Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55ede288-20da-46a9-b532-c24cfd455a05.roa
File: 55ede288-20da-46a9-b532-c24cfd455a05.roa (raw, json)
Hash identifier: BLyXUqUp1zDyueVoNaL3s48hH5hTrrUYB45+CvESQnM=
Subject key identifier: 73:91:7A:70:80:66:60:22:DB:42:AA:84:15:64:04:37:E1:54:B6:38
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 060CE842780628B850408F4838C6ECF0AADD78E8
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55ede288-20da-46a9-b532-c24cfd455a05.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.128.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:0c:e8:42:78:06:28:b8:50:40:8f:48:38:c6:ec:f0:aa:dd:78:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e5:3d:0a:05:74:37:84:2d:d6:f9:44:08:b3:
17:bf:c2:c4:9c:f9:be:53:ce:17:1c:b7:63:b1:88:
bd:85:79:37:d4:9c:20:b1:bf:ee:36:1b:5f:54:bf:
54:85:13:b3:11:16:cb:1a:39:7e:2e:8c:e3:52:83:
53:4d:24:64:c2:7c:1a:a2:ce:67:78:8e:3e:55:f0:
2f:5c:02:23:3d:c0:aa:66:79:02:70:04:a1:9e:d3:
75:60:bc:8d:78:21:ea:14:d9:6b:3d:f2:37:d6:ac:
c3:bc:5a:ef:a4:2d:33:40:0d:b6:2f:85:7e:3e:e6:
c3:40:83:c0:d1:4c:34:c3:c3:84:cd:1e:44:31:f5:
44:81:e7:8c:1b:bf:f3:8e:17:b9:e4:6f:68:9f:35:
c7:e6:1d:d0:1b:ba:66:60:42:22:2a:df:54:da:ce:
61:ca:c5:1f:31:3f:95:b6:19:53:dc:97:dc:52:d8:
47:6f:23:a3:60:b6:b5:18:c9:85:d2:ab:a4:2a:f3:
6e:39:98:69:e2:8c:f1:ac:cd:f5:e0:0c:f5:38:ad:
0a:d7:19:a9:39:ce:a3:f7:4b:27:c3:48:ad:b3:56:
b4:fb:7f:19:a0:90:a8:35:c9:a6:0e:50:30:40:ae:
de:f2:4d:2c:d4:62:18:22:31:33:43:4d:f0:1c:c9:
f5:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:91:7A:70:80:66:60:22:DB:42:AA:84:15:64:04:37:E1:54:B6:38
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/55ede288-20da-46a9-b532-c24cfd455a05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.128.0.0/16
Signature Algorithm: sha256WithRSAEncryption
18:30:d6:bb:20:45:aa:e9:f8:fd:50:f4:17:9b:ec:17:c4:81:
8b:e3:04:e7:39:ec:aa:85:e1:00:a5:27:ad:12:8d:a5:ae:7a:
30:42:87:52:59:06:65:29:43:4d:e3:00:87:3a:6f:0b:f8:ee:
f7:21:79:c2:f4:49:b2:23:4b:90:1f:5a:62:e3:b8:1e:cc:4c:
32:73:7b:80:da:95:0f:47:32:2c:f6:b5:f8:7b:cd:b4:5e:52:
5b:06:be:19:7c:aa:f3:22:f3:ec:67:61:d8:c4:5a:07:72:d4:
16:79:a5:e4:8e:e8:a1:ee:6e:34:2f:9b:56:8b:51:df:7c:a9:
2c:73:b8:96:4c:38:d5:59:31:79:ef:15:a3:75:a5:50:d9:ad:
39:53:f2:ef:78:bb:5c:81:c1:52:8b:c2:74:f7:6a:86:a9:e4:
c3:f8:ff:73:7e:e3:82:2e:8a:7b:37:d8:9f:b8:df:a5:3e:68:
3a:12:62:28:b8:a2:52:3e:f4:f0:1c:48:83:5a:42:4b:8d:71:
b4:47:3b:d4:06:e6:7f:a4:52:0a:27:78:5b:29:a7:35:55:6e:
fd:5e:96:14:f1:9c:c3:44:f6:20:c2:8b:15:04:a8:82:75:08:
fa:f1:22:95:c4:bc:39:68:3a:13:27:80:35:cc:75:5f:94:d9:
e9:95:f5:47
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBgzoQngGKLhQQI9IOMbs8KrdeOgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyMDI2N2JkNGIyMzNkYjg2OTg5ZTllZWUxY2Q3NTNhZGQ5NGU5ODdlOWJj
MjVkM2FkYjI3MGIxNmU2ODkxNzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKHlPQoFdDeELdb5RAizF7/CxJz5vlPOFxy3Y7GIvYV5N9ScILG/7jYbX1S/
VIUTsxEWyxo5fi6M41KDU00kZMJ8GqLOZ3iOPlXwL1wCIz3AqmZ5AnAEoZ7TdWC8
jXgh6hTZaz3yN9asw7xa76QtM0ANti+Ffj7mw0CDwNFMNMPDhM0eRDH1RIHnjBu/
844XueRvaJ81x+Yd0Bu6ZmBCIirfVNrOYcrFHzE/lbYZU9yX3FLYR28jo2C2tRjJ
hdKrpCrzbjmYaeKM8azN9eAM9TitCtcZqTnOo/dLJ8NIrbNWtPt/GaCQqDXJpg5Q
MECu3vJNLNRiGCIxM0NN8BzJ9VsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRzkXpw
gGZgIttCqoQVZAQ34VS2ODAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NTVlZGUyODgtMjBkYS00NmE5LWI1MzItYzI0Y2ZkNDU1YTA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOAMA0G
CSqGSIb3DQEBCwUAA4IBAQAYMNa7IEWq6fj9UPQXm+wXxIGL4wTnOeyqheEApSet
Eo2lrnowQodSWQZlKUNN4wCHOm8L+O73IXnC9EmyI0uQH1pi47gezEwyc3uA2pUP
RzIs9rX4e820XlJbBr4ZfKrzIvPsZ2HYxFoHctQWeaXkjuih7m40L5tWi1HffKks
c7iWTDjVWTF57xWjdaVQ2a05U/LveLtcgcFSi8J092qGqeTD+P9zfuOCLop7N9if
uN+lPmg6EmIouKJSPvTwHEiDWkJLjXG0RzvUBuZ/pFIKJ3hbKac1VW79XpYU8ZzD
RPYgwosVBKiCdQj68SKVxLw5aDoTJ4A1zHVflNnplfVH
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:02 2025 by rpki-client