Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2263d6fb-d708-464c-8617-9f36a9814ed5.roa
File: 2263d6fb-d708-464c-8617-9f36a9814ed5.roa (raw, json)
Hash identifier: yy1fC2hMYYAKtQIyrTdd+Jo8IJ8lCcrIJ1//i5Rq+A4=
Subject key identifier: EA:C0:B5:DE:05:2B:34:50:79:A0:8F:F9:9C:ED:2F:2D:11:34:80:A6
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0C8DD2B005A1241C9061D9247F38277AB354FEE8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2263d6fb-d708-464c-8617-9f36a9814ed5.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.196.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:8d:d2:b0:05:a1:24:1c:90:61:d9:24:7f:38:27:7a:b3:54:fe:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:b4:7f:93:81:42:36:7a:58:ac:fd:6f:7d:aa:
9e:dc:43:e5:a4:01:83:42:92:a8:2a:89:52:6e:ae:
d1:a8:65:65:45:6c:a6:9e:94:3d:d4:0d:9e:db:e9:
c6:f3:f3:e7:34:8c:74:6f:a3:46:eb:b0:3e:57:b2:
34:e0:3c:2f:93:26:bb:53:2a:58:d9:1b:a7:7c:e6:
0b:b5:5e:24:fd:97:36:78:db:18:9d:d1:8a:f5:6a:
09:51:9c:84:c9:89:44:35:f6:51:69:fd:24:8f:ed:
3b:62:a7:61:38:e5:8f:85:f0:fe:a3:ea:7b:d5:45:
73:06:91:67:96:33:d8:f7:13:cb:d5:97:d8:26:b8:
a0:77:c8:c4:84:a5:18:da:10:5d:57:04:b7:9b:2e:
86:6a:0a:3a:7a:18:39:86:4e:9c:54:6a:09:00:c7:
88:0e:3f:90:59:1c:57:f6:60:5e:13:39:d2:34:9f:
e7:6b:4e:a5:95:9f:43:b8:b9:0d:8d:80:88:4c:65:
12:3c:85:f0:ab:7c:27:57:f0:f6:e7:91:d5:45:0e:
10:d5:05:13:12:fb:b7:0f:45:d2:8c:41:1b:9a:f8:
0c:7a:e3:aa:4d:a0:e6:71:6c:5e:08:34:90:97:03:
ae:15:f5:f6:90:c9:f7:d8:bc:b2:84:8c:80:57:51:
c8:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:C0:B5:DE:05:2B:34:50:79:A0:8F:F9:9C:ED:2F:2D:11:34:80:A6
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/2263d6fb-d708-464c-8617-9f36a9814ed5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.196.0.0/15
Signature Algorithm: sha256WithRSAEncryption
be:cf:4e:ee:c7:5c:eb:5f:c6:fa:18:16:e6:cd:26:cf:14:7d:
6d:1f:2c:e0:f4:38:92:1d:f1:7d:fb:de:f7:e8:1d:72:99:d7:
7e:00:fd:f8:da:57:83:96:83:27:05:e0:62:2c:17:10:55:4e:
86:d5:19:97:97:e0:ad:43:b3:04:4b:77:65:72:2b:3d:df:5d:
f8:fe:55:da:46:7f:09:f0:3f:e4:e5:94:9e:6e:a4:88:7d:ce:
c8:90:fb:14:42:f4:f5:3e:98:aa:83:7b:40:95:c4:4f:1d:7f:
45:d5:4c:4d:90:85:73:3f:01:23:80:34:fd:82:0c:58:73:7c:
ee:51:4c:a8:01:3b:d8:0e:4e:d0:15:7b:59:cd:6d:92:c4:d1:
67:cf:74:fb:60:f5:15:69:1d:17:87:71:29:32:9d:f8:02:65:
d0:2f:eb:6e:5e:dc:65:5d:7f:db:90:bc:e5:a0:3a:19:1b:f0:
b0:d6:96:15:04:e6:8b:fd:c3:ae:38:67:a4:89:57:ce:23:0e:
0a:6a:d2:eb:05:54:65:62:db:82:33:3f:8e:bb:9d:c9:08:9d:
54:f2:f6:fb:66:56:f6:5b:6a:0d:23:b6:7a:42:1c:c7:fa:e1:
b9:57:95:ee:5d:35:e2:d8:3b:ee:fe:b3:6a:2c:51:17:f9:d5:
3a:f4:b0:fb
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUDI3SsAWhJByQYdkkfzgnerNU/ugwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU0M2UyNWJhNWIxNzg1ODA0Y2M5MjZkZjU2YmRiN2JmNWNmOWJlNDdiYjUz
NWZhNDhmYjE2Y2MxOTQzZjYyZmIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+0f5OBQjZ6WKz9b32qntxD5aQBg0KSqCqJUm6u0ahlZUVspp6UPdQNntvp
xvPz5zSMdG+jRuuwPleyNOA8L5Mmu1MqWNkbp3zmC7VeJP2XNnjbGJ3RivVqCVGc
hMmJRDX2UWn9JI/tO2KnYTjlj4Xw/qPqe9VFcwaRZ5Yz2PcTy9WX2Ca4oHfIxISl
GNoQXVcEt5suhmoKOnoYOYZOnFRqCQDHiA4/kFkcV/ZgXhM50jSf52tOpZWfQ7i5
DY2AiExlEjyF8Kt8J1fw9ueR1UUOENUFExL7tw9F0oxBG5r4DHrjqk2g5nFsXgg0
kJcDrhX19pDJ99i8soSMgFdRyC0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTqwLXe
BSs0UHmgj/mc7S8tETSApjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
MjI2M2Q2ZmItZDcwOC00NjRjLTg2MTctOWYzNmE5ODE0ZWQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPEMA0G
CSqGSIb3DQEBCwUAA4IBAQC+z07ux1zrX8b6GBbmzSbPFH1tHyzg9DiSHfF9+973
6B1ymdd+AP342leDloMnBeBiLBcQVU6G1RmXl+CtQ7MES3dlcis93134/lXaRn8J
8D/k5ZSebqSIfc7IkPsUQvT1Ppiqg3tAlcRPHX9F1UxNkIVzPwEjgDT9ggxYc3zu
UUyoATvYDk7QFXtZzW2SxNFnz3T7YPUVaR0Xh3EpMp34AmXQL+tuXtxlXX/bkLzl
oDoZG/Cw1pYVBOaL/cOuOGekiVfOIw4KatLrBVRlYtuCMz+Ou53JCJ1U8vb7Zlb2
W2oNI7Z6QhzH+uG5V5XuXTXi2Dvu/rNqLFEX+dU69LD7
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:53:36 2025 by rpki-client