Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60e56074-ddab-4ffc-a1d4-b7fd9edbfc5e.roa
File: 60e56074-ddab-4ffc-a1d4-b7fd9edbfc5e.roa (raw, json)
Hash identifier: sI2SdnqiAP9ph2oINuwve5wpx4CklFiTrZIiUiO0PzY=
Subject key identifier: DC:23:B7:E2:20:CE:64:B7:45:25:E1:BE:39:37:BD:DD:0A:B8:01:09
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 41AA279AD0F1743A9DAE65B9255BCF0343D6FF68
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60e56074-ddab-4ffc-a1d4-b7fd9edbfc5e.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.118.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:aa:27:9a:d0:f1:74:3a:9d:ae:65:b9:25:5b:cf:03:43:d6:ff:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e9:8b:2b:54:c5:f6:8b:06:30:6b:e6:4a:72:
80:7b:28:dc:a9:ee:10:90:7a:51:f4:5f:c1:a3:c0:
dc:65:79:e7:9d:7a:c9:33:9c:9d:d6:0d:10:7f:b8:
06:fb:9a:41:37:a1:d0:85:7d:63:e5:24:38:af:9f:
bd:ac:a4:74:3b:50:cc:db:c1:a3:47:4b:44:2c:29:
22:c6:93:37:7c:5d:e8:4a:0f:f6:e6:15:0d:22:ef:
a9:4e:a4:50:b1:b4:74:78:b2:c0:96:57:d1:57:46:
5c:3e:6b:2c:18:38:48:3f:57:e8:2f:7d:aa:36:45:
58:b4:f8:81:ff:c0:4a:cc:5f:93:77:4b:ba:d7:cd:
d9:83:43:aa:e5:6a:8e:bf:70:db:29:bb:8e:57:6b:
e6:39:69:ec:3a:20:25:98:1c:ff:61:e7:9a:cb:ff:
77:af:9f:6b:45:17:68:68:04:dc:cd:cd:5e:0a:38:
fa:0d:c9:7b:99:21:43:72:ae:15:e4:03:28:8c:6b:
f8:a9:8e:c8:0b:c4:96:86:42:4e:cf:ea:83:16:ae:
61:a1:1b:f4:db:2b:37:24:08:30:33:76:cc:85:d4:
10:22:56:f7:19:a5:21:03:a2:93:47:fc:65:04:fc:
7a:6b:83:2d:61:f3:7d:3c:26:ab:82:a7:71:4a:60:
89:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:23:B7:E2:20:CE:64:B7:45:25:E1:BE:39:37:BD:DD:0A:B8:01:09
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/60e56074-ddab-4ffc-a1d4-b7fd9edbfc5e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.118.0.0/15
Signature Algorithm: sha256WithRSAEncryption
96:a5:29:36:55:a2:2a:d9:a3:85:8a:0c:6f:be:04:a1:b5:cc:
ba:1e:ff:83:34:56:96:c6:da:45:98:6b:75:85:1e:6b:2f:bf:
f1:54:5a:23:b0:13:b6:43:db:77:c4:c1:04:34:75:36:a4:67:
8a:b9:b9:b7:ae:ef:da:69:4b:ed:61:02:22:1a:a8:1c:ac:dd:
6b:36:be:1c:3f:88:65:62:76:1f:12:e3:4b:65:ee:4e:07:9e:
bc:f8:ed:90:f8:e3:28:c0:b8:1f:f7:1e:1c:ba:1c:4d:93:65:
ec:e3:ca:59:a5:6f:d2:57:e1:25:32:60:ed:4d:09:80:1c:2a:
52:07:12:b7:b1:2a:dd:ed:7f:3f:4b:72:a0:06:0b:eb:ee:74:
0a:30:5f:87:35:7a:4b:3f:4f:be:c6:36:5e:a1:83:fb:9e:fc:
59:79:19:a9:97:d1:e4:f9:73:67:19:4e:b9:a5:c4:99:9f:2d:
16:8b:54:df:fe:bc:f9:fa:a7:3f:99:d4:2a:af:d7:3c:ed:22:
16:86:37:4c:a4:3a:2b:73:4a:0d:0b:50:c5:cc:51:c9:be:69:
a5:88:9a:66:3f:0c:a1:e0:c9:1a:08:f0:fb:77:bc:7a:3c:a9:
c5:fe:01:27:6b:ac:3d:7e:1b:c5:27:64:95:1f:48:5a:16:f2:
df:27:fe:07
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQaonmtDxdDqdrmW5JVvPA0PW/2gwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDM3OGU1NTRiOGM5NTVhMzI4ZWZhYTYxYzkxZWI2NTU4OGY5YmU3NzhiNTQ1
Y2Q5N2U4YzMxNGVlYmZjNTY4ZWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALPpiytUxfaLBjBr5kpygHso3KnuEJB6UfRfwaPA3GV55516yTOcndYNEH+4
BvuaQTeh0IV9Y+UkOK+fvaykdDtQzNvBo0dLRCwpIsaTN3xd6EoP9uYVDSLvqU6k
ULG0dHiywJZX0VdGXD5rLBg4SD9X6C99qjZFWLT4gf/ASsxfk3dLutfN2YNDquVq
jr9w2ym7jldr5jlp7DogJZgc/2Hnmsv/d6+fa0UXaGgE3M3NXgo4+g3Je5khQ3Ku
FeQDKIxr+KmOyAvEloZCTs/qgxauYaEb9NsrNyQIMDN2zIXUECJW9xmlIQOik0f8
ZQT8emuDLWHzfTwmq4KncUpgiU0CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTcI7fi
IM5kt0Ul4b45N73dCrgBCTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NjBlNTYwNzQtZGRhYi00ZmZjLWExZDQtYjdmZDllZGJmYzVlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATN2MA0G
CSqGSIb3DQEBCwUAA4IBAQCWpSk2VaIq2aOFigxvvgShtcy6Hv+DNFaWxtpFmGt1
hR5rL7/xVFojsBO2Q9t3xMEENHU2pGeKubm3ru/aaUvtYQIiGqgcrN1rNr4cP4hl
YnYfEuNLZe5OB568+O2Q+OMowLgf9x4cuhxNk2Xs48pZpW/SV+ElMmDtTQmAHCpS
BxK3sSrd7X8/S3KgBgvr7nQKMF+HNXpLP0++xjZeoYP7nvxZeRmpl9Hk+XNnGU65
pcSZny0Wi1Tf/rz5+qc/mdQqr9c87SIWhjdMpDorc0oNC1DFzFHJvmmliJpmPwyh
4MkaCPD7d7x6PKnF/gEna6w9fhvFJ2SVH0haFvLfJ/4H
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:34 2025 by rpki-client