Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f63754b7-fb63-483b-81cc-1e0530064391.roa
File: f63754b7-fb63-483b-81cc-1e0530064391.roa (raw, json)
Hash identifier: kSayvQIF7Ens7DleaEe254mILbFuVWUD9z7Rw3Z0dqs=
Subject key identifier: B0:DB:10:93:28:99:F0:DB:D7:BC:B2:30:A0:CD:C2:09:EF:FD:C0:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4AD3F8452675CAF4DD54C0E17333BE7259525C69
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f63754b7-fb63-483b-81cc-1e0530064391.roa
Signing time: Tue 10 Dec 2024 00:00:00 +0000
ROA not before: Tue 10 Dec 2024 00:00:00 +0000
ROA not after: Tue 14 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 46.51.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:d3:f8:45:26:75:ca:f4:dd:54:c0:e1:73:33:be:72:59:52:5c:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 10 00:00:00 2024 GMT
Not After : Jan 14 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:87:f9:21:c6:fb:22:9c:5f:e8:37:1d:bd:19:f2:
5d:08:8b:9f:88:fb:8f:c0:52:7a:61:bb:6f:b8:ca:
a5:76:02:c8:4b:46:5b:99:fc:00:ce:44:f2:30:01:
92:1e:b7:6f:b2:71:af:f5:6d:39:00:f2:91:a3:84:
07:c7:4c:37:2a:36:4b:30:ea:eb:81:69:6c:e8:01:
e0:e3:be:7f:c6:ac:30:75:97:db:40:10:af:dc:5c:
99:19:0e:df:00:ba:d7:71:4c:47:b3:28:44:22:39:
ad:e7:d9:29:a0:5e:11:4e:9d:d4:20:2b:c9:0b:ce:
5c:57:95:fd:78:ec:99:68:57:e9:88:28:f7:97:dd:
35:cf:ae:15:94:f8:8e:9c:08:d7:c0:82:eb:2d:6d:
c9:bd:f0:92:25:c0:e6:ea:10:26:0a:83:81:3e:b9:
b8:10:c0:ba:62:fb:d1:07:8a:c2:36:ed:b2:22:e1:
a9:49:61:67:4d:ce:78:e5:27:e4:5c:39:7c:2e:93:
ed:9a:31:68:3d:24:48:d6:d2:de:0c:27:82:ed:17:
00:31:47:b9:dd:76:46:19:87:10:96:29:a9:e4:97:
c8:db:1f:27:4c:7c:c6:19:f9:64:7b:53:df:d2:cc:
10:52:9b:6f:06:24:65:1c:30:4d:e3:cc:05:62:0a:
9b:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:DB:10:93:28:99:F0:DB:D7:BC:B2:30:A0:CD:C2:09:EF:FD:C0:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f63754b7-fb63-483b-81cc-1e0530064391.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.128.0/18
Signature Algorithm: sha256WithRSAEncryption
4a:39:57:ff:1c:37:f6:87:68:cb:e6:32:17:43:f9:de:d3:9c:
a2:17:dd:bc:64:9e:b0:85:bc:90:6a:41:a7:49:81:fd:b5:73:
f6:8c:6f:44:68:46:8d:e9:d0:63:9a:3a:57:89:04:9c:d9:95:
c5:b1:c8:8d:a0:48:b7:12:36:78:c2:a1:14:51:6b:1f:31:b4:
75:f7:93:36:c2:01:74:7d:d8:16:77:8d:3c:ad:32:c5:51:d7:
28:b8:d0:e6:85:24:c4:52:da:83:38:ee:e0:bb:6a:7c:50:1f:
39:24:67:1b:44:b7:b7:c8:57:6a:fd:3f:ce:e1:74:b1:1e:f1:
b2:c8:02:65:83:fb:4c:2a:3f:30:ef:63:46:9b:cb:89:ff:85:
85:70:35:02:69:a0:b3:49:11:d3:68:a4:6f:fe:ce:35:f0:b0:
84:80:8d:1d:c2:64:14:b3:87:4f:53:0c:69:1c:f8:9c:d3:7f:
52:91:2a:6f:63:58:01:a0:5f:60:e0:ab:62:31:b6:56:53:79:
34:77:2e:85:56:f3:8a:7f:44:82:af:e7:45:35:70:11:e9:3a:
06:e3:61:0d:90:70:cc:62:e7:f9:16:20:fa:ce:ef:1c:5b:69:
4c:d2:8c:a0:3d:32:5a:86:17:5c:ea:0b:1d:6c:83:ec:02:b9:
62:e6:79:46
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUStP4RSZ1yvTdVMDhczO+cllSXGkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTAwMDAwMDBaFw0yNTAxMTQyMzU5NTlaMHoxSTBHBgNV
BAUTQGIwMjE5MjI1MjY2ZDIzNGY0M2RmYzE0MDAzZmNhZTQ3ZmEyODRhMjRkYTMw
NTYzNTYyNjQ4MzkxZjk4ZmI2ODYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIf5Icb7Ipxf6DcdvRnyXQiLn4j7j8BSemG7b7jKpXYCyEtGW5n8AM5E8jAB
kh63b7Jxr/VtOQDykaOEB8dMNyo2SzDq64FpbOgB4OO+f8asMHWX20AQr9xcmRkO
3wC613FMR7MoRCI5refZKaBeEU6d1CAryQvOXFeV/XjsmWhX6Ygo95fdNc+uFZT4
jpwI18CC6y1tyb3wkiXA5uoQJgqDgT65uBDAumL70QeKwjbtsiLhqUlhZ03OeOUn
5Fw5fC6T7ZoxaD0kSNbS3gwngu0XADFHud12RhmHEJYpqeSXyNsfJ0x8xhn5ZHtT
39LMEFKbbwYkZRwwTePMBWIKm0cCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSw2xCT
KJnw29e8sjCgzcIJ7/3A0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjYzNzU0YjctZmI2My00ODNiLTgxY2MtMWUwNTMwMDY0MzkxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBi4zgDAN
BgkqhkiG9w0BAQsFAAOCAQEASjlX/xw39odoy+YyF0P53tOcohfdvGSesIW8kGpB
p0mB/bVz9oxvRGhGjenQY5o6V4kEnNmVxbHIjaBItxI2eMKhFFFrHzG0dfeTNsIB
dH3YFneNPK0yxVHXKLjQ5oUkxFLagzju4LtqfFAfOSRnG0S3t8hXav0/zuF0sR7x
ssgCZYP7TCo/MO9jRpvLif+FhXA1Ammgs0kR02ikb/7ONfCwhICNHcJkFLOHT1MM
aRz4nNN/UpEqb2NYAaBfYOCrYjG2VlN5NHcuhVbzin9Egq/nRTVwEek6BuNhDZBw
zGLn+RYg+s7vHFtpTNKMoD0yWoYXXOoLHWyD7AK5YuZ5Rg==
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:34:49 2025 by rpki-client