Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e551851-bfdb-4c50-93aa-d4c75481b843.roa
File: 8e551851-bfdb-4c50-93aa-d4c75481b843.roa (raw, json)
Hash identifier: viXjXnv8pI0kZhUMfWEU+0Dyq6byD1DdR0IwSoUcT2M=
Subject key identifier: 06:7F:46:AB:7B:FD:B0:BF:F1:82:09:A5:4C:A5:07:BD:05:45:2A:3B
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7E1B24C78209A0F6735C47B0FA2AF3796B55AA65
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e551851-bfdb-4c50-93aa-d4c75481b843.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.117.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:1b:24:c7:82:09:a0:f6:73:5c:47:b0:fa:2a:f3:79:6b:55:aa:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:81:65:14:ff:02:b5:c9:be:eb:58:33:ea:4a:
aa:73:40:f0:95:06:1a:a9:b1:b9:ae:b8:31:7a:90:
50:2a:97:76:46:eb:5e:55:4f:4f:d2:38:c5:26:ed:
d4:96:19:e1:ef:60:21:13:0e:74:4d:59:4d:58:f9:
e5:4c:5d:5f:3a:29:c0:1d:41:22:14:e5:c2:21:5c:
77:5e:66:7b:39:1e:ee:33:a3:be:10:b3:bd:2c:58:
18:e5:a0:14:0e:6e:6b:e6:eb:f0:8a:9f:dc:26:78:
f0:0f:a6:f1:8d:c8:0c:54:cf:00:ea:be:ca:b4:b5:
b2:df:f4:ab:9a:a2:7f:54:f1:5c:68:f0:9c:67:46:
9e:be:1d:e1:ce:2f:b8:00:f4:8c:78:50:1d:46:c4:
6e:bc:8f:20:5c:30:1d:e8:a4:59:aa:ce:58:fb:dc:
01:b6:65:32:09:39:b5:07:88:1a:df:80:79:92:e4:
85:67:0d:66:80:ee:27:d2:dc:98:59:8c:5d:94:7d:
9d:10:3d:80:98:b0:23:8c:1a:0a:af:44:72:b3:d1:
dd:53:0b:d1:c6:6e:5c:cb:85:73:8d:f7:46:0d:39:
af:e3:04:8a:ab:94:66:6d:3a:68:17:2f:5e:b4:0a:
a7:7e:3f:0a:8e:1e:92:15:c9:b5:f5:b2:c8:2d:93:
a5:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:7F:46:AB:7B:FD:B0:BF:F1:82:09:A5:4C:A5:07:BD:05:45:2A:3B
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/8e551851-bfdb-4c50-93aa-d4c75481b843.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.117.0.0/16
Signature Algorithm: sha256WithRSAEncryption
14:eb:d7:6f:67:87:8a:55:d5:2d:42:4d:69:5a:2a:12:21:e7:
6e:8b:f9:05:db:3b:ee:a0:4c:0b:36:71:0d:bc:23:85:36:81:
34:53:fb:18:35:0f:58:e2:82:ec:9a:89:a3:05:c8:03:0d:1d:
7c:13:55:f9:e5:91:a4:1a:f1:c3:b2:1b:e7:33:b7:38:3a:39:
80:be:3f:f9:b9:c1:98:a4:a6:a1:67:97:7d:26:07:79:2b:b5:
02:e5:01:a3:75:8b:b1:68:d0:7e:90:45:f5:21:a2:a6:7e:0c:
86:a1:3d:a9:2c:4c:ba:58:92:61:bd:7d:8b:2c:71:ad:a8:bf:
f9:a2:c6:c0:ba:9e:78:94:c3:20:bd:2e:99:12:3f:ed:1f:a1:
4b:3c:0f:89:0c:fc:6e:3b:8d:08:89:f2:10:29:09:92:7e:af:
ff:02:39:8d:17:31:02:bd:3c:02:14:7b:ce:ce:c3:11:65:ca:
b6:fe:52:42:5a:6f:7b:50:94:d9:0a:89:9c:2d:39:5d:8a:d7:
3a:0c:30:55:20:17:ce:db:e1:5a:35:c4:a0:5b:64:17:9b:4f:
28:40:e8:9e:88:8f:f9:15:af:5d:70:9a:c1:22:83:a0:86:2a:
6e:98:35:b1:19:0a:87:5a:a4:1a:8b:3a:d6:8a:cb:de:a5:43:
de:cb:f6:28
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUfhskx4IJoPZzXEew+irzeWtVqmUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQxZmQ4YzNhN2MzNWFlMTI4NDU1Y2Y1ZjIyNjRiMThjZmUzM2VlOThjZDQ5
MGVlOWRiOTk2Y2U1OTg4MjdlNzgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK+BZRT/ArXJvutYM+pKqnNA8JUGGqmxua64MXqQUCqXdkbrXlVPT9I4xSbt
1JYZ4e9gIRMOdE1ZTVj55UxdXzopwB1BIhTlwiFcd15mezke7jOjvhCzvSxYGOWg
FA5ua+br8Iqf3CZ48A+m8Y3IDFTPAOq+yrS1st/0q5qif1TxXGjwnGdGnr4d4c4v
uAD0jHhQHUbEbryPIFwwHeikWarOWPvcAbZlMgk5tQeIGt+AeZLkhWcNZoDuJ9Lc
mFmMXZR9nRA9gJiwI4waCq9EcrPR3VML0cZuXMuFc433Rg05r+MEiquUZm06aBcv
XrQKp34/Co4ekhXJtfWyyC2TpScCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQGf0ar
e/2wv/GCCaVMpQe9BUUqOzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OGU1NTE4NTEtYmZkYi00YzUwLTkzYWEtZDRjNzU0ODFiODQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADN1MA0G
CSqGSIb3DQEBCwUAA4IBAQAU69dvZ4eKVdUtQk1pWioSIedui/kF2zvuoEwLNnEN
vCOFNoE0U/sYNQ9Y4oLsmomjBcgDDR18E1X55ZGkGvHDshvnM7c4OjmAvj/5ucGY
pKahZ5d9Jgd5K7UC5QGjdYuxaNB+kEX1IaKmfgyGoT2pLEy6WJJhvX2LLHGtqL/5
osbAup54lMMgvS6ZEj/tH6FLPA+JDPxuO40IifIQKQmSfq//AjmNFzECvTwCFHvO
zsMRZcq2/lJCWm97UJTZComcLTlditc6DDBVIBfO2+FaNcSgW2QXm08oQOieiI/5
Fa9dcJrBIoOghipumDWxGQqHWqQaizrWisvepUPey/Yo
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:49:25 2025 by rpki-client