Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/355bf4c6-fae3-41b9-a601-b783718ea51a.roa
File: 355bf4c6-fae3-41b9-a601-b783718ea51a.roa (raw, json)
Hash identifier: CdmFxUJyd0BW+vQfOGdl7B5uby3IFqUrSAH5r8KzCXY=
Subject key identifier: 79:70:54:BA:94:19:05:BB:6C:B5:97:5A:6B:78:82:7C:28:C9:F3:CE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 45B4697F2908FFF7F183382126F99C90FB761D96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/355bf4c6-fae3-41b9-a601-b783718ea51a.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:b4:69:7f:29:08:ff:f7:f1:83:38:21:26:f9:9c:90:fb:76:1d:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=6a8af362e01b0f070b58251297e144873ed556285d6c62dc3b227f7d85372c4c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6e:f3:6d:2f:08:bb:0f:6b:3a:da:6d:80:12:
ca:34:e4:cc:0c:8d:8c:a2:3b:96:c5:7d:fc:a6:85:
a9:9f:86:50:03:aa:43:85:3e:62:b0:57:bb:5c:80:
14:2b:99:21:a3:28:2c:b4:e7:60:e1:be:13:ce:5a:
e5:ec:52:c4:cf:2c:dd:3a:4c:81:6c:f7:3b:50:84:
f9:65:2a:0e:5e:78:f8:5c:a2:5f:29:56:32:08:39:
6d:97:17:a3:90:76:ff:50:4d:b4:30:b9:20:78:de:
df:be:27:6d:ea:6e:a9:e4:20:69:f1:39:03:71:a9:
42:88:59:81:45:4d:b5:93:0c:c0:b0:76:cf:69:f1:
61:2d:31:bb:5c:ae:79:f8:15:f7:95:b5:a3:10:9f:
c0:33:78:8b:07:67:c6:3a:57:a0:c0:fe:3b:9f:43:
93:9f:85:18:1a:4f:f5:46:de:ae:e4:f0:db:69:1b:
a6:e8:d9:58:51:fc:b5:36:d7:9c:09:9f:4c:42:ef:
d1:6b:7e:9c:a3:16:57:6c:5e:6b:04:8c:e6:ff:dc:
b2:1d:2e:19:50:e4:ea:c0:33:27:0f:cd:4d:05:18:
ed:ca:6e:5f:97:d5:b7:08:42:71:45:d1:fd:85:0e:
e0:5c:15:a4:51:f3:9a:19:f8:99:75:76:07:67:be:
19:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:70:54:BA:94:19:05:BB:6C:B5:97:5A:6B:78:82:7C:28:C9:F3:CE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/355bf4c6-fae3-41b9-a601-b783718ea51a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:4000::/40
Signature Algorithm: sha256WithRSAEncryption
19:4b:82:a2:24:62:42:56:f7:96:5d:d7:5c:0b:70:41:27:c3:
c4:8e:57:ab:6f:c7:67:53:77:fc:db:2c:a6:ab:bf:ec:26:50:
0d:a0:9f:40:84:a5:70:61:06:f1:7b:ac:dd:35:93:09:92:0e:
b0:b2:e9:de:b2:58:ba:56:16:54:16:df:ad:f3:fb:d8:db:16:
2d:c1:d5:e9:0c:a6:03:f4:c5:8f:03:b7:0d:74:f0:e8:34:c2:
35:ef:26:44:42:13:31:50:c5:4e:8f:6c:75:93:a9:ae:a0:38:
fc:4c:6a:e1:05:25:de:95:40:29:c5:6e:da:66:dd:c8:25:f0:
eb:69:41:e6:96:63:55:f2:9b:67:9a:3d:33:f1:b8:d7:d3:ee:
b8:75:0e:4f:ab:5c:7d:5d:18:52:ca:46:8b:c1:20:35:df:bc:
82:ad:d2:d2:69:94:aa:c8:71:d1:2e:8d:a5:06:b4:a4:ad:e4:
98:0a:2e:2a:f5:73:d8:cc:14:8f:0f:91:77:28:51:24:0e:63:
d2:49:66:47:c9:17:d3:d3:d9:eb:36:91:14:0c:0b:a5:0c:94:
de:c2:07:92:6c:bb:e5:48:00:8c:26:84:d5:0c:65:40:b3:cf:
a9:3c:25:b6:2b:94:bd:6e:a6:7e:aa:7a:79:d1:71:6e:26:4c:
66:e5:4c:d6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURbRpfykI//fxgzghJvmckPt2HZYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDZhOGFmMzYyZTAxYjBmMDcwYjU4MjUxMjk3ZTE0NDg3M2VkNTU2Mjg1ZDZj
NjJkYzNiMjI3ZjdkODUzNzJjNGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALRu820vCLsPazrabYASyjTkzAyNjKI7lsV9/KaFqZ+GUAOqQ4U+YrBXu1yA
FCuZIaMoLLTnYOG+E85a5exSxM8s3TpMgWz3O1CE+WUqDl54+FyiXylWMgg5bZcX
o5B2/1BNtDC5IHje374nbepuqeQgafE5A3GpQohZgUVNtZMMwLB2z2nxYS0xu1yu
efgV95W1oxCfwDN4iwdnxjpXoMD+O59Dk5+FGBpP9UberuTw22kbpujZWFH8tTbX
nAmfTELv0Wt+nKMWV2xeawSM5v/csh0uGVDk6sAzJw/NTQUY7cpuX5fVtwhCcUXR
/YUO4FwVpFHzmhn4mXV2B2e+GYcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR5cFS6
lBkFu2y1l1preIJ8KMnzzjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzU1YmY0YzYtZmFlMy00MWI5LWE2MDEtYjc4MzcxOGVhNTFhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DZA
MA0GCSqGSIb3DQEBCwUAA4IBAQAZS4KiJGJCVveWXddcC3BBJ8PEjlerb8dnU3f8
2yymq7/sJlANoJ9AhKVwYQbxe6zdNZMJkg6wsunesli6VhZUFt+t8/vY2xYtwdXp
DKYD9MWPA7cNdPDoNMI17yZEQhMxUMVOj2x1k6muoDj8TGrhBSXelUApxW7aZt3I
JfDraUHmlmNV8ptnmj0z8bjX0+64dQ5Pq1x9XRhSykaLwSA137yCrdLSaZSqyHHR
Lo2lBrSkreSYCi4q9XPYzBSPD5F3KFEkDmPSSWZHyRfT09nrNpEUDAulDJTewgeS
bLvlSACMJoTVDGVAs8+pPCW2K5S9bqZ+qnp50XFuJkxm5UzW
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:18 2025 by rpki-client