Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d310e678-58b7-443e-b704-6a24720f63c2.roa
File: d310e678-58b7-443e-b704-6a24720f63c2.roa (raw, json)
Hash identifier: kgh08TDqda/gcZoB510aVe+zh2jBVHQKURbluYvuuWg=
Subject key identifier: F0:9F:B9:D9:3B:B3:7B:81:7D:1D:2F:DA:51:92:B2:2A:7D:E1:14:35
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 57C8664F70A1E31D1C9D23B6F1511816B50227AF
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d310e678-58b7-443e-b704-6a24720f63c2.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.114.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
57:c8:66:4f:70:a1:e3:1d:1c:9d:23:b6:f1:51:18:16:b5:02:27:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:97:99:96:01:76:19:a3:4c:6a:b0:8a:c3:c2:
da:39:52:eb:b4:12:d2:5e:9a:06:85:72:f0:c3:ae:
c9:47:fc:e9:1f:12:f8:ea:fc:2a:6f:6d:72:d2:db:
54:2d:71:64:27:f0:93:d9:0d:7c:70:77:09:03:8b:
b1:d2:c7:05:09:38:e8:b4:9f:ba:b1:a9:ff:0c:2c:
93:0b:47:54:1d:5c:c4:79:59:9a:88:c8:a8:56:fd:
7a:ea:fb:0a:c4:48:de:19:b1:e6:1d:68:d3:2a:f9:
b4:3f:8d:4a:c6:41:44:81:8e:66:c1:10:86:ba:c1:
fb:91:86:eb:e1:fd:5c:bf:30:e0:95:bc:bc:96:a8:
34:e1:24:61:09:54:25:82:e3:cd:72:ec:82:15:0b:
a3:0f:5c:22:a7:84:1c:34:1f:92:0d:9c:20:a5:e3:
bc:4c:7b:99:73:43:92:bc:0c:cf:46:c7:c7:2f:df:
33:ef:75:c1:4d:55:fe:4e:f8:b5:4b:96:7f:a9:fc:
fd:41:51:ce:98:f2:1d:3c:81:56:c8:f8:08:e4:2b:
27:f7:fb:0b:e0:3a:04:e3:9b:bc:bb:19:7d:5d:3c:
5e:75:b1:12:af:3d:9b:5e:91:a2:41:07:99:71:16:
fb:83:43:2f:a2:53:0f:d5:6a:47:ba:90:d8:2f:a6:
e1:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:9F:B9:D9:3B:B3:7B:81:7D:1D:2F:DA:51:92:B2:2A:7D:E1:14:35
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d310e678-58b7-443e-b704-6a24720f63c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.114.0.0/16
Signature Algorithm: sha256WithRSAEncryption
52:69:c0:5f:6e:bb:c3:a6:8c:a5:93:3c:30:70:3e:46:45:b7:
c1:ba:d1:53:dc:1a:58:74:5e:4b:60:63:95:d6:f1:60:57:f9:
2a:68:38:82:a8:c2:ac:ec:d6:e4:77:34:2e:7c:a2:1b:01:5a:
04:e6:33:99:8e:92:f1:6c:45:31:81:44:93:4e:f7:25:48:3d:
a8:20:61:3b:20:d4:bf:16:6b:63:b9:8c:5a:a7:31:bf:4f:61:
39:f2:16:bc:af:71:98:29:57:20:ce:8b:8e:7d:78:c3:17:22:
4b:28:15:a7:72:96:2e:04:d1:7e:1d:2f:3b:59:ad:19:59:2d:
27:b8:af:b9:97:f9:8a:58:81:a7:c7:db:d0:df:8f:dc:47:47:
72:41:77:ba:1a:47:82:23:b9:81:b6:18:77:25:a6:26:f0:c5:
1d:59:15:4b:da:82:fd:1f:1d:e2:d4:8d:fa:34:d5:3b:ea:f4:
f2:3d:fd:80:0c:73:2d:f6:39:f6:4d:25:29:3a:2f:a5:d3:0b:
bc:b7:72:34:7c:36:87:27:09:05:90:4a:db:72:ea:7f:98:2e:
8e:a4:d3:61:4b:41:2a:a0:4c:ae:ee:f0:76:d5:ad:e6:bf:ae:
75:f5:52:f1:c8:84:43:5d:15:5d:19:72:95:77:84:1c:b0:0f:
63:72:56:bf
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUV8hmT3Ch4x0cnSO28VEYFrUCJ68wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGViNzRhZmY5YzExZjEyMmRmMzVjMjhmNjRhMzZmOTM5MGE0NGEwNDdiZTk1
NWY5N2M1OTZlN2I2ODQ4Y2Y1NDcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMuXmZYBdhmjTGqwisPC2jlS67QS0l6aBoVy8MOuyUf86R8S+Or8Km9tctLb
VC1xZCfwk9kNfHB3CQOLsdLHBQk46LSfurGp/wwskwtHVB1cxHlZmojIqFb9eur7
CsRI3hmx5h1o0yr5tD+NSsZBRIGOZsEQhrrB+5GG6+H9XL8w4JW8vJaoNOEkYQlU
JYLjzXLsghULow9cIqeEHDQfkg2cIKXjvEx7mXNDkrwMz0bHxy/fM+91wU1V/k74
tUuWf6n8/UFRzpjyHTyBVsj4COQrJ/f7C+A6BOObvLsZfV08XnWxEq89m16RokEH
mXEW+4NDL6JTD9VqR7qQ2C+m4ccCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBTwn7nZ
O7N7gX0dL9pRkrIqfeEUNTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDMxMGU2NzgtNThiNy00NDNlLWI3MDQtNmEyNDcyMGY2M2MyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNyMA0G
CSqGSIb3DQEBCwUAA4IBAQBSacBfbrvDpoylkzwwcD5GRbfButFT3BpYdF5LYGOV
1vFgV/kqaDiCqMKs7NbkdzQufKIbAVoE5jOZjpLxbEUxgUSTTvclSD2oIGE7INS/
FmtjuYxapzG/T2E58ha8r3GYKVcgzouOfXjDFyJLKBWncpYuBNF+HS87Wa0ZWS0n
uK+5l/mKWIGnx9vQ34/cR0dyQXe6GkeCI7mBthh3JaYm8MUdWRVL2oL9Hx3i1I36
NNU76vTyPf2ADHMt9jn2TSUpOi+l0wu8t3I0fDaHJwkFkErbcup/mC6OpNNhS0Eq
oEyu7vB21a3mv6519VLxyIRDXRVdGXKVd4QcsA9jcla/
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:15:24 2025 by rpki-client