Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc85da0f-0832-49be-86a7-ca4e42c3e0c2.roa
File: dc85da0f-0832-49be-86a7-ca4e42c3e0c2.roa (raw, json)
Hash identifier: 4iU10T6DAfhAsfo0uD4Cqq77F5JKc8g+EVLOGhxUMVE=
Subject key identifier: 18:B9:23:50:A8:C9:B6:3F:DE:41:43:37:78:74:E7:C2:CC:2F:BF:02
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 04D7A4C137E8BAE0A14659F951BAE0C35A56CE1F
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc85da0f-0832-49be-86a7-ca4e42c3e0c2.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.76.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:d7:a4:c1:37:e8:ba:e0:a1:46:59:f9:51:ba:e0:c3:5a:56:ce:1f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:53:7a:04:ac:d4:aa:0c:25:3b:15:ef:bc:f6:
f6:c7:a2:a0:26:bd:1e:69:38:75:27:67:10:be:38:
77:66:d1:03:a5:62:a8:ee:f6:d0:e0:1d:a7:cf:a7:
a7:92:7c:ee:7c:db:fb:e3:0c:ae:27:0a:0b:de:fe:
27:fd:bd:45:e9:62:5c:2f:16:97:5c:e9:de:74:1d:
0b:ed:fa:d8:5d:72:f6:ef:ac:72:49:47:0e:7a:24:
1e:2d:22:ae:84:ac:8e:e7:f0:b3:5c:1b:0f:79:a5:
36:be:0a:9f:1f:53:98:d1:a0:8e:6f:66:d5:be:da:
de:7d:85:9e:63:f2:82:3f:32:d3:57:ae:e5:cb:ff:
6a:dd:ea:c8:8c:0e:f2:da:00:91:13:5c:67:89:b6:
85:75:60:0d:10:49:6d:d7:3f:45:88:44:c0:c5:a2:
76:75:12:a4:05:23:58:b9:70:20:9a:7c:ae:cc:b6:
67:5d:c1:5f:1e:78:2a:d4:4c:06:95:47:fd:27:97:
e8:0e:ae:25:69:89:23:00:c3:19:b6:e3:4a:80:7f:
ad:39:fe:33:52:90:d0:d7:ca:58:5f:c8:f5:4c:1c:
c2:5a:28:d0:7e:47:24:27:02:e8:c1:4b:d5:7b:6f:
7b:ad:22:23:f9:a2:85:7b:10:63:94:01:a0:3e:fe:
9e:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:B9:23:50:A8:C9:B6:3F:DE:41:43:37:78:74:E7:C2:CC:2F:BF:02
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc85da0f-0832-49be-86a7-ca4e42c3e0c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.76.0.0/16
Signature Algorithm: sha256WithRSAEncryption
2e:fa:70:94:17:3c:c0:3e:d4:a9:98:68:2e:bd:6d:4c:a5:eb:
be:23:7b:a4:87:a0:b8:2f:74:5f:8e:88:5f:18:f3:e1:47:b1:
19:5c:ce:b7:62:87:d9:c6:51:0a:a9:d9:8c:7d:5d:c1:85:fd:
18:fe:4c:67:56:3e:6e:b9:0f:b2:f2:b9:78:6b:e2:bd:85:4d:
15:02:84:6f:67:36:e3:bf:7f:ae:ee:c9:ac:91:d0:13:c8:12:
42:86:51:41:61:92:7a:42:63:32:a7:43:f4:2b:d1:0c:d3:4b:
7e:9a:85:07:d9:f6:e6:17:6b:e2:c2:e1:15:54:3c:2b:b6:ce:
57:b8:f4:c4:46:41:64:ac:0d:24:59:38:51:1b:4b:a8:4b:07:
37:64:40:94:1b:55:0c:4f:d8:7c:ea:d5:68:a6:6f:27:11:cc:
97:e5:75:12:fe:fd:da:f3:b6:74:f2:f5:7f:66:03:dd:6c:b9:
ae:f4:cb:cb:11:b3:f5:9a:42:aa:f5:4c:25:9f:3f:86:eb:d8:
0a:81:ba:42:63:57:72:9a:06:66:11:80:80:ba:ba:83:c1:b6:
51:cf:6c:9b:a6:95:e6:10:0b:83:f5:72:9f:c7:83:5e:33:c4:
10:a3:a3:5a:34:07:12:a8:6e:54:3d:23:bd:d4:09:ec:4e:a1:
9c:d5:0d:86
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUBNekwTfouuChRln5Ubrgw1pWzh8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJhZjdiYzU0MWJiNWMyYzRiZGUxNDljYjM4MzVjOGEwMjI5ZjI1Zjc1Y2M5
NmZjNzlhNDZlODNiZGIzYThlYTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1TegSs1KoMJTsV77z29seioCa9Hmk4dSdnEL44d2bRA6ViqO720OAdp8+n
p5J87nzb++MMricKC97+J/29ReliXC8Wl1zp3nQdC+362F1y9u+scklHDnokHi0i
roSsjufws1wbD3mlNr4Knx9TmNGgjm9m1b7a3n2FnmPygj8y01eu5cv/at3qyIwO
8toAkRNcZ4m2hXVgDRBJbdc/RYhEwMWidnUSpAUjWLlwIJp8rsy2Z13BXx54KtRM
BpVH/SeX6A6uJWmJIwDDGbbjSoB/rTn+M1KQ0NfKWF/I9Uwcwloo0H5HJCcC6MFL
1Xtve60iI/mihXsQY5QBoD7+npMCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBQYuSNQ
qMm2P95BQzd4dOfCzC+/AjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGM4NWRhMGYtMDgzMi00OWJlLTg2YTctY2E0ZTQyYzNlMGMyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDADNMMA0G
CSqGSIb3DQEBCwUAA4IBAQAu+nCUFzzAPtSpmGguvW1Mpeu+I3ukh6C4L3Rfjohf
GPPhR7EZXM63YofZxlEKqdmMfV3Bhf0Y/kxnVj5uuQ+y8rl4a+K9hU0VAoRvZzbj
v3+u7smskdATyBJChlFBYZJ6QmMyp0P0K9EM00t+moUH2fbmF2viwuEVVDwrts5X
uPTERkFkrA0kWThRG0uoSwc3ZECUG1UMT9h86tVopm8nEcyX5XUS/v3a87Z08vV/
ZgPdbLmu9MvLEbP1mkKq9Uwlnz+G69gKgbpCY1dymgZmEYCAurqDwbZRz2ybppXm
EAuD9XKfx4NeM8QQo6NaNAcSqG5UPSO91AnsTqGc1Q2G
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:47 2025 by rpki-client