Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4ed45413-5d05-4a62-b756-1f16aacf1cb3.roa
File: 4ed45413-5d05-4a62-b756-1f16aacf1cb3.roa (raw, json)
Hash identifier: KtEb3vcl9DCof0EwPt5KNzvHaY9Fv+LcN8EOeTKZLno=
Subject key identifier: 72:F8:5E:36:1E:7D:54:5B:2B:5A:81:A1:07:23:B6:20:F8:11:D4:4F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 691080F49FE0F476FBDC73CBAF5C3A77D11DA341
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4ed45413-5d05-4a62-b756-1f16aacf1cb3.roa
Signing time: Mon 17 Mar 2025 15:41:00 +0000
ROA not before: Mon 17 Mar 2025 15:41:00 +0000
ROA not after: Mon 21 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.48.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:10:80:f4:9f:e0:f4:76:fb:dc:73:cb:af:5c:3a:77:d1:1d:a3:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Mar 17 15:41:00 2025 GMT
Not After : Apr 21 23:59:59 2025 GMT
Subject: serialNumber=dbed1b814a0dcb742e4991837bccf9030818ca349906cd3452a03d9abc5aa25e, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:f0:08:a5:66:7b:f8:3e:ba:47:dc:49:3e:71:
6c:14:a6:0c:18:62:76:1a:1a:0d:bc:67:52:48:80:
d6:71:dc:9d:6e:70:16:e0:a7:9a:1a:f8:e1:5b:b3:
a7:02:91:7f:e0:f9:17:b0:63:d5:8e:e0:54:70:c7:
b2:4e:90:c9:2e:8c:26:e8:36:e2:15:5d:3f:a8:c9:
7d:6c:5e:42:16:93:45:77:76:56:87:18:c6:2b:e7:
9a:ab:b4:a5:9a:1d:d9:15:54:36:40:a7:e5:c9:8f:
3a:39:d6:e7:90:04:7e:3e:8e:be:a4:73:c0:a6:41:
8a:18:d3:ed:71:6a:68:38:8d:cb:dc:90:69:e1:58:
4c:8e:3f:f6:6b:42:4c:82:6d:65:7f:4b:3e:e9:27:
26:cf:8e:9c:06:49:de:28:ed:4a:5b:03:d8:31:d5:
1d:0b:bb:fe:21:02:74:71:7f:c4:8d:84:7a:40:61:
5f:7b:b0:09:f6:32:b8:85:f7:b2:80:cc:bf:ee:ab:
70:19:af:24:16:71:cd:05:ef:f0:d3:38:99:f0:21:
d4:c7:a8:58:d4:ac:a9:1d:d4:51:06:77:eb:2b:57:
5b:8f:73:28:e7:97:c7:db:0e:31:53:b1:88:fe:86:
08:ac:c1:f8:98:27:9d:70:47:66:88:cd:6d:04:d7:
19:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F8:5E:36:1E:7D:54:5B:2B:5A:81:A1:07:23:B6:20:F8:11:D4:4F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/4ed45413-5d05-4a62-b756-1f16aacf1cb3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.48.0.0/15
Signature Algorithm: sha256WithRSAEncryption
bb:45:71:ca:00:b9:13:66:ec:5b:49:92:15:69:38:f2:f1:73:
49:c7:fe:36:25:4c:1e:9f:5b:7d:02:ce:a1:87:00:bc:ff:d6:
10:7c:9d:6c:00:1e:87:1f:3d:de:ab:ca:0d:ba:ee:65:3f:f7:
a4:cc:75:01:38:7f:a9:2e:1d:3a:ca:f8:e7:88:33:dc:d2:08:
fe:09:6c:d1:16:4e:d7:40:23:2e:83:d4:28:d3:46:c5:df:c0:
27:75:eb:d2:d7:b5:a7:86:3f:17:cd:4c:5b:39:88:69:8e:ba:
f4:5a:af:ff:a5:30:f6:50:1a:3c:e5:6f:68:05:0f:d1:ed:f7:
73:c3:7b:5f:cd:f6:c8:71:62:53:03:04:9a:78:b5:98:6e:ef:
61:82:b7:3c:fa:56:c8:04:d4:75:8d:94:9b:07:e9:4b:47:69:
17:b7:35:60:1c:8c:ec:cf:67:52:5d:af:00:2c:fc:1f:ab:95:
b4:27:5c:23:14:b5:f6:0f:13:ce:cd:a9:3b:14:10:e8:e4:2d:
20:5b:1b:db:98:46:1f:d2:40:be:18:eb:d1:a4:52:f3:bd:db:
39:a6:b3:d0:da:52:08:1d:65:05:d3:a4:0c:ac:52:2b:14:d9:
c9:2e:2a:cd:3b:f4:55:0e:19:28:4c:c0:bb:e1:d2:e4:bf:34:
bc:b1:06:f7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUaRCA9J/g9Hb73HPLr1w6d9Edo0EwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAzMTcxNTQxMDBaFw0yNTA0MjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiZWQxYjgxNGEwZGNiNzQyZTQ5OTE4MzdiY2NmOTAzMDgxOGNhMzQ5OTA2
Y2QzNDUyYTAzZDlhYmM1YWEyNWUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMLwCKVme/g+ukfcST5xbBSmDBhidhoaDbxnUkiA1nHcnW5wFuCnmhr44Vuz
pwKRf+D5F7Bj1Y7gVHDHsk6QyS6MJug24hVdP6jJfWxeQhaTRXd2VocYxivnmqu0
pZod2RVUNkCn5cmPOjnW55AEfj6OvqRzwKZBihjT7XFqaDiNy9yQaeFYTI4/9mtC
TIJtZX9LPuknJs+OnAZJ3ijtSlsD2DHVHQu7/iECdHF/xI2EekBhX3uwCfYyuIX3
soDMv+6rcBmvJBZxzQXv8NM4mfAh1MeoWNSsqR3UUQZ36ytXW49zKOeXx9sOMVOx
iP6GCKzB+JgnnXBHZojNbQTXGUECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRy+F42
Hn1UWytagaEHI7Yg+BHUTzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NGVkNDU0MTMtNWQwNS00YTYyLWI3NTYtMWYxNmFhY2YxY2IzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMwMA0G
CSqGSIb3DQEBCwUAA4IBAQC7RXHKALkTZuxbSZIVaTjy8XNJx/42JUwen1t9As6h
hwC8/9YQfJ1sAB6HHz3eq8oNuu5lP/ekzHUBOH+pLh06yvjniDPc0gj+CWzRFk7X
QCMug9Qo00bF38AndevS17Wnhj8XzUxbOYhpjrr0Wq//pTD2UBo85W9oBQ/R7fdz
w3tfzfbIcWJTAwSaeLWYbu9hgrc8+lbIBNR1jZSbB+lLR2kXtzVgHIzsz2dSXa8A
LPwfq5W0J1wjFLX2DxPOzak7FBDo5C0gWxvbmEYf0kC+GOvRpFLzvds5prPQ2lII
HWUF06QMrFIrFNnJLirNO/RVDhkoTMC74dLkvzS8sQb3
-----END CERTIFICATE-----
Generated at Fri May 9 07:35:18 2025 by rpki-client