Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/48798144-df47-4b55-a49c-b3fe832328b8.roa
File: 48798144-df47-4b55-a49c-b3fe832328b8.roa (raw, json)
Hash identifier: 9WdKdHlI0ZE1TarbxbM5hPHTFRXVIut14gdH+SM+oAg=
Subject key identifier: 22:58:A9:E5:EF:C9:5C:FE:1D:BF:F0:CB:62:DF:92:92:43:FA:AD:34
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0A83368AFE79FF3CFE02553340533C325DFBF56B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/48798144-df47-4b55-a49c-b3fe832328b8.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.200.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:83:36:8a:fe:79:ff:3c:fe:02:55:33:40:53:3c:32:5d:fb:f5:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a9:30:9e:f6:59:14:7f:87:c4:22:48:13:18:
f4:b4:b2:78:aa:da:cc:07:db:55:f6:d4:43:67:41:
9e:7c:2f:0e:b7:6e:9c:c2:39:4a:e5:94:d7:fc:27:
b3:da:6b:51:a3:0b:5e:1d:6e:9b:c9:cd:3b:ca:a1:
7f:c4:61:2d:36:fb:ba:c4:93:45:12:28:f4:21:f6:
c9:aa:db:74:36:c7:05:15:1a:e3:3c:56:84:06:cc:
1a:44:42:6d:df:5b:ae:f1:b5:26:ac:cc:ee:0b:d7:
3c:46:d4:c7:74:49:4a:7c:06:40:a4:c6:94:ec:5b:
09:33:98:f3:8b:eb:20:be:25:f6:50:3a:31:80:c9:
b2:4f:36:79:0a:75:2c:ab:3f:fb:76:d3:4c:4a:6f:
3f:fd:bc:84:1c:e0:26:51:39:37:44:41:04:62:a8:
9c:1e:84:74:d1:73:08:02:68:2a:58:a0:c8:e1:06:
46:02:c1:b3:88:26:f4:82:fd:0a:da:c5:a1:cc:75:
d1:ef:68:29:b5:52:58:2a:94:17:0d:98:0f:f2:1f:
95:17:53:f3:8f:81:4f:5b:25:3f:2d:3d:7c:5b:ab:
07:19:17:91:c7:2f:1a:25:e0:3e:ef:e6:1b:04:0d:
01:df:3a:05:fb:b4:c0:7d:a3:20:00:82:17:b9:1f:
dd:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:58:A9:E5:EF:C9:5C:FE:1D:BF:F0:CB:62:DF:92:92:43:FA:AD:34
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/48798144-df47-4b55-a49c-b3fe832328b8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.200.0.0/15
Signature Algorithm: sha256WithRSAEncryption
41:ea:15:4b:89:a0:25:3f:ae:c0:91:5d:2b:36:6d:41:50:f1:
17:67:92:d8:d4:6c:8f:a2:dc:2b:93:6c:4e:c1:f2:33:1d:4a:
bc:02:c8:d2:e8:6e:71:42:2d:23:65:5b:77:bd:6b:d4:82:6b:
ac:72:42:f8:dd:ba:64:e5:40:8c:3f:cd:fa:4f:af:a1:1c:9e:
a5:1b:33:25:52:fe:71:65:d9:42:90:c8:a3:0b:ab:b3:01:5f:
dc:61:e5:b2:f6:56:4b:23:85:14:94:6f:db:48:fb:43:e0:79:
79:9e:d5:41:c8:51:a1:9c:fd:7d:d3:28:59:aa:19:d9:b0:57:
a5:39:c2:54:e8:4f:31:c3:82:80:cb:22:3f:64:0a:5b:2f:55:
17:53:c1:c4:d8:ce:16:33:7e:b5:59:94:89:14:4a:ac:28:a7:
97:c3:d7:72:31:37:31:c2:25:cd:4f:91:75:0d:fe:06:df:c9:
ed:ff:ef:f5:e3:f5:1b:dd:f9:5f:19:1a:f7:c4:2e:f5:a2:b3:
7c:3e:0e:8e:97:17:1f:68:fa:8e:7f:e5:ae:50:72:23:80:3e:
3f:20:a2:32:9c:9f:27:c8:6d:8f:0f:ff:73:8d:9b:f8:b8:9b:
15:de:41:30:f6:e6:3e:01:5b:2d:98:e3:5b:61:66:fd:4f:dd:
5f:4a:36:42
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCoM2iv55/zz+AlUzQFM8Ml379WswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJlM2Q2ZGViNzNkNmEyZTc4ODU5ZWNmMjQ5YzE4ODUwYTRjZmFhNjJjNTBl
ZDM1ODA1YmRiZjdhMTg4NjgzMTkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKSpMJ72WRR/h8QiSBMY9LSyeKrazAfbVfbUQ2dBnnwvDrdunMI5SuWU1/wn
s9prUaMLXh1um8nNO8qhf8RhLTb7usSTRRIo9CH2yarbdDbHBRUa4zxWhAbMGkRC
bd9brvG1JqzM7gvXPEbUx3RJSnwGQKTGlOxbCTOY84vrIL4l9lA6MYDJsk82eQp1
LKs/+3bTTEpvP/28hBzgJlE5N0RBBGKonB6EdNFzCAJoKligyOEGRgLBs4gm9IL9
CtrFocx10e9oKbVSWCqUFw2YD/IflRdT84+BT1slPy09fFurBxkXkccvGiXgPu/m
GwQNAd86Bfu0wH2jIACCF7kf3UECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQiWKnl
78lc/h2/8Mti35KSQ/qtNDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NDg3OTgxNDQtZGY0Ny00YjU1LWE0OWMtYjNmZTgzMjMyOGI4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPIMA0G
CSqGSIb3DQEBCwUAA4IBAQBB6hVLiaAlP67AkV0rNm1BUPEXZ5LY1GyPotwrk2xO
wfIzHUq8AsjS6G5xQi0jZVt3vWvUgmusckL43bpk5UCMP836T6+hHJ6lGzMlUv5x
ZdlCkMijC6uzAV/cYeWy9lZLI4UUlG/bSPtD4Hl5ntVByFGhnP190yhZqhnZsFel
OcJU6E8xw4KAyyI/ZApbL1UXU8HE2M4WM361WZSJFEqsKKeXw9dyMTcxwiXNT5F1
Df4G38nt/+/14/Ub3flfGRr3xC71orN8Pg6OlxcfaPqOf+WuUHIjgD4/IKIynJ8n
yG2PD/9zjZv4uJsV3kEw9uY+AVstmONbYWb9T91fSjZC
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:04:37 2025 by rpki-client