Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/da784055-12b4-4572-86a3-e152a8681c7c.roa
File: da784055-12b4-4572-86a3-e152a8681c7c.roa (raw, json)
Hash identifier: Ml23/EH2W1R7qlAI/0E6dRycdrN/PGemk4yNB+XbHa4=
Subject key identifier: 0F:CC:06:22:2B:80:21:41:90:C2:1D:37:9B:8E:B4:16:4D:68:DE:8A
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 0B215691C13157C77A40716FE86F5571F201F316
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/da784055-12b4-4572-86a3-e152a8681c7c.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 51.0.64.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:21:56:91:c1:31:57:c7:7a:40:71:6f:e8:6f:55:71:f2:01:f3:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: serialNumber=622e5fe09d612d3c6c9aa5ef8ebec873d00dd864fca0c6a51337c10c0cc84a77, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e6:60:1e:65:d0:e2:1b:a3:95:2e:b4:a8:62:
56:f6:3e:49:c2:66:40:c2:97:4b:73:5b:93:6b:1e:
78:fa:fc:56:ed:6a:34:3d:bc:a6:63:ae:40:44:c8:
64:fb:38:b4:c9:dd:30:b5:d2:52:52:5a:f3:90:44:
4d:f2:ad:26:50:28:f0:9e:cd:5c:10:e5:93:d2:af:
23:2a:0d:04:cb:b8:6d:55:0e:ad:c1:3c:41:e5:81:
e4:87:b1:93:58:f9:d1:3e:0f:0d:5d:ca:31:3a:74:
9d:82:a4:1b:6f:d3:82:a2:56:4e:02:bd:aa:56:fd:
aa:94:29:44:fb:bc:dc:b4:db:b1:8c:e5:92:31:2c:
28:bc:dc:92:60:27:24:15:22:82:15:5b:5b:eb:0b:
23:67:e6:25:a6:80:e3:ac:64:55:b5:d2:cd:75:f7:
0c:d9:07:d5:c8:46:11:59:c2:76:43:d5:ce:81:d0:
fd:14:56:f5:e7:a4:58:26:1f:a8:1e:63:d0:b9:3b:
c3:7e:59:3b:8a:b6:27:b5:cd:35:f7:93:d4:49:4c:
61:42:2c:ef:a6:04:78:53:fa:cc:b6:89:4a:27:34:
fa:5d:f5:64:4b:fa:a1:dd:1f:43:3a:9d:40:35:24:
58:6b:80:02:15:79:36:54:5e:d8:e5:42:5b:e0:e7:
ca:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:CC:06:22:2B:80:21:41:90:C2:1D:37:9B:8E:B4:16:4D:68:DE:8A
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/da784055-12b4-4572-86a3-e152a8681c7c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
66:92:d0:05:c2:9b:dd:cc:b7:b8:61:7d:fa:2d:4f:e5:ca:ae:
b3:27:de:93:87:16:b8:d7:67:23:23:c0:90:40:aa:bf:9f:85:
f7:85:3f:6a:9a:f8:42:e2:1a:e2:7d:96:ce:2e:b5:c6:9a:29:
b8:2e:6b:4a:4a:0b:64:f8:88:5f:e9:99:22:62:07:89:62:2f:
3c:81:5f:70:6a:26:4a:d5:e1:b5:9b:77:dc:1f:06:33:b2:d4:
fb:7f:30:63:3a:9c:76:4d:9d:7b:68:c5:cd:ad:7c:68:b8:da:
14:7f:6a:30:12:50:5b:de:93:c3:74:38:93:76:5f:e3:fa:8b:
6b:58:a4:63:5e:17:df:a2:32:91:e5:e7:8f:f8:fc:0a:b4:bc:
30:87:2b:31:4d:23:57:0a:62:c8:25:1b:9c:6f:11:52:b2:f5:
56:53:bb:fc:37:1b:73:ac:a3:58:ff:ac:e3:26:14:04:18:8b:
a6:46:e8:51:8d:e0:08:07:ba:b8:e4:ce:5a:45:23:e0:0b:1e:
42:50:5c:65:0d:6b:2a:ac:f7:0e:91:80:f2:e5:af:d7:cf:48:
ac:f0:34:11:fd:26:cc:7c:c3:58:cd:ff:9d:3b:58:9f:24:a5:
1e:ac:b2:18:9d:36:b7:e0:96:de:3d:51:d8:39:dc:23:9c:38:
75:a6:1d:0f
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUCyFWkcExV8d6QHFv6G9VcfIB8xYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDExMjkwMDAwMDBaFw0yNTAxMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDYyMmU1ZmUwOWQ2MTJkM2M2YzlhYTVlZjhlYmVjODczZDAwZGQ4NjRmY2Ew
YzZhNTEzMzdjMTBjMGNjODRhNzcxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALLmYB5l0OIbo5UutKhiVvY+ScJmQMKXS3Nbk2seePr8Vu1qND28pmOuQETI
ZPs4tMndMLXSUlJa85BETfKtJlAo8J7NXBDlk9KvIyoNBMu4bVUOrcE8QeWB5Iex
k1j50T4PDV3KMTp0nYKkG2/TgqJWTgK9qlb9qpQpRPu83LTbsYzlkjEsKLzckmAn
JBUighVbW+sLI2fmJaaA46xkVbXSzXX3DNkH1chGEVnCdkPVzoHQ/RRW9eekWCYf
qB5j0Lk7w35ZO4q2J7XNNfeT1ElMYUIs76YEeFP6zLaJSic0+l31ZEv6od0fQzqd
QDUkWGuAAhV5NlRe2OVCW+Dnyt8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBQPzAYi
K4AhQZDCHTebjrQWTWjeijAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGE3ODQwNTUtMTJiNC00NTcyLTg2YTMtZTE1MmE4NjgxYzdjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBjMAQDAN
BgkqhkiG9w0BAQsFAAOCAQEAZpLQBcKb3cy3uGF9+i1P5cqusyfek4cWuNdnIyPA
kECqv5+F94U/apr4QuIa4n2Wzi61xpopuC5rSkoLZPiIX+mZImIHiWIvPIFfcGom
StXhtZt33B8GM7LU+38wYzqcdk2de2jFza18aLjaFH9qMBJQW96Tw3Q4k3Zf4/qL
a1ikY14X36IykeXnj/j8CrS8MIcrMU0jVwpiyCUbnG8RUrL1VlO7/Dcbc6yjWP+s
4yYUBBiLpkboUY3gCAe6uOTOWkUj4AseQlBcZQ1rKqz3DpGA8uWv189IrPA0Ef0m
zHzDWM3/nTtYnySlHqyyGJ02t+CW3j1R2DncI5w4daYdDw==
-----END CERTIFICATE-----
Generated at Fri May 9 07:36:18 2025 by rpki-client