Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa8c347b-a2d5-4fe5-8b98-684b4ad77529.roa
File: aa8c347b-a2d5-4fe5-8b98-684b4ad77529.roa (raw, json)
Hash identifier: n9xo3dJ20zvT8zoOVC7KqbO02umCq8iXSQV+98qoynk=
Subject key identifier: 9C:E4:7F:57:B7:D9:A8:BD:EA:62:5F:9C:65:BC:EB:1F:49:3B:F8:FA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 72C07A1B6E712C056B4EBB2A2E4DC00FD56C5C41
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa8c347b-a2d5-4fe5-8b98-684b4ad77529.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.134.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:c0:7a:1b:6e:71:2c:05:6b:4e:bb:2a:2e:4d:c0:0f:d5:6c:5c:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7c:43:5d:d7:5c:55:b3:87:57:10:57:b5:b7:
01:d1:04:8c:6c:d0:76:16:88:a6:b6:a4:24:61:12:
6f:0a:fe:78:c8:fc:17:a0:4a:36:13:3d:d5:5f:8d:
0c:26:71:1e:f8:2a:fe:90:57:eb:b7:1d:7a:77:fb:
e6:59:1d:89:b2:77:00:1b:0f:98:17:17:0c:30:46:
5c:bb:e7:46:e6:e1:6c:29:44:a5:a0:73:63:26:ef:
c4:19:1b:72:1f:76:6b:6a:4a:71:fd:b9:86:64:d5:
67:0c:53:5f:b9:bc:c7:50:13:c0:89:1e:5d:1e:be:
c0:eb:4d:31:20:84:78:b0:7c:1f:35:48:15:d7:75:
3b:5b:ba:cf:10:55:d7:47:32:77:2b:65:fc:36:0c:
fd:38:a1:86:0b:6e:d7:7b:d9:41:f7:ea:6e:0c:42:
6e:05:a7:ce:61:13:df:ba:34:aa:66:a1:8b:7a:25:
fe:c2:6b:06:19:67:6b:4d:99:47:10:1a:84:b4:43:
61:5e:d7:c3:39:97:d2:6d:5b:5a:d6:b8:ef:bd:03:
08:73:c5:ed:61:c2:d0:aa:f9:07:85:49:bf:6f:bf:
8d:ab:ee:22:5e:d8:80:c3:7e:19:9b:9c:0f:c5:20:
38:bb:bb:40:51:62:71:6e:67:2b:26:61:e2:c8:c1:
ce:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:E4:7F:57:B7:D9:A8:BD:EA:62:5F:9C:65:BC:EB:1F:49:3B:F8:FA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/aa8c347b-a2d5-4fe5-8b98-684b4ad77529.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.134.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:71:0e:bc:b5:35:82:c3:b7:b6:b9:cc:9d:69:0c:0f:a7:97:
45:0a:77:b8:34:e7:45:39:6f:38:4c:3b:33:72:09:c8:29:0d:
19:8f:e2:ff:11:58:16:d7:55:fe:4c:b3:ff:a4:33:8a:1c:cc:
06:c3:40:65:b6:83:cc:90:e4:f2:9f:c7:5b:fb:7c:27:da:46:
a4:bf:32:cd:38:74:fe:3b:10:bb:3d:28:82:ee:ac:81:cb:a4:
be:b6:98:49:10:c1:9a:da:2c:ad:57:5d:a2:04:a3:38:2e:e1:
2b:48:d4:66:1d:45:6a:94:cc:85:94:3e:14:64:71:78:d2:7e:
ed:22:fb:ea:a8:b2:8e:bb:f3:f8:aa:be:ff:48:9a:4a:56:de:
1b:dc:8a:b6:5f:7c:c6:e5:da:70:d9:8b:eb:03:98:25:97:17:
c7:70:d6:ee:a4:7c:1d:1a:0d:54:62:d0:d5:30:df:1c:a5:4b:
99:c6:93:94:5c:0c:77:69:9a:5b:eb:5c:05:fc:1f:9f:43:0a:
7f:ea:70:f1:5b:d6:20:ca:df:23:50:d6:74:c3:13:ac:08:58:
11:30:e5:cd:44:97:5f:fd:98:2f:c6:2c:17:0e:34:dc:3f:f3:
5c:61:ea:d0:f9:07:18:35:fd:b5:41:34:bb:fa:3e:f6:b5:1b:
f6:93:a8:90
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUcsB6G25xLAVrTrsqLk3AD9VsXEEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2Zjc3ZWI2YzYwZWQxMDM4NjBkZjk3N2IwMDQ1MWZhZmQxYzI4MmIyOTQ5
NTZkNDExNGQ4YzdjZmE1YjAxNGMxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMt8Q13XXFWzh1cQV7W3AdEEjGzQdhaIprakJGESbwr+eMj8F6BKNhM91V+N
DCZxHvgq/pBX67cdenf75lkdibJ3ABsPmBcXDDBGXLvnRubhbClEpaBzYybvxBkb
ch92a2pKcf25hmTVZwxTX7m8x1ATwIkeXR6+wOtNMSCEeLB8HzVIFdd1O1u6zxBV
10cydytl/DYM/Tihhgtu13vZQffqbgxCbgWnzmET37o0qmahi3ol/sJrBhlna02Z
RxAahLRDYV7XwzmX0m1bWta4770DCHPF7WHC0Kr5B4VJv2+/javuIl7YgMN+GZuc
D8UgOLu7QFFicW5nKyZh4sjBzgMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBSc5H9X
t9movepiX5xlvOsfSTv4+jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YWE4YzM0N2ItYTJkNS00ZmU1LThiOTgtNjg0YjRhZDc3NTI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADOGMA0G
CSqGSIb3DQEBCwUAA4IBAQBUcQ68tTWCw7e2ucydaQwPp5dFCne4NOdFOW84TDsz
cgnIKQ0Zj+L/EVgW11X+TLP/pDOKHMwGw0BltoPMkOTyn8db+3wn2kakvzLNOHT+
OxC7PSiC7qyBy6S+tphJEMGa2iytV12iBKM4LuErSNRmHUVqlMyFlD4UZHF40n7t
IvvqqLKOu/P4qr7/SJpKVt4b3Iq2X3zG5dpw2YvrA5gllxfHcNbupHwdGg1UYtDV
MN8cpUuZxpOUXAx3aZpb61wF/B+fQwp/6nDxW9Ygyt8jUNZ0wxOsCFgRMOXNRJdf
/ZgvxiwXDjTcP/NcYerQ+QcYNf21QTS7+j72tRv2k6iQ
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:41:39 2025 by rpki-client