Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bd93f6c-9c20-4393-a8f8-1424eaa1dcbe.roa
File: 5bd93f6c-9c20-4393-a8f8-1424eaa1dcbe.roa (raw, json)
Hash identifier: 55xk7p7WGsOPveza12v9l5iSYO7vsCIsOClvtGHaf4U=
Subject key identifier: 78:E1:E5:D0:B9:99:D3:D4:AD:19:23:42:F1:D0:0A:02:42:FE:31:11
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 61A9625A632369CA64E4D1BFB4DF8526900F0B36
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bd93f6c-9c20-4393-a8f8-1424eaa1dcbe.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.20.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:a9:62:5a:63:23:69:ca:64:e4:d1:bf:b4:df:85:26:90:0f:0b:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=62e0616a6b119dbfa9b58f9f6b723f2dc94127d0f619d7b1c9e9ee5dc6dfa115, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f5:fa:4e:b9:58:93:43:94:98:7c:f8:28:40:
e2:20:36:a6:bc:6f:97:e8:fd:90:5d:11:58:67:0e:
3e:6e:12:59:b6:0e:4d:a7:ee:07:80:e4:8c:2b:96:
90:02:96:b5:14:fa:40:24:9d:49:99:89:e3:64:83:
8e:0f:87:a7:a6:79:9d:00:b8:12:46:d3:32:5f:7e:
7d:c1:a4:ba:76:ae:5a:37:fb:28:4d:96:94:b8:15:
87:d4:70:9e:85:92:2c:d4:f6:be:1e:41:d0:da:0f:
07:75:36:27:5e:52:8b:bc:f3:78:57:7a:c2:41:98:
e1:41:53:c8:f5:fb:53:1d:61:e6:e2:a8:9e:be:8b:
8f:16:da:b6:22:9a:47:d5:c5:dc:0e:c3:45:55:76:
11:55:9b:05:e6:a4:e4:a5:ca:ee:81:2a:f0:7e:26:
f4:19:9e:69:94:44:04:08:4f:b8:28:2f:5e:25:32:
46:d4:fe:66:f2:3d:66:6d:b3:78:ba:ab:3a:1d:34:
de:ed:4f:98:b8:cf:0f:7f:e6:bb:4f:af:c8:09:30:
a4:e9:23:dd:57:65:d4:60:0d:7b:58:f7:9f:f4:56:
bd:16:2b:ed:bf:07:3f:1e:97:df:de:b4:aa:d5:39:
a9:56:6e:6a:86:12:40:c8:f5:96:2d:5b:e5:ae:15:
f4:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:E1:E5:D0:B9:99:D3:D4:AD:19:23:42:F1:D0:0A:02:42:FE:31:11
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5bd93f6c-9c20-4393-a8f8-1424eaa1dcbe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/16
Signature Algorithm: sha256WithRSAEncryption
0d:93:40:d7:24:51:72:63:f7:a4:b3:42:81:74:6d:53:92:d6:
7e:fb:75:b8:0e:40:08:a1:38:8a:04:8f:47:50:1b:aa:86:4e:
83:8a:d9:a3:a6:b4:ea:89:64:43:43:8e:75:c4:70:44:12:e9:
c2:69:62:50:0f:a4:fc:ea:48:8e:df:03:d0:06:0d:1e:23:52:
3d:12:2f:1f:2b:47:8c:82:c1:b6:ed:e7:46:29:35:45:1d:0c:
93:e5:22:1f:e1:5e:e1:f3:2b:13:1e:e3:40:48:a2:9e:da:4c:
e9:32:e7:48:b5:22:7d:6c:f9:aa:b4:6e:56:a7:8f:a7:e0:7a:
2c:94:9e:ef:b6:31:cc:d8:e4:fc:c5:de:53:a5:6a:d3:a7:a1:
33:2c:6e:24:f2:9b:71:ae:a0:9d:51:c3:c1:03:b6:41:d3:a4:
2a:23:12:35:ad:cb:50:6c:29:dd:32:35:1c:16:0d:64:6c:5e:
1b:64:fa:f3:d2:c7:5e:0b:13:e4:ca:df:cd:57:ab:9b:c6:1d:
a0:e2:f2:68:50:89:0c:71:a3:27:bf:4d:3b:b4:a8:ff:65:8c:
d5:d3:21:7d:85:dc:93:8b:e1:a7:8d:c3:37:6d:3d:07:99:66:
e9:bb:87:92:85:f0:65:0f:dc:7f:d3:72:66:ba:22:3d:50:60:
b9:15:e6:69
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUYaliWmMjacpk5NG/tN+FJpAPCzYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyZTA2MTZhNmIxMTlkYmZhOWI1OGY5ZjZiNzIzZjJkYzk0MTI3ZDBmNjE5
ZDdiMWM5ZTllZTVkYzZkZmExMTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK/1+k65WJNDlJh8+ChA4iA2prxvl+j9kF0RWGcOPm4SWbYOTafuB4DkjCuW
kAKWtRT6QCSdSZmJ42SDjg+Hp6Z5nQC4EkbTMl9+fcGkunauWjf7KE2WlLgVh9Rw
noWSLNT2vh5B0NoPB3U2J15Si7zzeFd6wkGY4UFTyPX7Ux1h5uKonr6LjxbatiKa
R9XF3A7DRVV2EVWbBeak5KXK7oEq8H4m9BmeaZREBAhPuCgvXiUyRtT+ZvI9Zm2z
eLqrOh003u1PmLjPD3/mu0+vyAkwpOkj3Vdl1GANe1j3n/RWvRYr7b8HPx6X3960
qtU5qVZuaoYSQMj1li1b5a4V9HsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR44eXQ
uZnT1K0ZI0Lx0AoCQv4xETAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWJkOTNmNmMtOWMyMC00MzkzLWE4ZjgtMTQyNGVhYTFkY2JlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADMUMA0G
CSqGSIb3DQEBCwUAA4IBAQANk0DXJFFyY/eks0KBdG1TktZ++3W4DkAIoTiKBI9H
UBuqhk6DitmjprTqiWRDQ451xHBEEunCaWJQD6T86kiO3wPQBg0eI1I9Ei8fK0eM
gsG27edGKTVFHQyT5SIf4V7h8ysTHuNASKKe2kzpMudItSJ9bPmqtG5Wp4+n4Hos
lJ7vtjHM2OT8xd5TpWrTp6EzLG4k8ptxrqCdUcPBA7ZB06QqIxI1rctQbCndMjUc
Fg1kbF4bZPrz0sdeCxPkyt/NV6ubxh2g4vJoUIkMcaMnv007tKj/ZYzV0yF9hdyT
i+GnjcM3bT0HmWbpu4eShfBlD9x/03JmuiI9UGC5FeZp
-----END CERTIFICATE-----
Generated at Fri May 9 07:23:18 2025 by rpki-client