Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bee56394-d0ee-4578-8df3-6c45679cffb6.roa
File: bee56394-d0ee-4578-8df3-6c45679cffb6.roa (raw, json)
Hash identifier: D21GNtgeicmChO60cQuB25dNNs3S5FvmJjd9CwOlhls=
Subject key identifier: B6:1E:44:F6:FA:55:B5:75:39:7E:BA:C7:63:C8:0E:10:FF:A4:FF:B3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 08BEDBE892AB07C64B8A8B75FF5A55D2B63F3B56
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bee56394-d0ee-4578-8df3-6c45679cffb6.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.84.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:be:db:e8:92:ab:07:c6:4b:8a:8b:75:ff:5a:55:d2:b6:3f:3b:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:7d:3b:db:0d:c6:5f:f6:3a:f0:5f:38:f4:03:
38:a6:b5:1b:1f:08:1e:48:49:4c:a0:da:f5:49:8e:
71:d7:63:4f:c9:6c:ac:30:de:2c:8b:66:b3:27:81:
30:d6:d1:6b:38:df:70:7f:3f:8a:14:56:dd:bd:fd:
bc:d6:e3:76:27:a2:f3:ad:23:5c:28:7f:1f:26:18:
b5:ff:7c:21:26:17:2a:21:72:d2:82:73:52:a5:dd:
c0:89:6e:dd:2a:33:da:6e:46:86:cd:b7:4b:20:6c:
3e:e2:fd:ff:01:75:bc:8e:94:7c:c1:3f:23:54:0b:
a3:87:85:69:23:57:2c:ae:81:69:dc:15:d2:e5:0b:
9c:13:03:97:2f:d1:8c:18:7b:75:63:86:69:6c:21:
b9:39:2b:66:2b:b9:14:bc:38:c2:b3:bb:1b:7a:35:
98:5f:11:ab:9c:5f:32:1f:d6:73:8a:c2:0c:8e:62:
e9:4c:53:04:8d:f3:73:d1:7e:1e:c5:67:50:8c:f5:
0b:25:4a:9c:da:35:a2:0f:50:e2:45:b4:5e:81:08:
db:f7:dc:ba:46:44:8c:45:2c:37:e0:7c:f8:77:d6:
77:08:6c:15:01:79:62:4e:e7:98:1f:df:2e:0d:11:
54:26:a4:e3:76:46:bb:b1:d0:bc:19:ef:1d:29:fd:
c1:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:1E:44:F6:FA:55:B5:75:39:7E:BA:C7:63:C8:0E:10:FF:A4:FF:B3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/bee56394-d0ee-4578-8df3-6c45679cffb6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.84.0.0/16
Signature Algorithm: sha256WithRSAEncryption
54:be:8b:8a:d4:62:1b:a3:43:68:cd:34:80:2b:27:42:ea:8e:
68:3b:43:2b:4e:c5:f1:0f:a9:b8:8e:59:34:7c:3f:5d:12:53:
c8:30:d2:d0:ac:de:08:20:2e:eb:56:f2:88:3b:c8:c3:04:d5:
7f:be:93:98:c3:a3:71:f8:0a:62:de:77:4e:ae:d1:32:71:2a:
05:29:fe:45:de:38:cb:f6:9f:dc:df:3b:81:c6:fd:ff:cc:aa:
66:ad:b1:cb:f8:ce:c7:82:cb:7f:4c:dd:a5:65:4e:07:af:e7:
26:a8:ff:0c:da:db:31:63:e0:4f:4e:a9:e0:1a:ca:c5:e1:08:
53:12:3e:34:a3:ea:5e:ba:60:6c:69:56:a0:1a:58:78:25:b7:
e4:83:ee:9e:c1:5e:13:40:0f:57:84:f9:a5:f4:13:b3:3c:08:
d1:7a:db:79:04:b2:cb:23:19:7e:fa:6d:ad:15:2b:f6:9e:ef:
f9:71:00:48:37:fd:df:c2:03:77:17:e3:4b:95:89:b1:00:3d:
c2:00:67:c2:e2:b0:52:aa:1d:89:94:58:e1:0a:ed:be:de:68:
c9:25:62:39:80:ce:a2:51:73:be:a2:80:cf:d5:95:fc:51:90:
20:21:af:b4:d3:fc:18:78:72:37:10:0e:d2:19:22:03:73:0b:
ba:7d:d2:ff
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUCL7b6JKrB8ZLiot1/1pV0rY/O1YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDg4ZDFiZTZhNWQyNjU2ZTI4YmEwYmNlMjc2NjYxYmYyZTk5NDNhZmNkNWI3
Y2E3ZGY1ODQ4M2MwMTE5YzQ4YmExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOV9O9sNxl/2OvBfOPQDOKa1Gx8IHkhJTKDa9UmOcddjT8lsrDDeLItmsyeB
MNbRazjfcH8/ihRW3b39vNbjdiei860jXCh/HyYYtf98ISYXKiFy0oJzUqXdwIlu
3Soz2m5Ghs23SyBsPuL9/wF1vI6UfME/I1QLo4eFaSNXLK6BadwV0uULnBMDly/R
jBh7dWOGaWwhuTkrZiu5FLw4wrO7G3o1mF8Rq5xfMh/Wc4rCDI5i6UxTBI3zc9F+
HsVnUIz1CyVKnNo1og9Q4kW0XoEI2/fcukZEjEUsN+B8+HfWdwhsFQF5Yk7nmB/f
Lg0RVCak43ZGu7HQvBnvHSn9wakCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS2HkT2
+lW1dTl+usdjyA4Q/6T/szAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YmVlNTYzOTQtZDBlZS00NTc4LThkZjMtNmM0NTY3OWNmZmI2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNUMA0G
CSqGSIb3DQEBCwUAA4IBAQBUvouK1GIbo0NozTSAKydC6o5oO0MrTsXxD6m4jlk0
fD9dElPIMNLQrN4IIC7rVvKIO8jDBNV/vpOYw6Nx+Api3ndOrtEycSoFKf5F3jjL
9p/c3zuBxv3/zKpmrbHL+M7Hgst/TN2lZU4Hr+cmqP8M2tsxY+BPTqngGsrF4QhT
Ej40o+peumBsaVagGlh4Jbfkg+6ewV4TQA9XhPml9BOzPAjRett5BLLLIxl++m2t
FSv2nu/5cQBIN/3fwgN3F+NLlYmxAD3CAGfC4rBSqh2JlFjhCu2+3mjJJWI5gM6i
UXO+ooDP1ZX8UZAgIa+00/wYeHI3EA7SGSIDcwu6fdL/
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:42:28 2025 by rpki-client