Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97a9749c-f933-42d6-a093-7bf3a4de27a5.roa
File: 97a9749c-f933-42d6-a093-7bf3a4de27a5.roa (raw, json)
Hash identifier: z3fXmwz6GZY7lK+a/LNQxvPux/2pcp0ee3XuuNsejzs=
Subject key identifier: 75:3D:1B:80:EF:05:CA:50:A5:C7:CA:4C:CC:2B:4C:ED:9A:3F:E4:5F
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 03EED7A12BB8895C2D898F1004FC61B5DD7D2B0F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97a9749c-f933-42d6-a093-7bf3a4de27a5.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.69.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:ee:d7:a1:2b:b8:89:5c:2d:89:8f:10:04:fc:61:b5:dd:7d:2b:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:6a:05:e2:bd:41:f8:ff:27:26:54:a8:9a:bd:
1a:73:81:dd:0a:b6:3b:6c:be:cd:9e:bc:e1:96:6c:
52:c8:bc:45:e7:49:c0:65:bc:81:dd:bd:1c:65:83:
b5:c6:96:9e:cb:0e:0b:a9:78:ec:c3:a4:8a:8b:ac:
ff:00:a0:60:ee:2a:66:4e:f6:3d:a7:35:9f:83:2e:
01:f8:25:b2:3d:38:db:49:b2:fa:5c:e9:67:65:83:
87:3b:d3:d8:65:3d:d6:8c:da:7e:ed:7f:c9:11:28:
4b:7f:a0:56:68:5c:2c:00:25:6b:70:75:81:9c:9d:
98:d3:6d:67:80:20:49:39:a4:ec:2b:b8:06:86:71:
08:19:9f:cd:ec:d1:a8:ab:f1:99:df:fc:e9:8c:f9:
9b:05:a2:53:1e:54:24:4d:1e:22:7d:2a:f6:38:c0:
07:55:07:55:5c:22:79:f6:06:eb:2f:47:40:41:be:
d1:1a:b6:ea:3c:48:32:f1:66:e6:4c:17:cb:72:31:
bf:1d:74:87:43:c6:83:69:b5:6a:48:93:b9:74:0e:
37:b0:5e:4c:04:14:41:bb:99:ae:17:85:6b:e6:eb:
b1:bf:e0:2f:d1:38:f3:07:2a:65:f6:ce:40:bc:34:
2e:25:69:d2:86:74:14:fe:a1:73:0f:5d:56:5a:28:
2e:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:3D:1B:80:EF:05:CA:50:A5:C7:CA:4C:CC:2B:4C:ED:9A:3F:E4:5F
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/97a9749c-f933-42d6-a093-7bf3a4de27a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.69.0.0/16
Signature Algorithm: sha256WithRSAEncryption
7c:0d:97:3b:4f:94:32:68:ff:d9:a0:31:aa:fb:eb:d1:54:a3:
b1:b5:d5:c3:a4:b3:a2:ab:b2:3d:69:93:e8:67:7c:54:2d:10:
64:9a:ef:36:a7:e1:79:ea:eb:d5:23:61:b1:dc:56:44:15:b1:
98:cd:66:eb:10:a0:8d:ea:f7:13:1d:97:f8:10:f1:26:06:a4:
2b:62:6a:50:9f:f9:55:4e:ab:d6:6c:c2:34:69:9a:b9:79:8f:
a2:88:14:19:79:c7:6e:81:6a:10:22:ba:fe:3c:6c:2b:90:ae:
bf:c3:da:42:c7:fc:55:33:1c:fa:c1:05:7d:fa:e9:b4:54:fd:
15:9f:f4:f9:c8:14:5a:fd:3c:81:6e:58:87:06:63:16:03:04:
27:f2:67:51:6c:a4:5b:b5:54:c8:f9:a1:75:1b:d8:be:a9:25:
cb:8d:b4:eb:60:d2:9f:83:7e:65:b2:50:6b:10:d7:13:1f:23:
b0:b7:25:b5:07:0c:80:f3:b8:20:28:8d:ad:2e:38:21:af:85:
ad:12:f9:a6:cb:7e:9f:2a:41:73:dc:90:99:a6:ab:72:8f:2e:
00:fc:0e:62:7f:d7:ee:c5:73:bf:fc:57:73:89:c3:40:a8:cc:
0e:9d:29:c0:29:df:27:d8:d8:78:3b:22:ba:26:1a:25:6f:16:
ce:2c:8e:69
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUA+7XoSu4iVwtiY8QBPxhtd19Kw8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjMmM2Zjc2YjdjNDc1NGY4ZWI4ODAxZGMxYzJkZDFkOTc4MTBmNDA2YzMx
NTVhOWI3NDJlYTA1NDkzY2EwMjcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZqBeK9Qfj/JyZUqJq9GnOB3Qq2O2y+zZ684ZZsUsi8RedJwGW8gd29HGWD
tcaWnssOC6l47MOkious/wCgYO4qZk72Pac1n4MuAfglsj0420my+lzpZ2WDhzvT
2GU91ozafu1/yREoS3+gVmhcLAAla3B1gZydmNNtZ4AgSTmk7Cu4BoZxCBmfzezR
qKvxmd/86Yz5mwWiUx5UJE0eIn0q9jjAB1UHVVwiefYG6y9HQEG+0Rq26jxIMvFm
5kwXy3Ixvx10h0PGg2m1akiTuXQON7BeTAQUQbuZrheFa+brsb/gL9E48wcqZfbO
QLw0LiVp0oZ0FP6hcw9dVlooLmcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR1PRuA
7wXKUKXHykzMK0ztmj/kXzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
OTdhOTc0OWMtZjkzMy00MmQ2LWEwOTMtN2JmM2E0ZGUyN2E1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNFMA0G
CSqGSIb3DQEBCwUAA4IBAQB8DZc7T5QyaP/ZoDGq++vRVKOxtdXDpLOiq7I9aZPo
Z3xULRBkmu82p+F56uvVI2Gx3FZEFbGYzWbrEKCN6vcTHZf4EPEmBqQrYmpQn/lV
TqvWbMI0aZq5eY+iiBQZecdugWoQIrr+PGwrkK6/w9pCx/xVMxz6wQV9+um0VP0V
n/T5yBRa/TyBbliHBmMWAwQn8mdRbKRbtVTI+aF1G9i+qSXLjbTrYNKfg35lslBr
ENcTHyOwtyW1BwyA87ggKI2tLjghr4WtEvmmy36fKkFz3JCZpqtyjy4A/A5if9fu
xXO//FdzicNAqMwOnSnAKd8n2Nh4OyK6JholbxbOLI5p
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:47:53 2025 by rpki-client