Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95922c65-906c-414e-8807-a0500d403602.roa
File: 95922c65-906c-414e-8807-a0500d403602.roa (raw, json)
Hash identifier: ciz0kmd8hA5IReNmbV+oRj3w0NkWGbQkFSapVBOOh9c=
Subject key identifier: 10:30:84:53:43:2A:E7:38:6C:5B:E4:33:9C:5B:16:6E:56:FE:B4:C3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3EDEC244EA7F2DDE8691ECF109A3933C9F5F77DC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95922c65-906c-414e-8807-a0500d403602.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.139.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:de:c2:44:ea:7f:2d:de:86:91:ec:f1:09:a3:93:3c:9f:5f:77:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:0a:7c:39:7f:66:df:8e:45:23:36:90:2a:24:
58:1e:82:95:20:4a:a2:9c:50:b0:41:46:30:ca:96:
59:36:90:f9:d0:77:6b:19:d4:97:a7:80:95:72:5c:
43:dd:09:de:40:65:52:1a:42:40:92:4a:20:ee:a4:
c0:87:9d:11:6f:3b:6c:63:5f:73:ca:07:e6:27:b6:
58:da:56:d2:a7:90:f3:76:99:ae:5f:4e:88:ad:1e:
de:c3:9e:39:04:16:0a:64:22:00:db:b2:e8:01:50:
d5:6c:16:68:67:59:4e:cf:70:ed:9e:31:f7:3b:e1:
1d:5c:69:1f:5f:88:27:c4:98:6a:9c:0c:79:7a:01:
5a:e4:49:a0:3f:1b:a8:b5:3d:10:9e:43:7a:8d:7a:
0f:a1:0a:e3:96:4f:f0:3c:95:51:c2:69:19:52:df:
03:2f:d8:8d:83:77:63:63:f3:4d:11:cf:70:9c:7d:
57:d5:66:12:bb:9d:c0:cc:67:8a:a1:1c:e2:ac:c9:
80:f6:dd:5f:46:e9:63:5f:48:55:96:5f:5c:db:54:
92:d0:bf:bf:f1:d7:2d:84:54:4a:e7:f0:ca:4f:31:
f9:1b:da:4f:0b:51:4b:b3:af:29:c4:34:ed:98:c0:
5b:4c:c9:21:24:7c:c0:d2:5c:b6:10:f2:13:29:48:
d3:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:30:84:53:43:2A:E7:38:6C:5B:E4:33:9C:5B:16:6E:56:FE:B4:C3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/95922c65-906c-414e-8807-a0500d403602.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.139.0.0/16
Signature Algorithm: sha256WithRSAEncryption
77:75:cb:be:d9:7e:8f:fd:26:52:11:e9:30:46:69:ff:e7:5e:
63:31:6e:00:d5:f1:d6:76:b2:a7:f0:6d:f0:ff:24:63:62:73:
ee:0d:f5:06:97:1e:f3:fb:4b:a2:ac:42:1a:a2:13:c2:fa:9c:
11:0b:ff:4d:99:ef:f7:94:b3:98:81:be:74:9e:62:04:53:bf:
84:21:a3:2e:61:62:43:38:93:2f:99:a1:38:77:ce:d1:7e:14:
d5:35:ac:3d:70:46:e3:e2:32:12:d3:72:9f:64:3c:35:e4:fa:
e5:26:8d:18:f6:1b:95:94:ae:79:aa:5e:ad:3d:3c:05:40:3e:
14:2a:d3:90:52:1a:b1:51:97:ae:4c:e2:5c:2a:54:b0:36:45:
00:ea:03:1a:63:2b:1b:2e:66:cb:f3:17:88:63:90:13:cc:f1:
ce:aa:25:77:ce:3d:0b:4e:13:82:e4:5d:23:65:16:fc:81:ed:
8b:1d:29:3d:36:29:29:a4:45:cc:70:68:eb:e9:4d:4b:a5:83:
c8:df:e7:03:bf:4f:dc:ee:8f:4c:b2:44:61:08:c5:25:2e:9b:
c7:34:3d:b1:15:ff:e5:5f:9d:fc:cd:e1:47:bb:cc:a6:8f:01:
e6:d3:b3:4f:ed:5e:96:66:48:b4:25:cc:b3:b2:3e:e3:4f:0d:
bd:38:e6:a6
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUPt7CROp/Ld6GkezxCaOTPJ9fd9wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGU2ZDU1NzRiNjM0YThkZDIwNzA5MDYzODQ3YzE0ZWFlNjk5ZjZiZjE5MzVl
MzRkOTZhN2I1ZDBkMzA5ZmRjOGUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN0KfDl/Zt+ORSM2kCokWB6ClSBKopxQsEFGMMqWWTaQ+dB3axnUl6eAlXJc
Q90J3kBlUhpCQJJKIO6kwIedEW87bGNfc8oH5ie2WNpW0qeQ83aZrl9OiK0e3sOe
OQQWCmQiANuy6AFQ1WwWaGdZTs9w7Z4x9zvhHVxpH1+IJ8SYapwMeXoBWuRJoD8b
qLU9EJ5Deo16D6EK45ZP8DyVUcJpGVLfAy/YjYN3Y2PzTRHPcJx9V9VmErudwMxn
iqEc4qzJgPbdX0bpY19IVZZfXNtUktC/v/HXLYRUSufwyk8x+RvaTwtRS7OvKcQ0
7ZjAW0zJISR8wNJcthDyEylI01kCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQQMIRT
QyrnOGxb5DOcWxZuVv60wzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTU5MjJjNjUtOTA2Yy00MTRlLTg4MDctYTA1MDBkNDAzNjAyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOLMA0G
CSqGSIb3DQEBCwUAA4IBAQB3dcu+2X6P/SZSEekwRmn/515jMW4A1fHWdrKn8G3w
/yRjYnPuDfUGlx7z+0uirEIaohPC+pwRC/9Nme/3lLOYgb50nmIEU7+EIaMuYWJD
OJMvmaE4d87RfhTVNaw9cEbj4jIS03KfZDw15PrlJo0Y9huVlK55ql6tPTwFQD4U
KtOQUhqxUZeuTOJcKlSwNkUA6gMaYysbLmbL8xeIY5ATzPHOqiV3zj0LThOC5F0j
ZRb8ge2LHSk9NikppEXMcGjr6U1LpYPI3+cDv0/c7o9MskRhCMUlLpvHND2xFf/l
X538zeFHu8ymjwHm07NP7V6WZki0Jcyzsj7jTw29OOam
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:41:07 2025 by rpki-client