Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f2042b6-daa0-4132-a2fa-da355c9bd0c8.roa
File: 6f2042b6-daa0-4132-a2fa-da355c9bd0c8.roa (raw, json)
Hash identifier: +OQyd7sVJu6HRM6WM0HpJ/qZ7tXRvEZL8BYrfXLJYqs=
Subject key identifier: C5:AB:4C:7A:8B:75:2D:CD:6C:83:AB:8F:7B:AA:2B:5E:8D:07:46:2C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 38AA9E0AF71FBEB314874BFCF8F659E55B9E5399
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f2042b6-daa0-4132-a2fa-da355c9bd0c8.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.92.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:aa:9e:0a:f7:1f:be:b3:14:87:4b:fc:f8:f6:59:e5:5b:9e:53:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:b7:7d:05:0b:48:0a:48:c1:b1:c6:6d:be:1a:
15:da:a5:0b:ac:ba:7a:f2:a3:e7:97:a9:6e:a2:33:
c1:27:9b:2f:75:1c:4c:ea:43:66:66:8c:e1:02:45:
bb:f1:c8:1c:71:8c:b8:b0:e0:ee:2d:71:43:a5:04:
e3:da:72:9d:61:57:78:eb:0f:94:bd:2e:29:bb:a1:
b1:07:c7:cc:2c:9a:c0:d1:38:24:11:67:ef:3c:b2:
ac:13:bb:f5:08:b2:54:42:05:d0:24:b1:33:a7:a5:
b9:ea:fd:2d:a9:2b:f6:f3:d2:ec:05:0d:93:de:96:
5f:f1:56:3f:3d:c6:7e:71:81:cc:36:cf:4e:bb:e3:
05:cf:18:5a:0a:6e:07:ac:8f:59:ab:72:02:df:bd:
ba:68:29:3f:00:a8:ca:6d:5c:d0:d7:11:f1:85:cf:
cb:f1:8a:60:6a:24:e1:bc:6e:a0:bb:45:92:bc:55:
4e:de:d4:f9:19:56:32:c7:17:da:41:bd:bc:d5:8a:
5b:17:e0:e0:34:b6:1c:20:e6:42:46:47:c8:cd:aa:
65:fa:4f:c1:11:15:9a:eb:50:99:cf:e5:cd:f8:d5:
10:e8:16:8d:5a:d4:0f:26:46:fc:f4:b0:3a:e5:72:
e6:46:39:e2:33:16:81:a8:c8:75:f6:88:80:bd:c1:
8f:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:AB:4C:7A:8B:75:2D:CD:6C:83:AB:8F:7B:AA:2B:5E:8D:07:46:2C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/6f2042b6-daa0-4132-a2fa-da355c9bd0c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.92.0.0/16
Signature Algorithm: sha256WithRSAEncryption
9b:68:04:ce:83:82:9d:7e:18:9b:10:1e:34:22:a6:23:bd:d1:
27:83:26:c1:eb:4a:45:d0:cb:bd:02:4e:12:56:1a:12:1d:5a:
00:84:a1:3d:87:99:3f:8c:95:a3:d8:f8:27:ee:87:3c:ec:c5:
8b:e1:c1:4d:ac:be:a6:dd:95:31:1c:24:8c:96:91:65:fe:2a:
1a:7d:91:d2:fb:50:3a:24:91:1b:09:3c:67:c1:88:f8:3e:0c:
33:4c:11:1a:59:5e:69:30:e8:b2:9c:14:20:58:d2:7f:40:0b:
f7:e4:04:3d:35:5f:c4:d8:88:44:a8:3b:8f:6b:77:53:5a:ac:
91:29:1c:ba:ca:38:9a:7f:dc:1d:6e:c8:2e:78:26:d4:54:19:
2a:c5:38:c1:03:e5:d4:36:c8:b5:cb:90:43:08:ab:57:ab:e3:
4f:3f:71:b0:ed:0d:82:ea:09:31:93:14:06:db:78:48:3e:18:
43:89:83:c4:5f:35:2e:65:1f:f9:c4:fe:cf:80:ef:c4:d4:71:
fa:67:d5:0b:dd:cc:41:15:0d:7b:d0:9f:7c:83:eb:26:01:12:
73:f7:cc:99:cc:27:7c:4c:6c:5f:54:cc:05:ae:59:d8:ec:0c:
e9:96:22:f5:f6:16:28:de:e1:e9:39:56:53:66:db:6a:9a:fd:
02:1b:23:bf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUOKqeCvcfvrMUh0v8+PZZ5VueU5kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgxNThjODI0YjEyMThiYTIzMWU4ODcwOTBiMzg4Mjg3NWQ5YmE3MTA4OThl
OTlhYTc1ZTZmMzhkODI4OWY2ZGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMe3fQULSApIwbHGbb4aFdqlC6y6evKj55epbqIzwSebL3UcTOpDZmaM4QJF
u/HIHHGMuLDg7i1xQ6UE49pynWFXeOsPlL0uKbuhsQfHzCyawNE4JBFn7zyyrBO7
9QiyVEIF0CSxM6eluer9Lakr9vPS7AUNk96WX/FWPz3GfnGBzDbPTrvjBc8YWgpu
B6yPWatyAt+9umgpPwCoym1c0NcR8YXPy/GKYGok4bxuoLtFkrxVTt7U+RlWMscX
2kG9vNWKWxfg4DS2HCDmQkZHyM2qZfpPwREVmutQmc/lzfjVEOgWjVrUDyZG/PSw
OuVy5kY54jMWgajIdfaIgL3Bj7kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTFq0x6
i3UtzWyDq497qitejQdGLDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NmYyMDQyYjYtZGFhMC00MTMyLWEyZmEtZGEzNTVjOWJkMGM4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNcMA0G
CSqGSIb3DQEBCwUAA4IBAQCbaATOg4KdfhibEB40IqYjvdEngybB60pF0Mu9Ak4S
VhoSHVoAhKE9h5k/jJWj2Pgn7oc87MWL4cFNrL6m3ZUxHCSMlpFl/ioafZHS+1A6
JJEbCTxnwYj4PgwzTBEaWV5pMOiynBQgWNJ/QAv35AQ9NV/E2IhEqDuPa3dTWqyR
KRy6yjiaf9wdbsgueCbUVBkqxTjBA+XUNsi1y5BDCKtXq+NPP3Gw7Q2C6gkxkxQG
23hIPhhDiYPEXzUuZR/5xP7PgO/E1HH6Z9UL3cxBFQ170J98g+smARJz98yZzCd8
TGxfVMwFrlnY7AzpliL19hYo3uHpOVZTZttqmv0CGyO/
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:07:20 2025 by rpki-client