Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cb77317b-e565-4116-8e1c-6b5a63be2487.roa
File: cb77317b-e565-4116-8e1c-6b5a63be2487.roa (raw, json)
Hash identifier: M5iY8i6EuYgONkJkLNuYl2XDoSw9SxgnF9nJm1aZEl8=
Subject key identifier: 61:85:F2:F7:D8:0A:EF:36:A0:A8:6D:BB:6C:F1:10:F0:6A:C2:DB:EA
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 48A212D84A79595A7E7E7C20EF9C521C74205CFC
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cb77317b-e565-4116-8e1c-6b5a63be2487.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.166.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:a2:12:d8:4a:79:59:5a:7e:7e:7c:20:ef:9c:52:1c:74:20:5c:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:62:17:e6:87:ae:5b:15:a1:76:c5:48:e8:f6:
5b:92:76:8f:b0:ad:76:14:6f:d5:ba:e6:e6:83:a9:
58:ab:93:76:73:6d:50:90:21:85:a9:80:a5:7f:cc:
8e:b0:50:c4:44:27:9f:96:95:e5:e2:1e:72:d5:8d:
72:b8:15:92:a2:30:57:c4:5c:27:e0:60:71:19:42:
ca:7c:d8:3f:ba:fb:be:2e:d1:7a:c5:cd:d9:1c:ab:
35:31:be:6d:a2:d0:f5:3b:5f:16:af:bb:82:85:10:
9c:4b:68:5e:f7:1e:72:ba:b8:73:d7:39:cd:8f:fa:
18:f8:9a:d1:08:db:e0:ac:00:db:34:af:92:7b:1b:
84:a6:09:9a:1a:74:a7:d0:4b:bb:5d:99:a2:5a:5b:
92:da:4f:a9:46:4b:6d:fb:f5:0f:78:20:34:d9:2e:
1e:19:7a:6c:39:f0:d0:4c:95:56:0e:4a:32:09:76:
5a:22:07:5b:d6:7b:4e:b7:0d:fe:3c:01:f6:9b:0a:
5a:d4:01:01:19:3d:8a:88:f4:58:90:59:d6:12:e7:
dc:e0:d0:b9:b8:cc:39:26:57:92:a3:c7:6b:0f:a1:
18:20:e0:64:e7:7c:a8:22:7b:b5:59:0b:1b:47:07:
30:b1:f2:20:d1:95:35:0b:e3:48:a2:87:1a:42:53:
de:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:85:F2:F7:D8:0A:EF:36:A0:A8:6D:BB:6C:F1:10:F0:6A:C2:DB:EA
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/cb77317b-e565-4116-8e1c-6b5a63be2487.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.166.0.0/15
Signature Algorithm: sha256WithRSAEncryption
5b:ae:f7:4a:87:3e:90:80:64:27:1b:95:c4:46:ff:71:b9:61:
6f:86:9e:e0:49:5e:ac:1d:85:b2:5c:3e:6c:07:25:aa:38:07:
6d:b6:80:36:fc:b8:8c:af:a8:0c:71:e0:53:06:bb:f7:2f:15:
d5:80:34:a9:0c:45:2a:e2:5e:a3:93:68:45:d1:55:f1:26:33:
35:c6:c4:b0:aa:5a:8d:86:f0:e9:82:59:70:a4:2e:c0:86:40:
57:ad:28:fa:2c:1d:0c:c0:f3:1f:cc:96:06:54:aa:0c:2b:9b:
46:26:e8:34:88:1f:f6:f8:d3:3d:b1:ff:9a:da:0c:2c:a6:3c:
2f:45:ab:e8:89:41:e7:cd:27:8f:ee:a9:89:9b:77:2f:48:5a:
20:79:57:28:1a:0f:d4:19:8d:62:f9:80:93:5a:75:85:dc:68:
2f:df:c8:60:13:d1:1e:38:f9:a8:98:0c:a8:74:ff:38:a9:d3:
5e:ea:59:38:f7:48:3f:1b:bc:2a:4b:50:8d:66:bf:34:b8:61:
51:19:e3:43:ef:e0:e8:74:f9:89:49:7e:33:a4:a0:92:ab:bf:
36:3c:ed:0a:38:35:f4:36:cf:33:a7:5b:92:61:cc:6b:7f:fb:
19:d8:46:ba:f6:0d:a4:bd:94:71:36:84:60:c4:00:a5:0a:32:
79:f4:57:db
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUSKIS2Ep5WVp+fnwg75xSHHQgXPwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGViMWMzMWIyZWQ5YzUxN2RlMmFjN2I2NzUxMjRjZmIyY2Y1NDUxZWQwODFm
NzVlYzEzZjZlMjFhZmJlMmMzNWQxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKNiF+aHrlsVoXbFSOj2W5J2j7CtdhRv1brm5oOpWKuTdnNtUJAhhamApX/M
jrBQxEQnn5aV5eIectWNcrgVkqIwV8RcJ+BgcRlCynzYP7r7vi7ResXN2RyrNTG+
baLQ9TtfFq+7goUQnEtoXvcecrq4c9c5zY/6GPia0Qjb4KwA2zSvknsbhKYJmhp0
p9BLu12ZolpbktpPqUZLbfv1D3ggNNkuHhl6bDnw0EyVVg5KMgl2WiIHW9Z7TrcN
/jwB9psKWtQBARk9ioj0WJBZ1hLn3ODQubjMOSZXkqPHaw+hGCDgZOd8qCJ7tVkL
G0cHMLHyINGVNQvjSKKHGkJT3jECAwEAAaOCAiAwggIcMB0GA1UdDgQWBBRhhfL3
2ArvNqCobbts8RDwasLb6jAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2I3NzMxN2ItZTU2NS00MTE2LThlMWMtNmI1YTYzYmUyNDg3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOmMA0G
CSqGSIb3DQEBCwUAA4IBAQBbrvdKhz6QgGQnG5XERv9xuWFvhp7gSV6sHYWyXD5s
ByWqOAdttoA2/LiMr6gMceBTBrv3LxXVgDSpDEUq4l6jk2hF0VXxJjM1xsSwqlqN
hvDpgllwpC7AhkBXrSj6LB0MwPMfzJYGVKoMK5tGJug0iB/2+NM9sf+a2gwspjwv
RavoiUHnzSeP7qmJm3cvSFogeVcoGg/UGY1i+YCTWnWF3Ggv38hgE9EeOPmomAyo
dP84qdNe6lk490g/G7wqS1CNZr80uGFRGeND7+DodPmJSX4zpKCSq782PO0KODX0
Ns8zp1uSYcxrf/sZ2Ea69g2kvZRxNoRgxAClCjJ59Ffb
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:26:23 2025 by rpki-client