Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5d4ea5a5-410b-4fae-80ca-93590f67d426.roa
File: 5d4ea5a5-410b-4fae-80ca-93590f67d426.roa (raw, json)
Hash identifier: ZqZh8SAu7TnDhuVKuoJM2PNdCcVstpAz1cTH8iIJbX4=
Subject key identifier: E0:1D:D3:C3:19:CB:0D:37:6D:9A:38:63:86:4B:01:44:CA:CB:3D:D7
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 24210B4634E9474A1C3899B08DE110EF1E245081
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5d4ea5a5-410b-4fae-80ca-93590f67d426.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.92.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:21:0b:46:34:e9:47:4a:1c:38:99:b0:8d:e1:10:ef:1e:24:50:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:07:67:0e:3e:90:80:5d:85:44:0e:a9:af:fd:
63:91:58:30:43:77:09:5e:d9:e0:9e:a2:13:9f:a7:
d6:14:f9:c3:08:95:84:a9:c8:d8:31:4a:3f:63:af:
39:7f:72:e5:f1:94:a1:48:57:22:5d:5a:fc:fe:d6:
f4:75:bc:1b:1d:e3:5a:2a:d7:21:b3:1d:84:c6:32:
92:37:69:75:19:5e:4f:05:08:72:cf:5c:a2:0a:a9:
a7:cf:35:3d:56:2f:ff:d2:ec:81:72:af:99:40:11:
1f:3f:c6:77:65:ab:66:3d:3c:52:47:53:ad:81:62:
9d:bd:01:10:ef:15:71:0e:06:d1:c1:7e:72:6c:aa:
34:6e:4f:67:ff:11:30:6f:49:49:e3:45:c2:47:c4:
a6:86:27:e7:c4:56:cf:94:ad:0d:aa:ab:a6:eb:6e:
9e:c2:af:58:a4:ac:c6:f3:ed:9d:99:1b:68:a8:14:
c8:0b:b4:5a:b9:e1:0c:23:92:7c:8e:83:3f:ef:ac:
14:82:63:22:06:cf:9a:61:68:a0:2f:c6:94:b3:19:
38:b2:6a:36:0e:cd:6c:09:66:3d:51:0a:fe:b6:5b:
82:40:d7:2d:37:6c:e0:03:47:4d:42:98:66:48:1b:
37:5e:1b:b6:7a:bd:81:2e:50:f3:ec:54:bd:9f:ce:
8c:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:1D:D3:C3:19:CB:0D:37:6D:9A:38:63:86:4B:01:44:CA:CB:3D:D7
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5d4ea5a5-410b-4fae-80ca-93590f67d426.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/14
Signature Algorithm: sha256WithRSAEncryption
74:01:a7:cf:51:21:5c:47:a2:81:9f:f5:2e:5a:15:89:2a:0f:
a2:cc:ff:0a:6d:8e:6d:25:6e:2f:c1:20:37:06:73:35:79:4d:
e0:e0:57:d4:80:65:53:20:6c:e1:0b:8c:8e:e3:ac:4d:02:f2:
25:78:bc:08:e3:f6:b7:a8:32:14:76:1c:b5:40:2c:63:3f:5a:
23:00:15:04:4c:87:d3:0d:c9:fb:bb:38:8b:37:4e:f0:27:df:
d7:7b:97:5b:8c:1e:d7:02:18:95:d2:bb:d0:79:75:ba:00:b9:
b1:4b:af:c3:a5:2e:9e:47:45:48:c2:00:03:89:5d:a2:4a:2d:
24:fa:24:d6:c6:9c:cd:59:34:9a:96:5b:d9:49:cf:c0:a7:d8:
d6:fb:31:bb:a4:fa:62:8e:55:e9:a9:3f:08:1a:d3:4b:87:da:
08:71:d0:8e:db:8a:3e:5f:0e:b1:11:79:ad:c3:ab:e8:ff:c5:
f8:72:0b:0b:db:f9:3b:90:60:f4:ad:14:eb:c7:54:24:c0:b9:
35:81:63:57:a9:23:f5:be:7f:2d:b8:5c:b3:7a:cf:ef:39:fa:
cd:53:47:b5:ba:93:6e:06:1a:79:aa:9e:6c:37:37:f7:fa:12:
1d:5a:cf:8c:39:d6:91:59:cf:b0:1e:0c:4e:60:61:fd:74:12:
07:c1:c9:e4
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUJCELRjTpR0ocOJmwjeEQ7x4kUIEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDczMWY1OGQ1ZjhhZDM2MGY2OWJlYTQ0N2EwYzdjZDE2Zjk2YTA2NzBkYWM4
ZDdhNDQxNmQxMWU1ZjE3NzIwYmYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOIHZw4+kIBdhUQOqa/9Y5FYMEN3CV7Z4J6iE5+n1hT5wwiVhKnI2DFKP2Ov
OX9y5fGUoUhXIl1a/P7W9HW8Gx3jWirXIbMdhMYykjdpdRleTwUIcs9cogqpp881
PVYv/9LsgXKvmUARHz/Gd2WrZj08UkdTrYFinb0BEO8VcQ4G0cF+cmyqNG5PZ/8R
MG9JSeNFwkfEpoYn58RWz5StDaqrputunsKvWKSsxvPtnZkbaKgUyAu0WrnhDCOS
fI6DP++sFIJjIgbPmmFooC/GlLMZOLJqNg7NbAlmPVEK/rZbgkDXLTds4ANHTUKY
ZkgbN14btnq9gS5Q8+xUvZ/OjGsCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTgHdPD
GcsNN22aOGOGSwFEyss91zAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWQ0ZWE1YTUtNDEwYi00ZmFlLTgwY2EtOTM1OTBmNjdkNDI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjNcMA0G
CSqGSIb3DQEBCwUAA4IBAQB0AafPUSFcR6KBn/UuWhWJKg+izP8KbY5tJW4vwSA3
BnM1eU3g4FfUgGVTIGzhC4yO46xNAvIleLwI4/a3qDIUdhy1QCxjP1ojABUETIfT
Dcn7uziLN07wJ9/Xe5dbjB7XAhiV0rvQeXW6ALmxS6/DpS6eR0VIwgADiV2iSi0k
+iTWxpzNWTSallvZSc/Ap9jW+zG7pPpijlXpqT8IGtNLh9oIcdCO24o+Xw6xEXmt
w6vo/8X4cgsL2/k7kGD0rRTrx1QkwLk1gWNXqSP1vn8tuFyzes/vOfrNU0e1upNu
Bhp5qp5sNzf3+hIdWs+MOdaRWc+wHgxOYGH9dBIHwcnk
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:04 2025 by rpki-client