Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c52c69c6-3ca8-47ff-a103-a122542306b4.roa
File: c52c69c6-3ca8-47ff-a103-a122542306b4.roa (raw, json)
Hash identifier: LaK7GgFIXmYNmLlZZ/NYTlzAm/W/ridscHaFEUYGYfY=
Subject key identifier: 4F:C4:3C:CE:D8:69:6A:4F:4B:40:B5:55:38:76:6C:4A:8B:1D:E3:1E
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 18DD61F4C4EBADF779CBA6BE541AC49E862C7A77
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c52c69c6-3ca8-47ff-a103-a122542306b4.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.20.0.0/14 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:dd:61:f4:c4:eb:ad:f7:79:cb:a6:be:54:1a:c4:9e:86:2c:7a:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:98:71:a9:d7:97:33:e6:00:b9:ba:fb:b8:f2:
64:50:ae:19:3d:3e:8f:9e:9d:0e:d4:47:02:33:a7:
ba:28:fd:9b:34:1f:a9:44:fc:f8:2e:bb:01:b9:2e:
d2:d4:04:69:cb:31:15:54:bc:6a:44:83:10:db:fd:
4e:0b:e6:63:fd:6d:41:ff:46:2a:63:c6:0c:65:5e:
b3:b3:0e:0b:b0:7c:bb:3e:35:de:aa:d8:f7:30:53:
7c:44:69:8a:18:36:3a:2a:60:d2:fd:de:ff:7a:ba:
82:11:6a:42:97:a7:15:9e:c3:dd:cb:a2:62:ff:eb:
11:c1:2c:72:a0:6a:56:c9:59:51:74:ef:44:34:ea:
0c:3e:a0:34:47:5d:e6:35:01:7d:c4:e6:57:36:e8:
33:bf:3e:72:d6:6e:41:2e:8e:2b:fc:70:ac:e5:17:
5e:7d:63:5c:d1:81:a1:2f:52:3c:1f:03:1f:60:a7:
a1:48:57:49:b1:a0:8d:50:3c:43:58:3d:51:25:c0:
d4:9c:f3:a2:b4:ce:29:bc:ed:43:68:6b:f3:00:43:
f2:8a:09:30:83:42:b7:ea:9c:8b:83:e8:ae:22:d6:
ee:36:10:36:8c:03:73:b2:0d:a0:f7:7e:c6:3b:ae:
e1:9b:fe:f3:45:06:c3:00:a7:99:1c:7e:58:2f:cc:
90:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:C4:3C:CE:D8:69:6A:4F:4B:40:B5:55:38:76:6C:4A:8B:1D:E3:1E
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/c52c69c6-3ca8-47ff-a103-a122542306b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.20.0.0/14
Signature Algorithm: sha256WithRSAEncryption
cf:e0:89:5a:15:51:d4:2c:7f:2f:5b:25:ee:19:a6:b1:b6:a4:
49:06:08:d1:4a:79:e0:2f:19:67:af:9d:19:a8:92:6a:77:87:
2d:ca:f9:d4:e7:a8:bd:20:d2:06:4a:d6:91:6d:56:ed:c5:92:
63:95:2f:b5:0e:5a:f2:b0:7e:e4:c8:c7:a5:74:0d:09:71:7d:
c5:f3:d3:e9:5a:59:30:90:af:83:d2:99:a0:b5:5f:57:2a:fc:
75:b4:0f:02:a6:fb:fd:39:b9:21:3f:e5:d7:d2:78:a5:4b:b2:
69:2a:7c:a7:8f:c6:f1:9e:d5:66:80:9b:9b:53:b8:ca:41:dd:
1a:a4:3a:94:42:aa:fb:43:5d:ac:63:9e:ef:19:3b:55:5b:2f:
1a:5f:17:c8:4c:ad:e3:a2:1b:18:2c:eb:3b:d9:97:93:a2:62:
ef:58:48:06:32:98:38:b9:21:92:8a:a6:04:85:ff:62:29:57:
ce:92:87:76:39:b8:0f:ff:86:0f:8a:0b:c7:24:b2:1f:b8:61:
6d:10:a3:ff:3f:67:8d:46:23:cb:31:fa:33:db:30:ff:8e:51:
86:95:0e:93:4f:fa:64:06:e9:c7:5b:ce:11:0a:fd:02:ca:0f:
20:80:b2:1d:f5:6b:f4:22:17:ad:a0:c0:1d:6f:1b:6c:6e:0e:
dc:15:3e:ed
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGN1h9MTrrfd5y6a+VBrEnoYsencwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU0ODQxOWRkZWQyZDIwNWRmZDQ2NTRjZTg3ZDE4OGQ1NzNjYmI5N2VkZDhl
ZDczZGYzYTAxYjNjYWRiNjdkODExLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALmYcanXlzPmALm6+7jyZFCuGT0+j56dDtRHAjOnuij9mzQfqUT8+C67Abku
0tQEacsxFVS8akSDENv9TgvmY/1tQf9GKmPGDGVes7MOC7B8uz413qrY9zBTfERp
ihg2Oipg0v3e/3q6ghFqQpenFZ7D3cuiYv/rEcEscqBqVslZUXTvRDTqDD6gNEdd
5jUBfcTmVzboM78+ctZuQS6OK/xwrOUXXn1jXNGBoS9SPB8DH2CnoUhXSbGgjVA8
Q1g9USXA1JzzorTOKbztQ2hr8wBD8ooJMINCt+qci4PoriLW7jYQNowDc7INoPd+
xjuu4Zv+80UGwwCnmRx+WC/MkLUCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRPxDzO
2GlqT0tAtVU4dmxKix3jHjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YzUyYzY5YzYtM2NhOC00N2ZmLWExMDMtYTEyMjU0MjMwNmI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDAjMUMA0G
CSqGSIb3DQEBCwUAA4IBAQDP4IlaFVHULH8vWyXuGaaxtqRJBgjRSnngLxlnr50Z
qJJqd4ctyvnU56i9INIGStaRbVbtxZJjlS+1DlrysH7kyMeldA0JcX3F89PpWlkw
kK+D0pmgtV9XKvx1tA8Cpvv9ObkhP+XX0nilS7JpKnynj8bxntVmgJubU7jKQd0a
pDqUQqr7Q12sY57vGTtVWy8aXxfITK3johsYLOs72ZeTomLvWEgGMpg4uSGSiqYE
hf9iKVfOkod2ObgP/4YPigvHJLIfuGFtEKP/P2eNRiPLMfoz2zD/jlGGlQ6TT/pk
BunHW84RCv0Cyg8ggLId9Wv0IhetoMAdbxtsbg7cFT7t
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:09:20 2025 by rpki-client