Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a9916a41-7c7f-4c1c-bcf2-b6e1b32b7dfb.roa
File: a9916a41-7c7f-4c1c-bcf2-b6e1b32b7dfb.roa (raw, json)
Hash identifier: 1Bg77cfPNZGiMs0pLCbJ9mYLYXa+4jgUCDtuZZzm/tU=
Subject key identifier: 01:6A:72:9E:15:D1:DE:17:B9:FB:34:DF:D6:A0:28:82:D9:48:80:24
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 146C0588AC11257DAAC76FD052B2D36E91750140
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a9916a41-7c7f-4c1c-bcf2-b6e1b32b7dfb.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.212.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:6c:05:88:ac:11:25:7d:aa:c7:6f:d0:52:b2:d3:6e:91:75:01:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:83:2f:ab:bb:ae:bb:8b:a5:de:8f:a8:f2:fd:
3e:d7:90:b7:af:d8:b4:ab:ab:16:c3:49:3c:43:a1:
e7:d2:5f:70:e7:2e:19:83:0a:1b:5c:8c:08:a1:6e:
ca:e3:1a:a6:15:54:92:6a:f3:98:aa:87:15:59:4f:
c3:df:d0:90:7a:1e:a1:2b:33:0c:73:b5:c3:c3:7b:
d6:10:99:fe:db:22:c1:ba:03:77:54:4b:e4:37:cf:
4b:43:49:4e:09:51:5e:2d:31:fe:58:1b:ab:11:03:
89:24:7e:e3:d5:ea:cc:ef:82:55:9f:00:bc:c6:45:
e3:a7:71:2e:48:e9:2f:cc:24:d6:dc:d3:7a:45:d7:
2d:af:4c:86:93:ce:05:15:64:14:e5:4e:94:02:7f:
3c:0a:65:8a:50:de:5f:45:54:8a:ac:45:4b:98:1f:
da:e4:df:c2:24:0d:91:8a:af:99:6c:72:a5:af:2c:
fa:9c:52:17:91:fb:c0:26:72:c1:bc:cd:e1:05:69:
78:21:7a:10:7e:b0:84:f0:96:f8:bf:19:29:db:8b:
61:56:05:c1:3d:4b:7c:92:b2:3a:01:58:22:e2:5a:
f6:39:29:13:47:e8:9c:5e:8b:e1:9d:03:8f:e9:3b:
3c:a8:8b:22:9c:7c:19:e1:e7:5e:ea:41:24:10:ba:
c7:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:6A:72:9E:15:D1:DE:17:B9:FB:34:DF:D6:A0:28:82:D9:48:80:24
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a9916a41-7c7f-4c1c-bcf2-b6e1b32b7dfb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
16:17:d9:49:55:bd:85:05:aa:3f:a0:f2:61:83:88:bb:2e:9f:
59:f3:7d:b7:af:bb:96:e9:6f:4c:f2:41:10:05:62:93:85:b9:
52:1a:bc:66:64:a0:0d:db:46:f8:c8:f3:c0:70:d4:1b:0f:68:
e6:a1:57:8d:65:89:05:c5:53:82:f0:4f:7b:9f:4e:5f:96:06:
e9:f8:13:c4:c9:cc:0d:7a:51:9f:d0:f4:a1:a1:70:34:16:93:
ba:36:1a:a3:a0:6f:99:92:90:84:4f:44:c9:71:fe:23:b5:3f:
da:37:1b:21:6e:e2:1b:29:2a:a4:a2:63:e9:2e:1e:9c:4c:71:
7e:80:61:0a:bf:50:e2:21:f8:c2:52:6f:cd:f5:85:47:10:6b:
fd:41:7f:0d:ad:c2:ff:3f:ad:35:3f:73:96:a0:5f:a9:20:31:
ca:81:f2:fa:89:a7:69:e0:06:1d:17:e8:f8:b5:97:e0:77:73:
f1:fe:e7:84:3b:ac:22:78:4a:9a:1b:51:9b:fb:53:c2:6b:bb:
4f:4a:13:1b:17:6f:02:99:67:6b:21:a5:d2:d1:a9:67:50:e1:
c5:b4:6c:ef:dc:06:44:dd:78:a0:10:85:82:bf:2b:c6:5d:cc:
a4:59:23:92:fc:2b:4c:0d:78:7b:54:50:1e:8b:04:a2:bd:5c:
53:eb:2e:4d
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUFGwFiKwRJX2qx2/QUrLTbpF1AUAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDJjOTEwZTk5ZjAxNTk3MzkzZWY1ODJmMmE5ODU4NWMyMmQ2Yzg0NTk1Y2M2
YjExNWYxZDExODg3ZmY5ZDhjMDQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANCDL6u7rruLpd6PqPL9PteQt6/YtKurFsNJPEOh59JfcOcuGYMKG1yMCKFu
yuMaphVUkmrzmKqHFVlPw9/QkHoeoSszDHO1w8N71hCZ/tsiwboDd1RL5DfPS0NJ
TglRXi0x/lgbqxEDiSR+49XqzO+CVZ8AvMZF46dxLkjpL8wk1tzTekXXLa9MhpPO
BRVkFOVOlAJ/PAplilDeX0VUiqxFS5gf2uTfwiQNkYqvmWxypa8s+pxSF5H7wCZy
wbzN4QVpeCF6EH6whPCW+L8ZKduLYVYFwT1LfJKyOgFYIuJa9jkpE0fonF6L4Z0D
j+k7PKiLIpx8GeHnXupBJBC6x2sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQBanKe
FdHeF7n7NN/WoCiC2UiAJDAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTk5MTZhNDEtN2M3Zi00YzFjLWJjZjItYjZlMWIzMmI3ZGZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATPUMA0G
CSqGSIb3DQEBCwUAA4IBAQAWF9lJVb2FBao/oPJhg4i7Lp9Z8323r7uW6W9M8kEQ
BWKThblSGrxmZKAN20b4yPPAcNQbD2jmoVeNZYkFxVOC8E97n05flgbp+BPEycwN
elGf0PShoXA0FpO6NhqjoG+ZkpCET0TJcf4jtT/aNxshbuIbKSqkomPpLh6cTHF+
gGEKv1DiIfjCUm/N9YVHEGv9QX8NrcL/P601P3OWoF+pIDHKgfL6iadp4AYdF+j4
tZfgd3Px/ueEO6wieEqaG1Gb+1PCa7tPShMbF28CmWdrIaXS0alnUOHFtGzv3AZE
3XigEIWCvyvGXcykWSOS/CtMDXh7VFAeiwSivVxT6y5N
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:57 2025 by rpki-client