
5IN1z0yQUtHhXgVa4l0FwfJ+J42eFv7VKTYJbytUdG3u
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:39:48 2025 by rpki-client