Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4153cd44-f090-48a5-bffc-3b2fed0e0348.roa
File: 4153cd44-f090-48a5-bffc-3b2fed0e0348.roa (raw, json)
Hash identifier: KhypJrCOCKdLqamTEC3gJRob3tJnbmToeYwAr3hrmLo=
Subject key identifier: CA:15:25:62:54:9B:D0:D0:9C:A6:FF:49:42:00:18:7D:C8:9F:FE:C9
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2C3F103B8E16EA43B99707E9EA3BAAF783F39542
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4153cd44-f090-48a5-bffc-3b2fed0e0348.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.72.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:3f:10:3b:8e:16:ea:43:b9:97:07:e9:ea:3b:aa:f7:83:f3:95:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:29:b6:87:73:62:a1:a2:44:10:ea:e1:43:4d:
49:fa:c8:83:fd:e4:12:0e:ed:84:ad:cf:e3:60:02:
65:b0:8b:27:e0:90:7d:aa:33:86:8d:fa:1a:c0:51:
49:58:b1:68:2e:0e:49:a0:d8:aa:d8:28:03:9e:e0:
e9:d1:71:f5:34:24:26:b4:69:9d:11:8a:1f:fd:3d:
cc:34:4e:4f:72:57:22:a3:3e:9a:db:19:c3:ec:e7:
04:82:08:88:98:49:fd:79:43:90:b5:7c:04:9b:83:
a4:4e:d5:47:ce:15:f9:53:07:46:5f:fa:a4:a0:7e:
c6:6e:60:70:d1:c7:84:25:d3:c7:72:c0:42:9f:5b:
f1:56:eb:9e:93:75:06:54:5d:25:c8:8b:70:74:a2:
89:bf:ff:70:6b:af:09:2c:cc:59:4a:cc:cf:ea:26:
9c:5c:e0:39:07:65:1b:84:29:a1:b5:2b:b2:c5:01:
3f:b5:76:42:f2:1c:ca:0e:2e:29:73:b2:c6:29:b4:
4e:4d:85:a5:7c:50:2b:95:75:f4:44:04:a4:8c:3d:
be:64:e8:cd:55:89:76:8f:19:17:a4:98:e2:46:a8:
de:12:08:1e:92:ee:33:8c:86:af:0a:32:97:33:8e:
8e:02:a4:bc:c7:65:e7:41:ad:c5:b9:a9:ba:d6:44:
76:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:15:25:62:54:9B:D0:D0:9C:A6:FF:49:42:00:18:7D:C8:9F:FE:C9
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4153cd44-f090-48a5-bffc-3b2fed0e0348.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.72.0.0/15
Signature Algorithm: sha256WithRSAEncryption
91:2e:4d:d7:b8:17:10:c6:2c:7c:58:28:31:50:b3:cc:d5:71:
9a:85:c5:42:7b:0f:54:0d:09:5e:50:a6:ef:50:91:14:6a:01:
51:d6:de:0b:60:1e:1e:b6:41:13:0d:16:55:17:ca:bf:2c:e7:
1c:45:32:fc:9c:75:2e:fb:55:ed:f5:29:4d:1b:32:7e:04:a9:
a2:da:29:13:0a:96:c4:59:2e:e7:dc:04:cc:8b:96:dd:2c:8d:
5c:a0:11:dc:c4:e7:9c:9f:4a:73:18:ee:aa:55:c6:e4:33:55:
b1:33:e9:60:b3:ca:9a:ca:7d:09:24:c7:1b:8c:6e:1b:b9:84:
85:1e:bc:f8:5a:cc:f4:14:99:9a:3d:ed:d3:b9:ff:47:24:2e:
c2:43:9f:ee:06:d3:4c:19:3d:08:d5:7b:fa:33:68:82:88:c3:
22:52:87:5c:58:24:e0:ef:86:ce:54:4a:25:52:7f:f2:99:c5:
08:8c:75:48:11:1e:de:65:36:c5:bb:c1:49:27:68:34:a2:75:
f8:5d:63:4c:4b:12:ba:c6:f2:29:03:22:7d:8d:b0:52:98:0e:
1b:4a:89:6e:b8:b2:49:b4:dd:f6:37:52:d1:5e:f3:4d:ab:0c:
f2:f7:c0:4b:54:97:05:23:6f:68:a3:03:0c:83:d8:c3:5f:c7:
d1:ab:ce:60
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIULD8QO44W6kO5lwfp6juq94PzlUIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQGU4YzUyY2E4YTdjMzY1MzBiNzE3ZTVjNTQ0ODM5NTIyMTJkZWUzZGExNDc3
M2Q0MDU4OTMwY2Y0YzM3OGUwZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOQptodzYqGiRBDq4UNNSfrIg/3kEg7thK3P42ACZbCLJ+CQfaozho36GsBR
SVixaC4OSaDYqtgoA57g6dFx9TQkJrRpnRGKH/09zDROT3JXIqM+mtsZw+znBIII
iJhJ/XlDkLV8BJuDpE7VR84V+VMHRl/6pKB+xm5gcNHHhCXTx3LAQp9b8VbrnpN1
BlRdJciLcHSiib//cGuvCSzMWUrMz+omnFzgOQdlG4QpobUrssUBP7V2QvIcyg4u
KXOyxim0Tk2FpXxQK5V19EQEpIw9vmTozVWJdo8ZF6SY4kao3hIIHpLuM4yGrwoy
lzOOjgKkvMdl50GtxbmputZEduECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTKFSVi
VJvQ0Jym/0lCABh9yJ/+yTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDE1M2NkNDQtZjA5MC00OGE1LWJmZmMtM2IyZmVkMGUwMzQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATNIMA0G
CSqGSIb3DQEBCwUAA4IBAQCRLk3XuBcQxix8WCgxULPM1XGahcVCew9UDQleUKbv
UJEUagFR1t4LYB4etkETDRZVF8q/LOccRTL8nHUu+1Xt9SlNGzJ+BKmi2ikTCpbE
WS7n3ATMi5bdLI1coBHcxOecn0pzGO6qVcbkM1WxM+lgs8qayn0JJMcbjG4buYSF
Hrz4Wsz0FJmaPe3Tuf9HJC7CQ5/uBtNMGT0I1Xv6M2iCiMMiUodcWCTg74bOVEol
Un/ymcUIjHVIER7eZTbFu8FJJ2g0onX4XWNMSxK6xvIpAyJ9jbBSmA4bSoluuLJJ
tN32N1LRXvNNqwzy98BLVJcFI29oowMMg9jDX8fRq85g
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:16:10 2025 by rpki-client