Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c05da6d0-4bbb-4fb4-b558-5efec1f55506.roa
File: c05da6d0-4bbb-4fb4-b558-5efec1f55506.roa (raw, json)
Hash identifier: 7YMJwFJIrPXtCpwYhc4qcGTlmnVs1IZvQsKReqJpso8=
Subject key identifier: 6E:D5:C3:CA:0D:45:D9:9C:24:65:0E:4E:B0:88:C0:A8:26:78:77:7D
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3B889718799FD1B77214BEA111B21D42F00ED6
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c05da6d0-4bbb-4fb4-b558-5efec1f55506.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.16.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:88:97:18:79:9f:d1:b7:72:14:be:a1:11:b2:1d:42:f0:0e:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=0a3bed30c9ed4888cdccdaac63f4cf2a93163b50e3def89f866871fe309b7ca8, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:19:61:69:62:0b:44:6d:39:d5:c4:85:1c:c2:
1d:0f:b1:83:4a:d7:42:d3:4a:a3:eb:1a:10:55:35:
f8:ec:ea:67:7d:4f:15:98:b9:78:f4:3c:9c:0a:1b:
63:a5:f9:6e:e3:74:d0:cb:76:17:27:a1:01:a2:bf:
73:fb:ce:16:8b:f3:ba:6d:25:b9:1f:72:71:01:7b:
10:22:2d:d0:74:12:5f:ee:16:3f:e9:ee:ae:d7:e0:
e6:66:b6:36:fa:6f:1e:55:3a:ae:ad:d2:93:74:2a:
c6:30:a4:39:0f:ec:a1:0e:2d:d1:69:76:9e:9f:de:
b3:d5:3e:38:b1:0d:38:e4:df:10:8c:93:05:5f:90:
78:04:dd:c0:ae:15:0d:5e:83:d7:d6:01:8b:96:a6:
f6:51:19:3e:39:10:93:a1:03:12:1b:de:55:4b:2e:
ad:33:7c:82:70:0b:ab:8a:19:ba:f5:6f:0d:2e:ef:
90:bb:d6:98:3e:3b:ed:c7:bf:67:3c:e8:bf:68:ed:
07:5d:5c:df:7a:b7:92:02:8c:0c:a5:0d:4d:4d:dd:
95:17:60:bb:5b:41:f0:87:76:a7:85:84:de:a3:52:
51:03:35:8d:b9:02:83:44:0a:9c:6f:f9:76:92:e3:
ef:f5:42:4c:a6:09:3b:ae:74:10:fc:f0:13:89:92:
2d:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:D5:C3:CA:0D:45:D9:9C:24:65:0E:4E:B0:88:C0:A8:26:78:77:7D
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c05da6d0-4bbb-4fb4-b558-5efec1f55506.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.16.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a9:e5:87:0a:c0:7d:4a:bd:f2:54:38:47:e1:65:68:14:60:05:
d0:5d:97:4f:ff:c1:49:22:ef:7f:67:ff:d3:21:39:72:3a:ab:
ab:5c:6b:b5:09:05:74:42:1d:2c:8b:a6:be:f6:fd:98:e6:57:
83:9e:fc:1b:c1:4d:bd:f6:6b:b4:8b:3c:b5:27:96:14:cd:c3:
79:cf:e7:d7:ef:2c:8a:9f:31:27:40:ec:9c:35:c3:52:8a:a2:
5a:aa:ad:fa:6d:54:d1:37:aa:71:af:ef:a7:23:77:7b:fc:4b:
7d:5d:91:05:e5:75:eb:fc:eb:e2:70:90:31:ef:e7:d8:03:1b:
da:c3:85:14:35:e9:6d:6c:6e:a8:1e:f3:2b:dc:95:3f:00:f7:
