Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc3cc874-29b0-4f9c-90aa-906fa9dca22a.roa
File: dc3cc874-29b0-4f9c-90aa-906fa9dca22a.roa (raw, json)
Hash identifier: 3skB+OWIa70MzRs4Cnl0Ty2Vejs0QrDFWXqIJAWlXp8=
Subject key identifier: 94:07:66:7A:4A:7B:CA:8E:68:4B:22:0F:BF:7D:67:40:2D:B5:70:92
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 3A97D23BDB913409DAB81A115C7BE41E47771D79
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc3cc874-29b0-4f9c-90aa-906fa9dca22a.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a01:578:1010::/44 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:97:d2:3b:db:91:34:09:da:b8:1a:11:5c:7b:e4:1e:47:77:1d:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ae:65:00:a2:75:61:c6:f2:c3:b3:cb:17:0a:
fe:9a:87:25:36:d8:e3:92:5b:8b:13:39:d0:b3:a4:
ac:2a:a2:13:d9:eb:14:6b:35:fd:2d:48:65:97:d1:
46:fa:54:10:c7:cb:8a:bc:b1:f1:a7:84:d7:5f:10:
c1:dc:14:29:f8:04:57:24:4b:09:52:7c:d0:00:24:
9f:42:6a:c8:b0:f5:e8:a4:d8:13:d4:dc:60:3a:b6:
d3:c5:bc:0b:c3:5f:f1:92:c0:fb:3a:83:3a:c1:10:
f5:06:57:e5:57:e3:b5:b0:45:e8:7c:c7:48:5d:97:
3c:fb:6a:dd:86:16:25:11:72:77:be:96:4c:a0:43:
be:a1:85:6e:7d:0d:71:01:b2:e0:0d:73:f5:35:31:
cb:be:56:91:b6:d1:3b:35:b3:67:39:4c:20:68:b5:
ca:cb:e9:5a:d9:7e:be:c7:a4:be:3f:f1:4f:ca:93:
8f:9e:17:5b:54:15:80:19:f3:cb:63:a4:85:17:f1:
50:42:4a:58:a6:c6:15:63:50:41:65:71:2e:a1:5d:
53:07:7a:8c:78:fe:e7:40:ee:97:0e:b7:21:ba:a3:
65:82:ae:e7:63:06:49:6b:db:29:f9:d9:e0:60:91:
24:4c:7d:ff:8d:73:4f:8b:1b:57:ac:0f:c4:32:04:
bc:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:07:66:7A:4A:7B:CA:8E:68:4B:22:0F:BF:7D:67:40:2D:B5:70:92
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/dc3cc874-29b0-4f9c-90aa-906fa9dca22a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a01:578:1010::/44
Signature Algorithm: sha256WithRSAEncryption
0c:3e:ed:d1:55:50:f1:0a:e7:7f:05:89:38:91:31:84:f4:97:
42:d2:db:64:92:cd:df:e4:c2:21:7e:f4:2e:79:d6:21:86:7c:
88:3c:50:81:ad:dd:43:c0:de:df:cf:ce:a3:19:59:f6:d9:8a:
54:00:6b:1b:7b:2a:b7:c2:5a:e9:85:ff:2b:c7:42:56:55:96:
d1:57:9c:65:b4:97:cf:73:c6:a7:ad:6a:ff:39:f4:2c:71:37:
66:22:36:ab:13:c6:d9:2b:f1:fb:0a:14:d3:cf:ad:b8:0a:80:
bf:36:f1:db:a1:d6:59:90:97:1a:28:3c:81:e7:e6:18:ef:2e:
95:45:d8:6f:4f:2c:e4:3d:2a:ca:b7:37:de:22:c3:a7:de:a7:
03:fc:c9:d2:01:2e:18:ac:1a:c9:e9:73:57:24:20:e7:2e:ca:
b9:0f:d5:36:97:6b:bb:aa:f9:8c:57:c7:3f:77:8d:86:39:a5:
75:e8:36:f3:ee:f2:9b:e6:36:38:03:33:57:50:c0:61:81:25:
98:3e:03:6d:92:69:a5:50:c9:b1:cd:d1:95:03:c6:8b:54:cb:
d7:10:fa:1b:f2:6b:95:53:c3:58:14:1b:49:bd:88:1f:04:5c:
76:25:3a:cf:ed:5c:74:c9:c4:33:66:59:d2:6b:70:fc:39:a1:
6d:7b:3a:f3
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOpfSO9uRNAnauBoRXHvkHkd3HXkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNDEyMTMwMDAwMDBaFw0yNTAxMTcyMzU5NTlaMHoxSTBHBgNV
BAUTQDNiNmE5ZjA3Mjk2ZWM0ZDY1NWY2MWM0OWNhYmNiZmVjYTdkNWRjZDE3OWY0
YTFmZmVmNzcyYTZjODI4NTQ1MzIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJeuZQCidWHG8sOzyxcK/pqHJTbY45JbixM50LOkrCqiE9nrFGs1/S1IZZfR
RvpUEMfLiryx8aeE118QwdwUKfgEVyRLCVJ80AAkn0JqyLD16KTYE9TcYDq208W8
C8Nf8ZLA+zqDOsEQ9QZX5VfjtbBF6HzHSF2XPPtq3YYWJRFyd76WTKBDvqGFbn0N
cQGy4A1z9TUxy75WkbbROzWzZzlMIGi1ysvpWtl+vsekvj/xT8qTj54XW1QVgBnz
y2OkhRfxUEJKWKbGFWNQQWVxLqFdUwd6jHj+50Dulw63IbqjZYKu52MGSWvbKfnZ
4GCRJEx9/41zT4sbV6wPxDIEvH8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSUB2Z6
SnvKjmhLIg+/fWdALbVwkjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZGMzY2M4NzQtMjliMC00ZjljLTkwYWEtOTA2ZmE5ZGNhMjJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHBCoBBXgQ
EDANBgkqhkiG9w0BAQsFAAOCAQEADD7t0VVQ8QrnfwWJOJExhPSXQtLbZJLN3+TC
IX70LnnWIYZ8iDxQga3dQ8De38/OoxlZ9tmKVABrG3sqt8Ja6YX/K8dCVlWW0Vec
ZbSXz3PGp61q/zn0LHE3ZiI2qxPG2Svx+woU08+tuAqAvzbx26HWWZCXGig8gefm
GO8ulUXYb08s5D0qyrc33iLDp96nA/zJ0gEuGKwayelzVyQg5y7KuQ/VNpdru6r5
jFfHP3eNhjmldeg28+7ym+Y2OAMzV1DAYYElmD4DbZJppVDJsc3RlQPGi1TL1xD6
G/JrlVPDWBQbSb2IHwRcdiU6z+1cdMnEM2ZZ0mtw/DmhbXs68w==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:20 2025 by rpki-client