Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b62ce7-3238-4647-ad97-9a9628b10f66.roa
File: a8b62ce7-3238-4647-ad97-9a9628b10f66.roa (raw, json)
Hash identifier: Plc8joEXQBeiCYSSoB91JNfcEJt608NYjPMfRfdDXZ4=
Subject key identifier: 18:82:00:EB:5A:E7:CA:E0:5C:A7:6D:97:66:58:50:9B:E4:86:C5:BB
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 4360E39F5337179F86009E18FD023B22204B3427
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b62ce7-3238-4647-ad97-9a9628b10f66.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.228.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
43:60:e3:9f:53:37:17:9f:86:00:9e:18:fd:02:3b:22:20:4b:34:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:a8:61:98:cb:8a:60:85:ac:28:12:2e:74:1d:
14:3a:16:d4:24:61:4b:3f:d1:c7:3c:da:f5:6c:b1:
81:8c:4b:de:4f:b0:6a:d8:2d:ba:be:06:c0:2c:81:
2c:1f:60:fa:81:27:c9:1f:0d:95:ad:bd:1d:9b:6e:
e7:ff:3b:38:62:97:69:bf:94:f2:79:6a:8a:40:95:
db:e3:85:10:15:15:43:d9:36:e8:9e:e2:5b:11:9c:
97:46:9d:b4:f6:f1:0e:1c:06:74:27:36:02:ef:ed:
ff:c7:16:79:83:d4:de:f2:92:54:22:27:11:e7:b7:
96:fd:f7:ce:ea:24:65:0e:55:0d:72:27:25:1e:d6:
56:57:6a:f2:27:e0:dd:1d:36:ed:46:ce:4a:70:d7:
08:a6:b9:73:27:e2:c9:c5:f2:a2:6f:ab:b9:67:c1:
24:b7:38:41:53:92:32:3f:a4:64:35:13:4c:ae:62:
81:69:82:8c:c8:2e:cb:fd:da:c9:69:4b:c2:af:ab:
12:f7:46:b2:7a:58:47:d8:da:b0:da:35:08:e9:11:
eb:b6:15:57:2d:a8:7a:7d:9e:dc:de:af:7d:1e:f6:
62:42:91:79:59:d0:e5:c3:39:51:4c:82:63:0d:fc:
d4:71:8d:6e:9b:bc:22:66:9d:38:fe:29:03:63:c8:
28:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:82:00:EB:5A:E7:CA:E0:5C:A7:6D:97:66:58:50:9B:E4:86:C5:BB
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a8b62ce7-3238-4647-ad97-9a9628b10f66.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.228.0.0/15
Signature Algorithm: sha256WithRSAEncryption
c5:38:82:f1:9e:bf:ac:f6:b6:55:9a:54:f1:41:f0:70:3a:c6:
b2:ea:6e:d4:70:31:ae:20:82:e4:69:11:11:3e:96:bf:64:87:
eb:c5:f7:77:c1:6d:5e:e0:40:34:25:b4:0b:58:22:a3:d2:67:
9a:51:60:dd:87:57:b0:2c:70:19:d7:cb:50:24:8f:0c:30:15:
cf:f8:a8:0f:3a:8b:f3:42:cb:9b:80:9c:eb:8a:46:1a:a8:7a:
0b:04:9f:9b:40:e2:36:b1:20:7a:15:8f:90:1a:13:ad:36:a2:
af:ae:a9:81:7f:20:7f:f6:64:0f:59:9c:1a:90:f6:ed:e9:65:
1b:eb:02:e8:ec:77:1f:24:2a:8e:a2:73:e7:77:37:63:68:6b:
24:3e:b9:83:8d:9c:03:53:ef:23:50:2a:65:05:f3:18:bf:a9:
fe:65:d7:ba:28:ed:a0:bb:06:31:08:45:36:2e:eb:34:d1:08:
0e:05:23:90:c5:3d:ad:f0:59:c1:da:c8:03:65:02:6d:10:38:
25:57:66:82:12:a5:8a:be:6c:97:54:3b:e6:a6:d4:56:ef:75:
3e:ab:c2:06:81:84:7b:36:bf:7a:93:d2:ff:f7:2b:19:b8:f4:
fb:df:fd:8d:02:43:b3:86:10:ad:f0:d0:d8:62:a8:16:e8:3f:
99:a5:0c:a8
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUQ2Djn1M3F5+GAJ4Y/QI7IiBLNCcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjMzQ1NTA0YWI0YjRmMDA0Yzc5NmE5ZjM0OTNkZGY4YzM0OGQ1ZTVlZTk2
NDQwYTcyYmRhMmViYzkxNmM4YzYxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN2oYZjLimCFrCgSLnQdFDoW1CRhSz/Rxzza9WyxgYxL3k+watgtur4GwCyB
LB9g+oEnyR8Nla29HZtu5/87OGKXab+U8nlqikCV2+OFEBUVQ9k26J7iWxGcl0ad
tPbxDhwGdCc2Au/t/8cWeYPU3vKSVCInEee3lv33zuokZQ5VDXInJR7WVldq8ifg
3R027UbOSnDXCKa5cyfiycXyom+ruWfBJLc4QVOSMj+kZDUTTK5igWmCjMguy/3a
yWlLwq+rEvdGsnpYR9jasNo1COkR67YVVy2oen2e3N6vfR72YkKReVnQ5cM5UUyC
Yw381HGNbpu8ImadOP4pA2PIKLECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQYggDr
WufK4FynbZdmWFCb5IbFuzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YThiNjJjZTctMzIzOC00NjQ3LWFkOTctOWE5NjI4YjEwZjY2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPkMA0G
CSqGSIb3DQEBCwUAA4IBAQDFOILxnr+s9rZVmlTxQfBwOsay6m7UcDGuIILkaRER
Ppa/ZIfrxfd3wW1e4EA0JbQLWCKj0meaUWDdh1ewLHAZ18tQJI8MMBXP+KgPOovz
QsubgJzrikYaqHoLBJ+bQOI2sSB6FY+QGhOtNqKvrqmBfyB/9mQPWZwakPbt6WUb
6wLo7HcfJCqOonPndzdjaGskPrmDjZwDU+8jUCplBfMYv6n+Zde6KO2guwYxCEU2
Lus00QgOBSOQxT2t8FnB2sgDZQJtEDglV2aCEqWKvmyXVDvmptRW73U+q8IGgYR7
Nr96k9L/9ysZuPT73/2NAkOzhhCt8NDYYqgW6D+ZpQyo
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:44 2025 by rpki-client