Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce1d12f0-5347-41d5-b7bb-778dda0c1d4c.roa
File: ce1d12f0-5347-41d5-b7bb-778dda0c1d4c.roa (raw, json)
Hash identifier: Iu1bS3eChpmx7HX9u/1Z8QziDRvwxIcMPjToGafyuIE=
Subject key identifier: F8:3B:78:B4:2F:D7:05:85:B7:A1:CE:18:E7:A2:67:AE:14:24:29:B3
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2BDA7AECDED567765EDEC312FD97C070DD773BBF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce1d12f0-5347-41d5-b7bb-778dda0c1d4c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.60.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:da:7a:ec:de:d5:67:76:5e:de:c3:12:fd:97:c0:70:dd:77:3b:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:c5:31:76:1c:40:1c:ce:d8:b7:d0:82:c1:96:
e7:80:4e:f7:a5:13:b0:a2:0c:e8:1e:a8:5d:a3:83:
80:fe:28:f6:3e:c4:fc:26:ec:a3:83:5e:50:54:ec:
9e:69:fc:72:6b:f3:ce:4d:22:eb:8b:2b:0f:fd:49:
95:a1:c5:be:3f:dd:19:24:c7:f9:67:b5:c1:78:52:
b0:6a:f7:5f:1e:f4:20:73:17:70:1a:55:fa:3f:06:
0f:44:2c:c7:d7:8f:49:7f:e4:a7:57:60:80:54:24:
56:5e:12:85:3b:fd:6c:21:70:d6:c4:b1:4d:72:0e:
d0:3c:61:87:4a:c7:e5:0c:12:ca:7c:2c:92:1c:b2:
3e:2c:b6:e6:70:a3:01:b0:63:44:ef:cd:b1:1f:8b:
7c:ab:c1:4d:50:ac:28:f6:eb:61:c9:6e:78:d7:c9:
16:30:22:37:c6:72:4e:8c:34:cb:9b:72:31:06:cb:
b3:2b:e2:c2:15:83:c5:3b:be:f0:ec:03:0f:5d:34:
4d:7d:6d:e0:28:5b:c7:28:9f:66:2c:6d:e7:6c:dd:
ff:65:eb:69:69:85:32:35:b7:ad:aa:41:b4:e6:e3:
cf:5a:b8:66:51:9b:73:b1:29:86:b2:8e:29:e2:0d:
a5:68:42:1e:41:11:ea:14:07:1c:40:84:3b:5a:9c:
4f:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F8:3B:78:B4:2F:D7:05:85:B7:A1:CE:18:E7:A2:67:AE:14:24:29:B3
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/ce1d12f0-5347-41d5-b7bb-778dda0c1d4c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.60.0.0/16
Signature Algorithm: sha256WithRSAEncryption
6b:19:13:16:67:df:92:b0:36:54:40:b6:05:53:b2:35:59:2b:
63:14:8b:1a:8b:52:5b:bb:31:37:e1:d6:06:38:84:89:2a:42:
81:8b:cc:e8:6b:e4:a6:fd:a7:bd:c3:c8:b0:c0:57:4e:e6:f0:
d1:fa:9c:e1:41:a9:38:a8:56:61:cd:f7:f3:5d:ea:d4:ba:88:
8c:d7:30:5b:d9:a9:ab:d7:48:68:f4:02:d0:16:79:53:3b:4c:
ff:47:e7:6a:4f:9b:15:f7:56:77:87:1d:59:74:50:51:62:0c:
2b:c1:ce:cc:2e:6d:5e:34:e3:f4:7b:58:89:ab:0d:d6:bf:00:
f8:8e:d9:de:63:03:0c:73:99:21:2a:4e:72:ea:9f:5a:61:a3:
9c:60:dd:08:48:1a:af:66:79:85:84:50:fc:08:11:cf:b1:a1:
9f:5f:cb:e9:90:05:57:69:f0:85:e3:5f:57:7a:96:d3:6c:1e:
77:69:7e:cd:2e:f2:38:d0:e0:5b:05:e6:cc:2c:30:d3:ac:0b:
c0:fc:77:11:db:db:4d:ac:8c:fd:1e:6e:f4:47:e8:0b:69:3c:
b9:a3:57:34:e9:37:67:64:bf:a8:29:78:51:f6:e6:44:c9:09:
75:3d:ef:1a:55:86:b3:f2:56:6b:73:07:43:61:40:90:9b:7f:
00:b8:c0:55
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUK9p67N7VZ3Ze3sMS/ZfAcN13O78wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGRkZWE1OGIyNWUyZTFkN2E4ODczZGVjYTJkM2ViNGM3ODhiZDM2MTZlMDNl
ZjA2YTA5ODhjNTdlY2UyNTJmODgxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK3FMXYcQBzO2LfQgsGW54BO96UTsKIM6B6oXaODgP4o9j7E/Cbso4NeUFTs
nmn8cmvzzk0i64srD/1JlaHFvj/dGSTH+We1wXhSsGr3Xx70IHMXcBpV+j8GD0Qs
x9ePSX/kp1dggFQkVl4ShTv9bCFw1sSxTXIO0Dxhh0rH5QwSynwskhyyPiy25nCj
AbBjRO/NsR+LfKvBTVCsKPbrYclueNfJFjAiN8ZyTow0y5tyMQbLsyviwhWDxTu+
8OwDD100TX1t4ChbxyifZixt52zd/2XraWmFMjW3rapBtObjz1q4ZlGbc7EphrKO
KeINpWhCHkER6hQHHECEO1qcT7sCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT4O3i0
L9cFhbehzhjnomeuFCQpszAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
Y2UxZDEyZjAtNTM0Ny00MWQ1LWI3YmItNzc4ZGRhMGMxZDRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADM8MA0G
CSqGSIb3DQEBCwUAA4IBAQBrGRMWZ9+SsDZUQLYFU7I1WStjFIsai1JbuzE34dYG
OISJKkKBi8zoa+Sm/ae9w8iwwFdO5vDR+pzhQak4qFZhzffzXerUuoiM1zBb2amr
10ho9ALQFnlTO0z/R+dqT5sV91Z3hx1ZdFBRYgwrwc7MLm1eNOP0e1iJqw3WvwD4
jtneYwMMc5khKk5y6p9aYaOcYN0ISBqvZnmFhFD8CBHPsaGfX8vpkAVXafCF419X
epbTbB53aX7NLvI40OBbBebMLDDTrAvA/HcR29tNrIz9Hm70R+gLaTy5o1c06Tdn
ZL+oKXhR9uZEyQl1Pe8aVYaz8lZrcwdDYUCQm38AuMBV
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:29:08 2025 by rpki-client