Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e13da95c-db81-44f8-9505-033de114acce.roa
File: e13da95c-db81-44f8-9505-033de114acce.roa (raw, json)
Hash identifier: jtJKxTgqscVALeMg0ZwScvumoKD+U+aQ4HhoocuD3vo=
Subject key identifier: BB:67:35:E0:F0:18:5A:C0:FB:51:6B:9F:39:73:85:A8:A0:FB:92:53
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 19E319BED47B62752C24A3DA4CBE2094BB1D7A73
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e13da95c-db81-44f8-9505-033de114acce.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 51.152.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:e3:19:be:d4:7b:62:75:2c:24:a3:da:4c:be:20:94:bb:1d:7a:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:97:c2:7c:fa:47:b8:88:2f:01:21:0a:87:63:
fc:b1:36:7f:4c:d9:44:82:8b:0e:e0:da:1e:7f:5d:
25:9b:71:60:cc:85:eb:f9:12:cc:1a:9d:d6:00:2f:
f4:f2:08:d4:da:eb:c7:db:b9:82:f2:9e:06:f4:9c:
9e:ba:b2:45:eb:08:6b:a7:5d:ec:14:ff:47:1c:2d:
4b:9c:74:cd:9a:51:d2:a1:dc:10:83:da:3c:3d:08:
fc:f9:0e:1f:a9:7d:5c:d3:cb:cc:ba:92:2d:4b:5c:
8e:0a:dc:ee:db:c5:fa:7f:b1:b2:a4:47:26:76:30:
b6:2f:fb:a5:5e:3a:12:30:52:6d:9d:a5:85:e8:65:
cb:3d:79:75:e4:ee:e5:5f:58:28:29:52:24:0f:a4:
ef:6d:fe:1e:31:7e:8b:af:2e:35:1a:f4:2e:f4:db:
6e:a5:d6:e6:1b:24:0e:1d:2c:95:2c:8a:21:58:21:
13:54:2a:d6:af:d1:05:75:3e:f9:1b:57:07:85:50:
a7:79:82:7e:4f:d2:05:af:f9:45:b4:21:9b:40:d2:
98:98:48:1d:d6:23:8d:04:97:6e:fc:e8:c4:53:59:
7c:18:95:3f:0e:95:5a:d5:df:1c:85:93:2e:0e:3a:
81:a5:11:d8:e4:b7:11:59:5d:bd:de:64:dc:d7:d3:
27:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:67:35:E0:F0:18:5A:C0:FB:51:6B:9F:39:73:85:A8:A0:FB:92:53
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/e13da95c-db81-44f8-9505-033de114acce.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.152.0.0/15
Signature Algorithm: sha256WithRSAEncryption
75:c7:cc:0c:ed:9c:5a:03:10:50:fe:e0:81:ae:62:d0:71:29:
1a:b5:c5:bf:65:13:1c:15:eb:53:5c:ac:4e:cb:75:ec:db:a7:
fc:45:f7:1b:aa:01:db:93:72:31:0b:73:36:70:36:a7:c0:cd:
cf:ad:94:a5:01:ad:4c:46:ad:d2:0d:da:71:94:ae:6f:c9:3c:
bb:63:b4:4e:98:dc:0d:ad:0a:a9:2d:b1:85:d0:a3:bd:89:3b:
53:37:18:c9:c5:b9:dc:41:d2:a1:f0:79:94:b0:02:39:7e:ae:
a6:b5:16:1d:e1:a2:f7:a8:ce:b7:ca:25:c1:b4:c7:00:0a:ca:
4c:52:81:fd:91:46:99:a4:03:e5:c1:46:58:2d:f7:fc:59:07:
90:a5:d0:21:ca:21:44:b2:2b:d2:eb:c5:b7:5d:d1:6b:21:9e:
b0:de:bd:ae:93:04:bc:df:69:31:2c:ab:b9:68:44:73:5a:6e:
87:75:f9:47:f2:1c:02:7a:44:ea:98:9a:d8:53:6c:53:b3:b6:
d5:6a:2f:75:0f:ce:99:36:73:2d:ce:4a:73:31:1d:af:87:4b:
a1:1f:11:04:34:6f:0f:c8:3b:60:57:7b:67:95:d4:c0:bf:db:
70:a4:16:66:de:2c:be:8c:c0:d8:3c:04:58:08:df:58:17:e3:
73:96:b9:3b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUGeMZvtR7YnUsJKPaTL4glLsdenMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDhhODcwNWY2NTE0YjYyMmNmNDA3NzExZjY2NWU1MGMyNmVmMDc0Y2YwOWRl
YmI3ZDc4NWU0NmVmZDZkOTIyMTUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOiXwnz6R7iILwEhCodj/LE2f0zZRIKLDuDaHn9dJZtxYMyF6/kSzBqd1gAv
9PII1Nrrx9u5gvKeBvScnrqyResIa6dd7BT/RxwtS5x0zZpR0qHcEIPaPD0I/PkO
H6l9XNPLzLqSLUtcjgrc7tvF+n+xsqRHJnYwti/7pV46EjBSbZ2lhehlyz15deTu
5V9YKClSJA+k723+HjF+i68uNRr0LvTbbqXW5hskDh0slSyKIVghE1Qq1q/RBXU+
+RtXB4VQp3mCfk/SBa/5RbQhm0DSmJhIHdYjjQSXbvzoxFNZfBiVPw6VWtXfHIWT
Lg46gaUR2OS3EVldvd5k3NfTJysCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBS7ZzXg
8BhawPtRa585c4WooPuSUzAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZTEzZGE5NWMtZGI4MS00NGY4LTk1MDUtMDMzZGUxMTRhY2NlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDATOYMA0G
CSqGSIb3DQEBCwUAA4IBAQB1x8wM7ZxaAxBQ/uCBrmLQcSkatcW/ZRMcFetTXKxO
y3Xs26f8RfcbqgHbk3IxC3M2cDanwM3PrZSlAa1MRq3SDdpxlK5vyTy7Y7ROmNwN
rQqpLbGF0KO9iTtTNxjJxbncQdKh8HmUsAI5fq6mtRYd4aL3qM63yiXBtMcACspM
UoH9kUaZpAPlwUZYLff8WQeQpdAhyiFEsivS68W3XdFrIZ6w3r2ukwS832kxLKu5
aERzWm6HdflH8hwCekTqmJrYU2xTs7bVai91D86ZNnMtzkpzMR2vh0uhHxEENG8P
yDtgV3tnldTAv9twpBZm3iy+jMDYPARYCN9YF+Nzlrk7
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:38:08 2025 by rpki-client