Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5e32ec83-e02b-4454-b463-f3fd39e9df64.roa
File: 5e32ec83-e02b-4454-b463-f3fd39e9df64.roa (raw, json)
Hash identifier: ppOvXEoHMez3VGnlx3z2D4+dXyh7/1D+uTjX2YrIEC8=
Subject key identifier: B7:E2:28:A9:19:10:EB:DF:13:D8:1D:59:B1:52:41:64:A2:DA:A9:34
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B13889884C71F00EB9B6698BF7AF0954EA8BD79
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5e32ec83-e02b-4454-b463-f3fd39e9df64.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.226.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:13:88:98:84:c7:1f:00:eb:9b:66:98:bf:7a:f0:95:4e:a8:bd:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:22:41:a0:a5:36:14:28:e1:37:43:1e:a7:8e:
57:4b:f8:09:fd:a9:c7:1a:09:dc:89:f1:43:06:2c:
0f:11:a1:3c:98:fc:54:8f:2f:9d:65:bc:3c:b9:c5:
af:3c:87:e8:50:de:1e:7b:aa:50:c3:e8:13:68:25:
88:8c:c5:72:86:2c:54:ca:16:16:80:2b:f7:79:5b:
3b:59:03:d5:08:b8:74:5a:dd:3b:f7:32:af:ba:b2:
be:32:06:b2:87:ca:e5:7d:81:36:a2:d6:48:82:53:
08:89:3a:04:6a:c7:77:fd:58:af:79:30:39:1e:7e:
3a:bb:60:86:b0:ce:1f:d2:36:1c:f0:ea:c6:e2:62:
d8:d9:c2:bf:b4:73:e5:0a:3c:20:c2:35:7a:8a:0a:
41:a5:d2:02:2f:44:0c:71:04:88:a6:2f:03:40:49:
62:e4:fd:82:de:6d:30:88:2b:a3:dd:05:3a:5d:f8:
ce:19:a4:a1:67:89:cc:25:26:26:5d:8e:7c:80:bc:
0b:b3:83:1f:f5:32:af:38:7d:9d:08:99:2c:ee:e1:
55:77:e8:07:99:38:9d:27:60:4d:08:16:72:c7:0b:
54:c0:7b:b0:a7:51:85:82:c0:66:75:9d:36:f9:45:
e9:a8:03:98:30:ff:2c:37:d1:13:01:19:8f:e5:ca:
6b:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:E2:28:A9:19:10:EB:DF:13:D8:1D:59:B1:52:41:64:A2:DA:A9:34
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/5e32ec83-e02b-4454-b463-f3fd39e9df64.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.226.0.0/15
Signature Algorithm: sha256WithRSAEncryption
61:1c:71:12:18:03:9f:e1:ec:2b:e2:5b:ca:a5:f0:cc:73:47:
fe:85:8b:5f:58:56:a7:5b:e4:e7:f0:62:c7:52:cb:c0:0a:01:
a7:15:90:31:59:7f:2d:ed:f9:90:48:d8:42:69:87:48:8d:7f:
15:91:46:3f:c3:47:59:87:30:1b:7b:07:ca:42:3c:ca:7d:cd:
62:12:21:54:5c:e5:b7:39:a7:8c:73:0b:c6:a9:c0:cc:96:c7:
ef:13:a5:a0:a3:bc:06:cd:79:9c:77:c9:6f:3b:eb:86:bb:e9:
ac:5c:34:ab:32:bf:b6:eb:0b:cf:1c:d2:d0:82:43:55:16:50:
28:70:fd:5d:81:f2:72:f1:b5:8b:69:93:df:d8:c1:50:da:69:
ec:5c:cf:af:2c:d4:c6:8d:07:11:a3:44:76:8b:24:29:07:67:
ec:8b:37:78:16:e8:96:d1:72:95:68:1d:02:e2:dc:23:47:8e:
4c:86:ae:f3:50:6a:17:d6:8e:97:af:69:35:7e:90:dd:5e:a2:
a3:bf:96:69:6c:98:16:b4:8f:9c:66:98:dd:3c:16:83:75:72:
d8:a7:a8:ad:24:85:06:df:c2:71:e5:79:9f:65:59:b8:5f:84:
0b:8e:5d:9d:c6:e5:94:82:1b:df:bd:44:43:a2:e3:da:05:9b:
a9:cc:fa:5a
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOxOImITHHwDrm2aYv3rwlU6ovXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwODNiMDljNmYwMGU5NzVhYjRmMjBmM2M1NDllY2Q1NTMwNzE0NGUxNjFj
YThkZWNhMzJjYmM4NzBhNWM0MzQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPAiQaClNhQo4TdDHqeOV0v4Cf2pxxoJ3InxQwYsDxGhPJj8VI8vnWW8PLnF
rzyH6FDeHnuqUMPoE2gliIzFcoYsVMoWFoAr93lbO1kD1Qi4dFrdO/cyr7qyvjIG
sofK5X2BNqLWSIJTCIk6BGrHd/1Yr3kwOR5+OrtghrDOH9I2HPDqxuJi2NnCv7Rz
5Qo8IMI1eooKQaXSAi9EDHEEiKYvA0BJYuT9gt5tMIgro90FOl34zhmkoWeJzCUm
Jl2OfIC8C7ODH/Uyrzh9nQiZLO7hVXfoB5k4nSdgTQgWcscLVMB7sKdRhYLAZnWd
NvlF6agDmDD/LDfREwEZj+XKawMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS34iip
GRDr3xPYHVmxUkFkotqpNDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NWUzMmVjODMtZTAyYi00NDU0LWI0NjMtZjNmZDM5ZTlkZjY0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPiMA0G
CSqGSIb3DQEBCwUAA4IBAQBhHHESGAOf4ewr4lvKpfDMc0f+hYtfWFanW+Tn8GLH
UsvACgGnFZAxWX8t7fmQSNhCaYdIjX8VkUY/w0dZhzAbewfKQjzKfc1iEiFUXOW3
OaeMcwvGqcDMlsfvE6Wgo7wGzXmcd8lvO+uGu+msXDSrMr+26wvPHNLQgkNVFlAo
cP1dgfJy8bWLaZPf2MFQ2mnsXM+vLNTGjQcRo0R2iyQpB2fsizd4FuiW0XKVaB0C
4twjR45Mhq7zUGoX1o6Xr2k1fpDdXqKjv5ZpbJgWtI+cZpjdPBaDdXLYp6itJIUG
38Jx5XmfZVm4X4QLjl2dxuWUghvfvURDouPaBZupzPpa
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:46:18 2025 by rpki-client