Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b76b2450-5088-45d4-a9f3-3c0e092919bd.roa
File: b76b2450-5088-45d4-a9f3-3c0e092919bd.roa (raw, json)
Hash identifier: ayXRfet/r/C8czT+k8RIVhb6AJ7bo3dbU/Y5l2dZROc=
Subject key identifier: 76:34:67:CC:FE:F6:4F:2D:C5:B6:A4:E9:4C:98:3B:36:C2:1D:C1:6E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 77844A862AC9F71FBF341BDF71C7F979BFAA3C66
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b76b2450-5088-45d4-a9f3-3c0e092919bd.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.168.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:84:4a:86:2a:c9:f7:1f:bf:34:1b:df:71:c7:f9:79:bf:aa:3c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:4c:ee:1b:1a:8f:b0:37:2f:2b:7a:73:9c:9a:
22:e4:ee:df:d3:33:e5:ba:2a:d8:2a:7b:06:e5:44:
60:19:b3:f0:d1:29:8d:3d:e5:d9:13:0b:5d:31:ac:
80:72:0b:89:8e:00:02:fe:96:07:37:f8:10:0d:97:
5b:bc:c2:89:dc:56:e7:c6:93:74:b1:c6:09:46:ba:
51:0a:61:ca:02:99:bd:29:25:59:9d:54:5d:c8:05:
6c:15:d8:c2:33:70:12:45:b9:9a:36:41:61:a3:8f:
73:14:37:80:24:99:ec:34:e8:7f:ab:97:1a:23:61:
dd:9d:34:93:d3:69:1e:29:67:38:fc:ab:b4:71:a5:
eb:d3:3c:d5:43:54:97:d5:ef:81:da:34:08:39:cc:
b5:28:e6:78:b5:0c:e6:a6:bf:01:6d:ec:e2:4c:64:
25:20:1c:18:4b:44:03:85:68:48:a0:f8:2a:e2:02:
b6:7e:0b:2f:32:4a:bf:18:2a:9a:66:f6:be:3b:3f:
73:d3:f4:e0:78:dd:e9:dd:f9:52:3e:e7:9e:2f:d8:
3d:04:2c:7c:2a:94:a5:09:f1:f2:58:1a:6e:81:ce:
07:7c:b5:1f:44:dd:71:47:2a:95:23:b5:e5:79:98:
19:df:e1:34:da:3a:4c:eb:51:f9:7b:64:ef:b3:16:
24:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:34:67:CC:FE:F6:4F:2D:C5:B6:A4:E9:4C:98:3B:36:C2:1D:C1:6E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/b76b2450-5088-45d4-a9f3-3c0e092919bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.168.0.0/15
Signature Algorithm: sha256WithRSAEncryption
50:90:3f:9c:76:a6:20:36:b1:af:7a:66:a0:2a:fc:35:5e:05:
f4:a8:1f:2a:9f:1f:85:ee:7f:b2:f2:3f:37:12:3e:eb:79:7d:
6f:ab:97:ae:40:d3:88:45:14:35:0e:a6:64:79:ed:1f:a1:29:
ad:52:73:34:33:a0:a0:d4:af:0b:54:7c:fb:e4:4b:41:0c:1c:
55:31:bf:c4:85:35:48:47:ab:6c:4a:46:14:82:69:64:eb:49:
9c:cd:11:65:84:da:21:20:01:f8:c1:1e:da:6a:34:e1:4e:8e:
76:67:88:2d:93:c7:4a:0a:46:e9:44:26:17:a7:f3:64:b4:8a:
eb:f3:e5:7e:5e:45:2d:cf:5c:7f:c9:be:5b:78:e2:d4:f5:dd:
5b:2d:b3:03:67:b5:8c:bb:c2:bf:ce:07:bf:ba:27:9f:22:19:
ee:f3:2b:4d:b3:20:04:44:69:cc:c2:19:d2:a4:40:87:b8:28:
2e:b9:ff:b3:e3:ba:40:b8:23:a0:b6:32:45:e0:ca:28:fa:33:
fd:31:1b:ee:57:43:56:fe:ac:7e:c5:fa:9b:78:1f:ca:fa:b0:
a2:a8:88:e7:a4:e2:e7:1d:42:13:2a:be:76:74:63:66:1d:62:
05:92:bb:35:f3:10:44:59:ed:5b:0f:00:01:97:c7:93:c9:c5:
ed:9c:e2:62
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUd4RKhirJ9x+/NBvfccf5eb+qPGYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDgzZjUyODZiMTY3N2Q3N2M1ZTQwMWQ1MDQ4MzVlM2E0MzM3N2JhMzg2MWVm
MmI1YjJmMjQzMDdjNTlkZWRjNjExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALxM7hsaj7A3Lyt6c5yaIuTu39Mz5boq2Cp7BuVEYBmz8NEpjT3l2RMLXTGs
gHILiY4AAv6WBzf4EA2XW7zCidxW58aTdLHGCUa6UQphygKZvSklWZ1UXcgFbBXY
wjNwEkW5mjZBYaOPcxQ3gCSZ7DTof6uXGiNh3Z00k9NpHilnOPyrtHGl69M81UNU
l9Xvgdo0CDnMtSjmeLUM5qa/AW3s4kxkJSAcGEtEA4VoSKD4KuICtn4LLzJKvxgq
mmb2vjs/c9P04Hjd6d35Uj7nni/YPQQsfCqUpQnx8lgaboHOB3y1H0TdcUcqlSO1
5XmYGd/hNNo6TOtR+Xtk77MWJJcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBR2NGfM
/vZPLcW2pOlMmDs2wh3BbjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Yjc2YjI0NTAtNTA4OC00NWQ0LWE5ZjMtM2MwZTA5MjkxOWJkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOoMA0G
CSqGSIb3DQEBCwUAA4IBAQBQkD+cdqYgNrGvemagKvw1XgX0qB8qnx+F7n+y8j83
Ej7reX1vq5euQNOIRRQ1DqZkee0foSmtUnM0M6Cg1K8LVHz75EtBDBxVMb/EhTVI
R6tsSkYUgmlk60mczRFlhNohIAH4wR7aajThTo52Z4gtk8dKCkbpRCYXp/NktIrr
8+V+XkUtz1x/yb5beOLU9d1bLbMDZ7WMu8K/zge/uiefIhnu8ytNsyAERGnMwhnS
pECHuCguuf+z47pAuCOgtjJF4Moo+jP9MRvuV0NW/qx+xfqbeB/K+rCiqIjnpOLn
HUITKr52dGNmHWIFkrs18xBEWe1bDwABl8eTycXtnOJi
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:54:45 2025 by rpki-client