Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79ac9682-f38d-4a27-a674-6ffa67d15d1f.roa
File: 79ac9682-f38d-4a27-a674-6ffa67d15d1f.roa (raw, json)
Hash identifier: fUafnv2g3/tLMdSj9p99u3io0HqpG5zaNjtMAJuPNFI=
Subject key identifier: 37:09:79:69:3F:12:A8:F8:B0:AD:2C:28:A6:C1:1B:1B:26:BE:A9:7C
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A95426EB70BB72CD7EB218559BC0D0D36801AE3
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79ac9682-f38d-4a27-a674-6ffa67d15d1f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.184.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:95:42:6e:b7:0b:b7:2c:d7:eb:21:85:59:bc:0d:0d:36:80:1a:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:38:24:70:de:91:1c:15:e3:4f:70:77:3c:ab:
38:3a:af:b8:a2:8a:90:f7:fb:1c:3f:4d:e0:0f:8b:
be:bc:58:78:cc:29:c9:ef:48:95:5c:cc:3d:a1:50:
97:62:db:a3:7c:39:91:a7:0c:7a:0a:88:52:ac:c4:
a5:b0:f0:23:6a:bb:55:63:5f:e6:e0:0a:27:cb:3c:
23:d6:2f:03:e6:e6:23:85:41:fe:90:5a:30:34:cd:
bf:d3:99:15:9a:7f:f0:ce:e1:5e:d2:85:c9:ab:1d:
5a:1d:75:49:9d:d2:99:92:df:3d:0e:8f:9e:d1:60:
c4:79:21:29:ec:3b:05:be:b5:0f:a7:99:b5:49:35:
19:de:74:6b:7b:22:90:bb:c8:f8:93:80:38:5e:ef:
56:7a:ae:43:2f:9f:2e:a5:c5:7e:b1:0b:52:5b:a4:
7e:e7:82:2d:25:bd:74:f9:e2:20:74:c3:a0:a0:3c:
b3:d1:05:4e:26:cf:fd:57:1b:cf:d9:80:05:3c:18:
2e:55:aa:da:77:68:bc:8d:f0:9f:5e:30:d1:17:17:
5c:9f:66:68:b7:64:37:76:d5:34:4c:d9:13:44:70:
f4:3d:05:97:45:94:05:12:03:28:f6:6c:16:38:bc:
2f:1a:e3:18:d9:1e:b1:4e:08:42:64:e1:e5:43:5e:
fe:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:09:79:69:3F:12:A8:F8:B0:AD:2C:28:A6:C1:1B:1B:26:BE:A9:7C
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/79ac9682-f38d-4a27-a674-6ffa67d15d1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.184.0.0/15
Signature Algorithm: sha256WithRSAEncryption
2f:ce:d4:36:25:f7:30:13:23:93:e1:bb:62:06:c1:0a:dd:24:
d2:39:a5:52:f0:67:43:e0:f3:4d:71:68:2a:8e:d6:b6:c4:57:
32:5f:91:71:be:2c:b6:90:ce:97:a3:ff:5c:c0:12:37:c5:50:
8a:dd:95:12:c0:3f:ef:96:e3:4c:78:2b:3f:ee:55:a4:99:2d:
c8:20:1d:78:92:d0:06:6c:df:e1:62:cf:a7:e0:5d:0d:e7:2e:
4e:f5:7f:f0:09:04:4e:e5:6b:71:6e:39:90:2b:1d:13:71:dc:
5f:58:02:84:b5:7d:e3:3b:74:92:93:1d:4d:6a:ce:08:0b:5f:
75:5a:d2:98:0a:dd:3f:8f:9f:b9:3a:c1:5e:6e:f5:26:26:70:
a1:0d:7a:80:2c:dc:d2:a2:21:83:bb:50:c1:66:68:e8:4e:6e:
60:ff:34:d4:21:38:1c:ec:e8:b6:c6:a7:34:f2:97:ed:44:65:
c4:50:b2:91:7c:a3:82:05:e5:f1:ac:d1:5f:a0:ef:a9:eb:2b:
81:16:97:ef:8d:fb:e7:b6:53:97:8e:b6:da:a1:2a:ca:77:0c:
0e:d3:50:c7:65:f5:4b:f5:6a:d4:86:26:4f:ff:a6:51:c2:f8:
3d:5e:aa:d6:4c:29:59:03:4a:a1:20:4f:7e:ae:ab:27:19:b9:
96:9d:5f:27
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUKpVCbrcLtyzX6yGFWbwNDTaAGuMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDllZTQ1M2NlNGUyNTU3NWZiMTA1N2UwN2M5MTgxY2FiNDA1MDk0NTFjOWJh
YWZjY2U0ZjI5ZWYwZjU0ZjM0ODkxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN84JHDekRwV409wdzyrODqvuKKKkPf7HD9N4A+LvrxYeMwpye9IlVzMPaFQ
l2Lbo3w5kacMegqIUqzEpbDwI2q7VWNf5uAKJ8s8I9YvA+bmI4VB/pBaMDTNv9OZ
FZp/8M7hXtKFyasdWh11SZ3SmZLfPQ6PntFgxHkhKew7Bb61D6eZtUk1Gd50a3si
kLvI+JOAOF7vVnquQy+fLqXFfrELUlukfueCLSW9dPniIHTDoKA8s9EFTibP/Vcb
z9mABTwYLlWq2ndovI3wn14w0RcXXJ9maLdkN3bVNEzZE0Rw9D0Fl0WUBRIDKPZs
Fji8LxrjGNkesU4IQmTh5UNe/gcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQ3CXlp
PxKo+LCtLCimwRsbJr6pfDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
NzlhYzk2ODItZjM4ZC00YTI3LWE2NzQtNmZmYTY3ZDE1ZDFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATO4MA0G
CSqGSIb3DQEBCwUAA4IBAQAvztQ2JfcwEyOT4btiBsEK3STSOaVS8GdD4PNNcWgq
jta2xFcyX5Fxviy2kM6Xo/9cwBI3xVCK3ZUSwD/vluNMeCs/7lWkmS3IIB14ktAG
bN/hYs+n4F0N5y5O9X/wCQRO5WtxbjmQKx0TcdxfWAKEtX3jO3SSkx1Nas4IC191
WtKYCt0/j5+5OsFebvUmJnChDXqALNzSoiGDu1DBZmjoTm5g/zTUITgc7Oi2xqc0
8pftRGXEULKRfKOCBeXxrNFfoO+p6yuBFpfvjfvntlOXjrbaoSrKdwwO01DHZfVL
9WrUhiZP/6ZRwvg9XqrWTClZA0qhIE9+rqsnGbmWnV8n
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:43 2025 by rpki-client