Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94b06b84-0447-4cc6-8cef-66e65fc52a6c.roa
File: 94b06b84-0447-4cc6-8cef-66e65fc52a6c.roa (raw, json)
Hash identifier: 624MKJRdwC9bBlY0vuN9GKXDShwLd5wS9OxIRG6qXCg=
Subject key identifier: B6:89:67:CF:A6:0A:F3:9C:8A:4B:AA:75:E0:59:21:10:FF:D1:A2:38
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 7F71672296EB48A9E412C995E0F4C6FDD2DE481B
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94b06b84-0447-4cc6-8cef-66e65fc52a6c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.236.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:71:67:22:96:eb:48:a9:e4:12:c9:95:e0:f4:c6:fd:d2:de:48:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:a4:81:f2:2d:9f:db:e8:e4:3e:75:08:03:7c:
a2:d9:80:4c:c4:a6:a6:27:cd:aa:b6:01:21:9f:04:
7e:6f:27:4f:bf:b1:50:52:a3:78:66:bf:7d:dc:13:
45:d3:43:ae:2e:4a:0b:96:1b:f8:47:31:2d:9e:a6:
8b:bb:17:fb:6b:9f:02:5b:f0:c2:eb:4a:52:67:db:
c8:a0:df:7c:80:58:c9:8b:a7:bd:38:a3:42:9b:83:
80:6b:08:ec:f5:d0:b0:f2:4e:6a:7e:38:bd:e6:a5:
38:a1:51:cb:a5:99:00:c9:0b:ab:53:3c:dd:b4:49:
3b:2c:a2:ab:6b:ec:cd:d3:ae:0d:ac:19:5b:92:8c:
db:41:ad:01:55:b0:f9:d3:43:62:ad:b8:b2:6a:e5:
18:21:3c:e1:36:23:bb:27:6e:32:22:0d:0a:43:ae:
84:9b:db:1a:6b:2c:a1:83:43:d1:00:83:c3:d5:6b:
fa:d5:6c:a8:6a:c2:78:b9:ee:da:52:6e:63:42:62:
96:7a:2f:fd:93:29:ed:8f:1c:0a:14:4d:66:a7:73:
3f:7f:bc:73:41:ed:c2:5c:2f:9a:b0:e8:c3:fb:92:
fc:ad:0a:b7:9c:ce:ed:20:03:b6:b2:c9:62:aa:5c:
cb:04:24:6d:50:44:7d:3f:5b:d3:89:d6:c0:59:ce:
81:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:89:67:CF:A6:0A:F3:9C:8A:4B:AA:75:E0:59:21:10:FF:D1:A2:38
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/94b06b84-0447-4cc6-8cef-66e65fc52a6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.236.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5b:5d:47:80:7b:46:2c:c3:d7:ab:7a:9d:8f:1b:29:99:8a:c0:
98:2d:f9:9e:a9:2d:c5:e6:cf:51:fc:bc:bf:3d:ce:fc:48:a0:
b4:be:23:1c:3d:ec:6e:78:53:9c:17:79:22:c4:39:c8:09:8b:
77:ac:f1:17:b7:fd:5f:e7:38:28:21:19:5d:8b:07:2c:1f:37:
93:23:72:76:10:0f:e1:df:85:8a:a9:d1:fc:d2:1c:67:22:43:
81:7f:af:d8:f0:ec:36:72:1a:07:d3:5b:b5:df:7f:83:68:3c:
91:e5:3d:5c:59:d5:f2:e1:2c:98:fc:3e:e7:33:7d:be:40:b3:
55:de:b5:7a:00:53:b3:48:fa:e9:a1:cd:33:f5:1b:d4:32:1c:
8a:e1:be:58:26:43:8c:7c:6d:65:63:2d:62:95:16:3b:51:1b:
75:5f:50:66:63:12:77:81:34:6c:1e:c6:8e:67:7d:df:61:09:
2e:51:5a:00:7c:ad:13:4a:e5:a6:70:37:20:3b:95:70:b9:ed:
80:2a:c5:31:e0:e0:ea:64:fe:fb:02:ff:a7:ec:18:65:51:5f:
8c:16:f5:a1:71:7f:47:10:f7:da:0a:3e:5c:4f:87:c1:c9:2f:
9f:4c:f9:61:2f:fd:01:50:d1:c8:14:a1:e6:15:07:02:2b:42:
db:d0:e7:f7
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUf3FnIpbrSKnkEsmV4PTG/dLeSBswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDFkZWVkOWI4ZmZhYmVjNDJjOGE5OTRkNWJkOWE0NTM4NzI1ZDhlNmQ4ZmM4
NDlhODNmZDIxMTk3YjljZTEwNGExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCkgfItn9vo5D51CAN8otmATMSmpifNqrYBIZ8Efm8nT7+xUFKjeGa/fdwT
RdNDri5KC5Yb+EcxLZ6mi7sX+2ufAlvwwutKUmfbyKDffIBYyYunvTijQpuDgGsI
7PXQsPJOan44vealOKFRy6WZAMkLq1M83bRJOyyiq2vszdOuDawZW5KM20GtAVWw
+dNDYq24smrlGCE84TYjuyduMiINCkOuhJvbGmssoYND0QCDw9Vr+tVsqGrCeLnu
2lJuY0Jilnov/ZMp7Y8cChRNZqdzP3+8c0HtwlwvmrDow/uS/K0Kt5zO7SADtrLJ
YqpcywQkbVBEfT9b04nWwFnOgT8CAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS2iWfP
pgrznIpLqnXgWSEQ/9GiODAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTRiMDZiODQtMDQ0Ny00Y2M2LThjZWYtNjZlNjVmYzUyYTZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPsMA0G
CSqGSIb3DQEBCwUAA4IBAQBbXUeAe0Ysw9erep2PGymZisCYLfmeqS3F5s9R/Ly/
Pc78SKC0viMcPexueFOcF3kixDnICYt3rPEXt/1f5zgoIRldiwcsHzeTI3J2EA/h
34WKqdH80hxnIkOBf6/Y8Ow2choH01u133+DaDyR5T1cWdXy4SyY/D7nM32+QLNV
3rV6AFOzSPrpoc0z9RvUMhyK4b5YJkOMfG1lYy1ilRY7URt1X1BmYxJ3gTRsHsaO
Z33fYQkuUVoAfK0TSuWmcDcgO5Vwue2AKsUx4ODqZP77Av+n7BhlUV+MFvWhcX9H
EPfaCj5cT4fByS+fTPlhL/0BUNHIFKHmFQcCK0Lb0Of3
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:32:51 2025 by rpki-client