Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c339f126-7fea-49c7-a129-4df9886e5309.roa
File: c339f126-7fea-49c7-a129-4df9886e5309.roa (raw, json)
Hash identifier: ca9B3mU+Q0b1S13vqpCvygzNiu41MdT9uazwDQMyED0=
Subject key identifier: 0E:59:E3:97:6C:3D:F8:C5:E9:43:F8:D8:06:25:50:4D:C1:59:89:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3998753BC429844B6D4FD867A18ED4F9B3099233
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c339f126-7fea-49c7-a129-4df9886e5309.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.112.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:98:75:3b:c4:29:84:4b:6d:4f:d8:67:a1:8e:d4:f9:b3:09:92:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:47:57:5a:7b:93:b7:54:21:8d:d9:ff:39:c2:
3b:b5:4e:dc:23:45:ec:cc:70:ae:54:da:fa:13:b9:
0e:4a:90:e7:74:02:f2:cf:bd:6c:d0:f7:45:dd:ca:
26:39:f9:9d:27:88:9e:9b:45:b9:14:73:2b:1f:7e:
0f:1e:0e:0b:1c:d4:12:a5:fe:8a:b7:7c:d2:ce:09:
c4:20:85:df:d3:fa:d3:f2:b2:8a:58:54:7f:95:c1:
61:26:60:ab:26:29:fe:d7:34:ac:b8:c9:80:7d:50:
15:7b:f5:f4:e0:e4:87:8d:70:1b:a4:09:cb:93:4e:
11:e9:75:d5:54:dd:0b:9d:3f:32:3c:8b:61:cb:e8:
ed:9a:0c:40:8e:84:58:68:12:65:8f:d9:fc:ef:24:
ec:0c:26:91:03:14:1a:35:dd:55:7e:9c:95:c3:6b:
08:74:6c:fc:f5:97:83:a7:3b:09:89:ce:52:86:97:
89:28:7a:87:0b:5c:79:9c:60:35:32:03:6a:8e:c4:
3e:1e:39:a7:a4:f3:d7:32:fc:e8:48:b7:a7:65:b5:
54:a5:a6:88:da:2c:7f:bb:84:72:39:20:87:ee:a8:
11:00:37:c2:18:54:f3:91:81:20:34:3c:95:05:a1:
0a:b5:92:e3:35:e4:c1:c3:f8:d5:3c:cd:68:88:a6:
ce:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:59:E3:97:6C:3D:F8:C5:E9:43:F8:D8:06:25:50:4D:C1:59:89:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c339f126-7fea-49c7-a129-4df9886e5309.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.112.0/21
Signature Algorithm: sha256WithRSAEncryption
9b:23:f0:2f:3e:5d:8e:9f:ee:ed:c9:ab:c1:5f:12:89:2e:82:
89:9c:e9:c8:1b:08:36:44:23:3b:08:ae:23:97:7d:ed:79:85:
9a:0b:43:ce:3a:3b:ca:bb:01:7b:58:30:7e:91:d9:22:01:e1:
8a:87:da:5d:7f:11:55:64:cc:90:30:47:05:38:5a:0e:2f:03:
71:a7:18:7a:c6:3f:46:e5:02:45:41:70:ab:5f:be:17:c7:68:
4f:15:61:ce:37:12:ae:cb:c7:7a:ff:63:dd:f7:af:18:84:ef:
47:6a:9a:7b:f7:46:1f:cb:1f:86:c5:59:37:42:2d:14:8a:3a:
af:51:7e:b1:9f:9c:2c:60:a1:55:b9:da:78:b1:c5:f5:7a:d6:
13:f7:20:c8:95:3e:16:80:37:3a:87:80:b2:ae:af:99:f2:f2:
ef:f6:55:d6:87:b2:64:7d:ec:06:fd:ce:d2:25:13:f6:6e:14:
8b:fb:f8:cc:c9:5e:ab:f7:1b:53:89:79:99:dc:c9:fd:aa:a9:
fc:fe:e6:0a:0b:88:23:e8:0d:5f:0a:4b:72:af:6d:2f:25:75:
a9:bd:a2:ee:5e:33:b6:75:5e:fc:c0:5f:74:14:1e:bf:aa:84:
3b:e9:bc:13:28:4c:67:3e:83:cc:3a:20:1c:84:de:bb:22:c4:
fe:a0:27:27
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUOZh1O8QphEttT9hnoY7U+bMJkjMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjkwMDAwMDBaFw0yNTAxMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDg3Yzc3NjZlYTRjYWNkNmQxNjM0ZmU1MmY4NzMyZGI0MzhiMGNhYWQ3MzQ4
OTgyNWExNjNkNTdiZmMyMjBmMmQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpHV1p7k7dUIY3Z/znCO7VO3CNF7MxwrlTa+hO5DkqQ53QC8s+9bND3Rd3K
Jjn5nSeInptFuRRzKx9+Dx4OCxzUEqX+ird80s4JxCCF39P60/KyilhUf5XBYSZg
qyYp/tc0rLjJgH1QFXv19ODkh41wG6QJy5NOEel11VTdC50/MjyLYcvo7ZoMQI6E
WGgSZY/Z/O8k7AwmkQMUGjXdVX6clcNrCHRs/PWXg6c7CYnOUoaXiSh6hwtceZxg
NTIDao7EPh45p6Tz1zL86Ei3p2W1VKWmiNosf7uEcjkgh+6oEQA3whhU85GBIDQ8
lQWhCrWS4zXkwcP41TzNaIimzvUCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQOWeOX
bD34xelD+NgGJVBNwVmJVjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzMzOWYxMjYtN2ZlYS00OWM3LWExMjktNGRmOTg4NmU1MzA5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAzMAcDAN
BgkqhkiG9w0BAQsFAAOCAQEAmyPwLz5djp/u7cmrwV8SiS6CiZzpyBsINkQjOwiu
I5d97XmFmgtDzjo7yrsBe1gwfpHZIgHhiofaXX8RVWTMkDBHBThaDi8DcacYesY/
RuUCRUFwq1++F8doTxVhzjcSrsvHev9j3fevGITvR2qae/dGH8sfhsVZN0ItFIo6
r1F+sZ+cLGChVbnaeLHF9XrWE/cgyJU+FoA3OoeAsq6vmfLy7/ZV1oeyZH3sBv3O
0iUT9m4Ui/v4zMleq/cbU4l5mdzJ/aqp/P7mCguII+gNXwpLcq9tLyV1qb2i7l4z
tnVe/MBfdBQev6qEO+m8EyhMZz6DzDogHITeuyLE/qAnJw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:29:34 2025 by rpki-client