Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4318df07-9ca9-4ca8-8daf-2c7e8b4424e4.roa
File: 4318df07-9ca9-4ca8-8daf-2c7e8b4424e4.roa (raw, json)
Hash identifier: SS5iSP23pVxw8UmhaDcJw0LIeSJPRl2CuPccDsBs6E0=
Subject key identifier: 14:2A:32:06:73:59:EF:93:40:48:3A:39:C5:0E:E4:A9:69:26:2D:7F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 090C460E9703EA07017B18AD8AFDB9EBF8ABEC3C
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4318df07-9ca9-4ca8-8daf-2c7e8b4424e4.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.151.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:0c:46:0e:97:03:ea:07:01:7b:18:ad:8a:fd:b9:eb:f8:ab:ec:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:17:7d:2f:31:73:fe:13:04:c9:56:05:1c:05:
cf:86:9a:33:6d:d8:85:ca:38:cc:94:f7:fd:de:80:
34:13:aa:b3:c9:1c:a8:7f:1b:c8:43:30:56:ef:0f:
1a:2e:80:b5:da:a1:98:2c:ee:91:90:2c:d1:23:c4:
c7:62:39:b0:a0:06:22:9e:ee:88:3c:07:09:e0:a4:
fb:30:33:25:a3:7a:c4:03:b4:ad:a6:a9:b8:f7:ff:
a6:19:bb:9e:97:9e:28:dc:ec:64:4b:82:43:b2:2c:
97:07:5f:2c:2d:13:3f:dc:80:a1:53:1b:38:89:75:
53:b4:54:9b:ea:ad:04:2e:21:49:c1:9e:6d:6e:0e:
54:ff:34:d4:c7:00:2e:7d:df:b9:9c:ee:7b:fc:e5:
72:46:18:e1:8c:1e:b7:a8:68:ca:af:5a:1c:54:6e:
14:51:d3:97:0d:f5:4f:af:85:71:42:dd:06:30:ef:
4d:72:2c:86:0c:1c:83:22:87:4f:02:63:ed:25:bc:
d0:29:47:68:34:7e:93:bb:ac:22:02:17:cb:1c:c2:
94:9c:f6:87:36:16:bc:a9:46:be:47:fd:81:29:c3:
5a:7a:99:72:27:1a:cd:e5:89:16:ac:b4:cf:7e:37:
48:d4:18:57:fb:14:49:39:89:68:79:35:41:3c:a6:
69:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:2A:32:06:73:59:EF:93:40:48:3A:39:C5:0E:E4:A9:69:26:2D:7F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4318df07-9ca9-4ca8-8daf-2c7e8b4424e4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.151.0.0/16
Signature Algorithm: sha256WithRSAEncryption
04:de:c6:ea:7a:73:80:38:7b:5d:ea:f4:1c:2d:0b:9e:c4:a1:
8d:b7:db:60:10:63:04:ca:be:d0:63:2e:95:d8:06:1c:87:1f:
8d:dd:ac:f6:74:eb:7a:b2:52:32:c4:07:8b:aa:f8:22:f8:a9:
04:61:52:c1:5d:00:c6:9d:c5:fe:6b:c6:ee:4f:47:a5:42:c2:
5a:d9:c3:96:95:be:83:c2:95:02:76:d8:ba:16:2c:eb:4d:0c:
fd:7d:e3:ce:e8:60:ef:cc:a4:af:ab:39:b2:5f:f0:b5:c7:1e:
0b:64:b0:81:60:fd:fc:38:81:bf:b5:64:48:b9:6b:d0:99:fa:
99:82:31:1b:17:6a:cc:c4:05:b4:65:ac:df:5c:aa:bb:bf:5e:
59:31:ce:1c:ad:f6:c3:23:aa:41:43:42:fa:f4:b7:d9:65:59:
92:e2:d7:97:04:41:87:cb:16:9e:65:9e:fe:fe:39:16:d9:46:
3b:28:3a:4c:ea:21:77:1f:e9:81:03:90:06:a6:5a:d2:aa:10:
b6:ae:47:bf:67:a8:09:4b:4e:c4:41:0a:75:38:2b:e7:a8:cc:
b0:4a:9a:d5:82:ce:f9:04:87:cb:98:cc:5d:06:82:4d:58:82:
0d:30:be:c7:aa:32:56:3c:65:57:ab:f5:ba:e0:a0:0b:df:fa:
e6:ab:30:f2
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCQxGDpcD6gcBexitiv256/ir7DwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhZjkzOWZhOGQ0YTRkMDVmMjkyNjQxN2ZjZjUxZmQxYzNiYmJlNTY3Yjcw
ZDg2ZjdiZmE0N2E1YzBmNmNjMDAxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKUXfS8xc/4TBMlWBRwFz4aaM23Yhco4zJT3/d6ANBOqs8kcqH8byEMwVu8P
Gi6AtdqhmCzukZAs0SPEx2I5sKAGIp7uiDwHCeCk+zAzJaN6xAO0raapuPf/phm7
npeeKNzsZEuCQ7IslwdfLC0TP9yAoVMbOIl1U7RUm+qtBC4hScGebW4OVP801McA
Ln3fuZzue/zlckYY4Ywet6hoyq9aHFRuFFHTlw31T6+FcULdBjDvTXIshgwcgyKH
TwJj7SW80ClHaDR+k7usIgIXyxzClJz2hzYWvKlGvkf9gSnDWnqZcicazeWJFqy0
z343SNQYV/sUSTmJaHk1QTymaWUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQUKjIG
c1nvk0BIOjnFDuSpaSYtfzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDMxOGRmMDctOWNhOS00Y2E4LThkYWYtMmM3ZThiNDQyNGU0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOXMA0G
CSqGSIb3DQEBCwUAA4IBAQAE3sbqenOAOHtd6vQcLQuexKGNt9tgEGMEyr7QYy6V
2AYchx+N3az2dOt6slIyxAeLqvgi+KkEYVLBXQDGncX+a8buT0elQsJa2cOWlb6D
wpUCdti6FizrTQz9fePO6GDvzKSvqzmyX/C1xx4LZLCBYP38OIG/tWRIuWvQmfqZ
gjEbF2rMxAW0ZazfXKq7v15ZMc4crfbDI6pBQ0L69LfZZVmS4teXBEGHyxaeZZ7+
/jkW2UY7KDpM6iF3H+mBA5AGplrSqhC2rke/Z6gJS07EQQp1OCvnqMywSprVgs75
BIfLmMxdBoJNWIINML7HqjJWPGVXq/W64KAL3/rmqzDy
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:52 2025 by rpki-client