13:f1:a9:05:1c:87:6d:77:5a:dc:86:3c:1b:eb:37:73:78:b3:
2f:09:98:59:82:1b:26:94:dd:9a:cd:df:74:e8:cf:bc:56:30:
75:a3:02:2d:39:b5:78:8c:01:5d:c7:69:dc:c0:9e:c5:08:39:
f4:e8:85:e8:e3:8c:a2:0e:38:eb:f7:66:5e:da:ae:5f:70:6e:
c3:32:74:46:56:b4:56:36:24:84:f1:9c:fb:f3:22:da:5b:48:
d2:51:96:e8:42:75:da:c2:76:04:c4:54:64:eb:80:ab:52:6c:
42:12:cb:23
-----BEGIN CERTIFICATE-----
MIIFXDCCBESgAwIBAgITO4iXGHmf0bdyFL6hEbIdQvAO1jANBgkqhkiG9w0BAQsF
ADAzMTEwLwYDVQQDEyg0NTNmNDc0NjM1NGUyYWQxNWNlN2ViZDhkYzIxZjk2YzBl
NWM4N2NmMB4XDTI0MTIxMzAwMDAwMFoXDTI1MDExNzIzNTk1OVowejFJMEcGA1UE
BRNAMGEzYmVkMzBjOWVkNDg4OGNkY2NkYWFjNjNmNGNmMmE5MzE2M2I1MGUzZGVm
ODlmODY2ODcxZmUzMDliN2NhODEtMCsGA1UEAxMkYzMzNjQxMWEtNjY1MS00ZjEz
LThlZjktZGU2ODFjN2M5NDQ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKC
AQEAsxlhaWILRG051cSFHMIdD7GDStdC00qj6xoQVTX47OpnfU8VmLl49DycChtj
pflu43TQy3YXJ6EBor9z+84Wi/O6bSW5H3JxAXsQIi3QdBJf7hY/6e6u1+DmZrY2
+m8eVTqurdKTdCrGMKQ5D+yhDi3RaXaen96z1T44sQ045N8QjJMFX5B4BN3ArhUN
XoPX1gGLlqb2URk+ORCToQMSG95VSy6tM3yCcAurihm69W8NLu+Qu9aYPjvtx79n
POi/aO0HXVzfereSAowMpQ1NTd2VF2C7W0Hwh3anhYTeo1JRAzWNuQKDRAqcb/l2
kuPv9UJMpgk7rnQQ/PATiZIthQIDAQABo4ICIDCCAhwwHQYDVR0OBBYEFG7Vw8oN
RdmcJGUOTrCIwKgmeHd9MB8GA1UdIwQYMBaAFEU/R0Y1TirRXOfr2Nwh+WwOXIfP
MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEFBQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJz
eW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvUlQ5SFJqVk9L
dEZjNS12WTNDSDViQTVjaDg4LmNlcjCBngYIKwYBBQUHAQsEgZEwgY4wgYsGCCsG
AQUFBzALhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFtYXpvbmF3cy5j
b20vdm9sdW1lLzk2N2EyNTVjLWQ2ODAtNDJkMy05ZWMzLWVjYjNmOWRhMDg4Yy9j
MDVkYTZkMC00YmJiLTRmYjQtYjU1OC01ZWZlYzFmNTU1MDYucm9hMIGIBgNVHR8E
gYAwfjB8oHqgeIZ2cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25h
d3MuY29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4
OGMvX2xBaTVUSERzUWRQWUE5bm1FVDZvbEh1VmM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMBMxAwDQYJ
KoZIhvcNAQELBQADggEBAKnlhwrAfUq98lQ4R+FlaBRgBdBdl0//wUki739n/9Mh
OXI6q6tca7UJBXRCHSyLpr72/ZjmV4Oe/BvBTb32a7SLPLUnlhTNw3nP59fvLIqf
MSdA7Jw1w1KKolqqrfptVNE3qnGv76cjd3v8S31dkQXldev86+JwkDHv59gDG9rD
hRQ16W1sbqge8yvclT8A9xPxqQUch213WtyGPBvrN3N4sy8JmFmCGyaU3ZrN33To
z7xWMHWjAi05tXiMAV3HadzAnsUIOfTohejjjKIOOOv3Zl7arl9wbsMydEZWtFY2
JITxnPvzItpbSNJRluhCddrCdgTEVGTrgKtSbEISyyM=
-----END CERTIFICATE-----
Generated at Fri May 9 07:30:57 2025 by rpki-client