Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a3d5a2f9-636d-47f7-adf9-04bffcfa0799.roa
File: a3d5a2f9-636d-47f7-adf9-04bffcfa0799.roa (raw, json)
Hash identifier: jKqZvNz/8cd5I2qr9MPa2drPtVL8GE4wNzkaJzg+pqE=
Subject key identifier: F4:6C:9B:3C:2E:B1:E1:16:A4:AA:B1:B7:40:41:56:E2:69:D2:77:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 23E93E2F14BC032781F71DEAFD01A3979EAAF739
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a3d5a2f9-636d-47f7-adf9-04bffcfa0799.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.16.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:e9:3e:2f:14:bc:03:27:81:f7:1d:ea:fd:01:a3:97:9e:aa:f7:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a9:89:67:17:0b:4e:36:87:2f:b5:7f:82:4b:
8c:e1:52:eb:92:62:6b:e8:b8:7d:08:2a:02:df:33:
ba:24:83:26:1e:eb:2b:0c:32:06:9f:35:8c:6a:63:
a9:a9:48:09:c0:6e:60:e7:44:e7:64:79:23:57:21:
6a:c6:36:82:b7:de:15:99:f3:a0:e3:16:69:47:a4:
48:f8:62:7e:35:b4:54:38:f8:4a:ba:25:f2:72:70:
bf:4b:67:02:22:99:83:9a:06:50:36:5e:ef:64:a2:
98:39:9a:7a:21:0f:b4:42:f3:5b:58:82:80:04:9c:
ed:10:5c:71:33:12:d8:fa:27:0a:a0:2d:14:1b:02:
35:46:db:53:5a:a0:33:fe:d0:ed:cb:86:5c:ea:63:
39:0d:df:b6:97:c2:29:ee:70:a8:d1:97:be:71:f8:
33:a3:cd:ba:32:51:59:35:f5:ab:c8:dd:18:5f:75:
96:1c:69:0a:7e:92:c6:ed:83:dd:8d:ba:f8:6d:b0:
c8:2c:0a:c9:01:0a:bc:f7:21:34:56:21:04:de:71:
89:37:45:88:18:dd:6a:8c:5d:b2:0a:8b:d7:6f:5b:
9b:23:e5:33:e8:ae:6f:8d:a0:a7:c5:5e:17:8d:b0:
e1:d5:44:49:60:4c:c5:bd:74:9a:bf:f2:54:b0:26:
5a:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:6C:9B:3C:2E:B1:E1:16:A4:AA:B1:B7:40:41:56:E2:69:D2:77:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a3d5a2f9-636d-47f7-adf9-04bffcfa0799.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
98:17:ba:b1:30:3c:fa:0f:60:cf:95:e2:57:49:a1:ef:3f:06:
3f:62:e0:e3:49:50:34:34:99:88:dc:8d:56:1c:30:3b:a3:ad:
12:9c:03:a7:79:94:23:53:1f:09:d5:ae:78:03:9c:ff:33:ab:
ab:30:82:2d:cf:ef:85:7d:32:5e:d4:98:27:10:87:14:4b:4c:
11:b0:66:bf:de:4b:2a:08:80:20:b9:63:b1:66:e0:44:ce:ef:
1b:c3:06:e2:50:69:f9:bd:c0:d7:86:d5:a5:d0:f6:bb:20:53:
b1:ae:a5:c5:0e:c6:9f:5f:cd:6e:28:d8:ea:c3:c3:c8:54:1d:
3b:f1:3d:8e:bd:ae:56:a5:ea:8c:6d:5a:16:e4:75:93:a7:37:
5e:f0:8b:97:db:a9:1e:c8:67:1a:3d:35:dc:b9:b9:8c:bd:77:
8c:74:45:3e:31:a6:82:8f:e6:07:ce:97:9e:61:f8:55:b6:fc:
eb:eb:df:58:dd:6c:63:76:6d:82:dd:fc:30:fa:70:3a:ef:e8:
71:62:b2:ed:66:e1:ff:4a:04:3e:42:78:52:89:8e:45:83:70:
b5:ed:54:37:e4:04:55:7f:30:24:2b:ae:88:76:74:42:dd:34:
06:f2:10:13:7c:39:1f:bc:0a:d4:0c:9a:18:b2:bd:5a:56:3e:
bf:d3:92:ee
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUI+k+LxS8AyeB9x3q/QGjl56q9zkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2ODY4MDNkODllNjkzMjQ2MjgwYzhjZGE4NGE5Y2I2MmYzN2E4MmFjMjgw
MzQ4MDdlYWY5MzRmOGMyZDhjZDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM6piWcXC042hy+1f4JLjOFS65Jia+i4fQgqAt8zuiSDJh7rKwwyBp81jGpj
qalICcBuYOdE52R5I1chasY2grfeFZnzoOMWaUekSPhifjW0VDj4Srol8nJwv0tn
AiKZg5oGUDZe72SimDmaeiEPtELzW1iCgASc7RBccTMS2PonCqAtFBsCNUbbU1qg
M/7Q7cuGXOpjOQ3ftpfCKe5wqNGXvnH4M6PNujJRWTX1q8jdGF91lhxpCn6Sxu2D
3Y26+G2wyCwKyQEKvPchNFYhBN5xiTdFiBjdaoxdsgqL129bmyPlM+iub42gp8Ve
F42w4dVESWBMxb10mr/yVLAmWtUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT0bJs8
LrHhFqSqsbdAQVbiadJ36jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTNkNWEyZjktNjM2ZC00N2Y3LWFkZjktMDRiZmZjZmEwNzk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATMQMA0G
CSqGSIb3DQEBCwUAA4IBAQCYF7qxMDz6D2DPleJXSaHvPwY/YuDjSVA0NJmI3I1W
HDA7o60SnAOneZQjUx8J1a54A5z/M6urMIItz++FfTJe1JgnEIcUS0wRsGa/3ksq
CIAguWOxZuBEzu8bwwbiUGn5vcDXhtWl0Pa7IFOxrqXFDsafX81uKNjqw8PIVB07
8T2Ova5WpeqMbVoW5HWTpzde8IuX26keyGcaPTXcubmMvXeMdEU+MaaCj+YHzpee
YfhVtvzr699Y3Wxjdm2C3fww+nA67+hxYrLtZuH/SgQ+QnhSiY5Fg3C17VQ35ARV
fzAkK66IdnRC3TQG8hATfDkfvArUDJoYsr1aVj6/05Lu
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:52:47 2025 by rpki-client