Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8df5aab7-a216-44a9-8516-a0faa3f4bf05.roa
File: 8df5aab7-a216-44a9-8516-a0faa3f4bf05.roa (raw, json)
Hash identifier: DNDhZGO9L4WeOSOS1akshZj9wHRACtrRcE8FRA0hgh8=
Subject key identifier: B4:3E:BB:5E:1E:27:AA:A6:81:73:F2:44:61:57:71:F1:FA:D0:B3:6F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7670D089566960E369E77D20B8A53667BCE07593
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8df5aab7-a216-44a9-8516-a0faa3f4bf05.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.192.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:70:d0:89:56:69:60:e3:69:e7:7d:20:b8:a5:36:67:bc:e0:75:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:46:a7:34:90:29:0a:b8:b1:13:77:55:4a:a0:
28:81:43:d3:f6:c8:ed:56:27:45:e3:bc:0a:7a:7f:
6b:75:26:73:8d:8a:71:e3:35:7f:83:32:d3:eb:e2:
68:64:7c:33:89:0e:35:47:d4:9f:a5:41:e9:14:57:
e6:82:f4:29:4d:e4:3f:2d:30:d0:9f:f2:c0:9d:e3:
42:5d:f5:8b:9a:36:06:2c:3e:3d:c5:1d:41:4b:b4:
7b:7d:4f:b2:fa:fa:a8:82:ca:b6:96:6e:95:b0:8c:
5e:c4:6a:18:fc:16:9b:91:27:eb:67:e6:82:a6:c4:
d9:2b:7b:2c:ef:bf:77:77:3e:9b:1d:78:59:9a:f0:
99:6e:57:0d:f1:8d:76:3d:61:e3:8d:93:8b:5e:af:
d7:80:f7:73:3d:01:92:93:df:e7:f2:a8:2c:1d:9b:
04:ee:11:c1:ad:20:26:4c:ba:dd:5a:80:84:ea:31:
08:20:3f:8a:11:68:2c:58:f8:83:82:22:15:db:a7:
8d:af:0b:f9:f9:e0:d0:5c:d8:23:65:d9:27:d6:5f:
82:de:c0:cc:84:9b:ce:7f:52:fc:a1:db:80:06:ce:
e5:1e:90:a2:d9:a1:56:d7:70:4a:c0:79:70:e2:ba:
e7:fc:07:40:e5:f4:73:6b:2c:1a:3c:c8:83:49:c2:
32:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:3E:BB:5E:1E:27:AA:A6:81:73:F2:44:61:57:71:F1:FA:D0:B3:6F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8df5aab7-a216-44a9-8516-a0faa3f4bf05.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.192.0.0/15
Signature Algorithm: sha256WithRSAEncryption
10:ff:3e:f1:a3:53:c5:06:22:d0:9d:be:38:fd:bf:37:ba:ec:
76:24:bb:f7:f9:28:44:55:50:05:66:0a:f1:69:85:66:9f:a4:
68:24:bc:8e:4a:a1:e1:d4:5d:e4:f2:b9:bf:20:72:cf:18:ce:
d7:81:6f:fa:7b:d1:ff:80:9f:7d:2f:b4:c8:8a:2d:ab:f9:48:
72:82:e1:7b:69:6f:7f:37:52:4e:cb:fd:71:b2:62:66:d2:84:
9d:ef:7c:12:bc:81:31:44:aa:30:b5:69:ac:92:04:93:20:6d:
90:11:9f:0b:eb:2d:c3:6e:e8:52:77:6c:27:f5:44:dd:cc:da:
d9:2c:a1:00:cd:e5:84:ef:ff:c0:7f:a0:76:c0:77:91:18:4d:
a2:e7:2c:91:3e:19:d6:8e:74:28:ed:1e:bb:b4:1c:a8:a1:d8:
bb:26:1b:fe:ba:3d:de:39:5f:d6:c8:6d:14:b5:84:c1:a2:cb:
78:e1:3a:6b:77:ed:5a:a0:dc:f9:b2:9b:71:30:83:4c:0a:36:
53:72:44:44:35:6c:53:dd:f1:04:a1:2c:24:c0:49:fe:c5:fd:
2d:ad:d6:21:b1:58:57:3b:84:88:24:4e:71:03:0c:4e:67:6c:
5e:5a:99:8c:5d:76:19:d1:7f:94:62:e0:04:04:5b:fb:df:bd:
f7:74:ce:66
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUdnDQiVZpYONp530guKU2Z7zgdZMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2MzY5OGY0YjRjMTY3MThlNTRkNGFhODY0ZGVkMjI2MGRiN2NhYzkwZDBk
NGE1NGQxYzcwM2I0OGJlMjEwMjUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKJGpzSQKQq4sRN3VUqgKIFD0/bI7VYnReO8Cnp/a3Umc42KceM1f4My0+vi
aGR8M4kONUfUn6VB6RRX5oL0KU3kPy0w0J/ywJ3jQl31i5o2Biw+PcUdQUu0e31P
svr6qILKtpZulbCMXsRqGPwWm5En62fmgqbE2St7LO+/d3c+mx14WZrwmW5XDfGN
dj1h442Ti16v14D3cz0BkpPf5/KoLB2bBO4Rwa0gJky63VqAhOoxCCA/ihFoLFj4
g4IiFdunja8L+fng0FzYI2XZJ9Zfgt7AzISbzn9S/KHbgAbO5R6QotmhVtdwSsB5
cOK65/wHQOX0c2ssGjzIg0nCMsUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS0Prte
HieqpoFz8kRhV3Hx+tCzbzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGRmNWFhYjctYTIxNi00NGE5LTg1MTYtYTBmYWEzZjRiZjA1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPAMA0G
CSqGSIb3DQEBCwUAA4IBAQAQ/z7xo1PFBiLQnb44/b83uux2JLv3+ShEVVAFZgrx
aYVmn6RoJLyOSqHh1F3k8rm/IHLPGM7XgW/6e9H/gJ99L7TIii2r+UhyguF7aW9/
N1JOy/1xsmJm0oSd73wSvIExRKowtWmskgSTIG2QEZ8L6y3DbuhSd2wn9UTdzNrZ
LKEAzeWE7//Af6B2wHeRGE2i5yyRPhnWjnQo7R67tByoodi7Jhv+uj3eOV/WyG0U
tYTBost44Tprd+1aoNz5sptxMINMCjZTckRENWxT3fEEoSwkwEn+xf0trdYhsVhX
O4SIJE5xAwxOZ2xeWpmMXXYZ0X+UYuAEBFv73733dM5m
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:12 2025 by rpki-client