Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c71368c-aded-4d97-8fc4-e55ca6a67df5.roa
File: 8c71368c-aded-4d97-8fc4-e55ca6a67df5.roa (raw, json)
Hash identifier: 1AIJsG+D53xSzJIAPMs1OrIeEeSne70TOXRIbPAOU5E=
Subject key identifier: AE:A5:0D:25:C9:C2:0B:BA:7C:06:84:B1:3F:23:0E:09:4B:5B:F1:49
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29CC5079906B54269EFD208AB5E91D4922FCBD71
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c71368c-aded-4d97-8fc4-e55ca6a67df5.roa
Signing time: Tue 24 Dec 2024 00:00:00 +0000
ROA not before: Tue 24 Dec 2024 00:00:00 +0000
ROA not after: Tue 28 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:c000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:cc:50:79:90:6b:54:26:9e:fd:20:8a:b5:e9:1d:49:22:fc:bd:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 24 00:00:00 2024 GMT
Not After : Jan 28 23:59:59 2025 GMT
Subject: serialNumber=24a5c73213b4907f85523341ef6510b1f017076872cd15b7922e8c32e74a57f1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:bd:68:3d:35:18:12:4d:84:ba:32:3e:ae:e5:
35:b4:35:1d:d4:e0:2e:13:c4:57:71:26:21:7a:89:
5c:28:26:87:8d:5c:0f:ed:77:83:e4:80:a2:74:a3:
b0:3c:4b:d5:42:62:ae:58:1b:6e:ec:28:46:2d:fa:
3a:85:3c:5e:d7:6e:70:93:d5:24:96:af:bc:39:39:
6d:a5:fb:33:55:da:8a:57:d6:20:cd:30:f1:6f:75:
aa:24:f1:a6:85:63:38:21:a2:dc:ed:9c:df:61:2f:
cc:b1:37:62:cc:ab:49:31:fc:74:c1:e4:33:b3:fd:
a1:ef:9d:4a:85:5b:19:30:03:23:52:09:8c:e2:a4:
09:34:58:4d:96:b8:36:d4:28:6d:5e:55:c1:1f:83:
fb:d2:3e:d3:cb:29:a6:75:ad:bc:b3:fe:b5:5a:47:
04:f5:35:bb:1b:4a:fb:e7:13:94:7b:0b:d5:a9:39:
13:2e:98:21:5f:f4:89:34:68:c5:8d:5c:c5:85:9b:
79:a3:25:70:02:9e:83:6e:88:14:95:3e:02:2e:54:
59:49:b0:c4:84:28:07:69:59:d1:3f:a9:d8:b1:d9:
74:16:3e:61:a5:34:d0:06:8f:44:03:be:9a:f7:7e:
7e:22:37:fc:4d:fb:a3:4d:e4:b1:fc:c7:ef:fd:59:
1f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:A5:0D:25:C9:C2:0B:BA:7C:06:84:B1:3F:23:0E:09:4B:5B:F1:49
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c71368c-aded-4d97-8fc4-e55ca6a67df5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:c000::/40
Signature Algorithm: sha256WithRSAEncryption
12:1f:b8:fa:a8:b9:6d:85:32:1c:99:98:cf:23:b4:03:03:0f:
58:9c:38:04:18:c2:b0:bb:d5:bc:b1:d3:c5:04:a3:d4:4b:b3:
ba:f6:0d:2b:20:d4:e6:12:e6:f8:10:74:4b:51:41:99:69:65:
b7:b7:db:ba:b6:26:44:6c:4b:35:65:d6:4e:3f:ef:a5:a5:bb:
01:47:4f:5a:aa:a9:27:71:6c:1a:af:11:88:48:e7:d6:91:a6:
09:fd:55:77:23:d7:b5:09:19:a6:c0:96:8b:9e:90:5c:eb:5b:
0e:75:88:74:3a:1f:d2:b9:f6:a2:9a:51:c4:f9:2b:42:4f:ca:
3e:d7:ae:ea:71:59:f6:b8:31:09:6c:d3:e1:37:56:06:48:6c:
8f:94:d0:0e:75:bc:5d:90:23:f7:eb:17:47:7a:0a:b9:ac:28:
f9:5c:fe:65:b5:a1:ff:ea:88:cd:e4:a5:9c:ea:73:dc:b4:0e:
71:45:c1:78:0b:50:77:98:42:1f:bc:68:05:7b:23:6b:13:86:
8b:8e:4e:7b:fd:e3:d0:d9:13:83:7a:3a:6f:c2:92:80:66:5e:
e0:67:a2:7f:95:40:54:3e:91:fc:a9:fd:f0:d9:53:15:fb:11:
38:8f:69:78:ad:9b:52:ee:2e:80:c8:33:e8:2a:49:4d:ae:b9:
fe:ac:c5:68
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKcxQeZBrVCae/SCKtekdSSL8vXEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMjQwMDAwMDBaFw0yNTAxMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0YTVjNzMyMTNiNDkwN2Y4NTUyMzM0MWVmNjUxMGIxZjAxNzA3Njg3MmNk
MTViNzkyMmU4YzMyZTc0YTU3ZjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANq9aD01GBJNhLoyPq7lNbQ1HdTgLhPEV3EmIXqJXCgmh41cD+13g+SAonSj
sDxL1UJirlgbbuwoRi36OoU8XtducJPVJJavvDk5baX7M1XailfWIM0w8W91qiTx
poVjOCGi3O2c32EvzLE3YsyrSTH8dMHkM7P9oe+dSoVbGTADI1IJjOKkCTRYTZa4
NtQobV5VwR+D+9I+08sppnWtvLP+tVpHBPU1uxtK++cTlHsL1ak5Ey6YIV/0iTRo
xY1cxYWbeaMlcAKeg26IFJU+Ai5UWUmwxIQoB2lZ0T+p2LHZdBY+YaU00AaPRAO+
mvd+fiI3/E37o03ksfzH7/1ZH20CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSupQ0l
ycILunwGhLE/Iw4JS1vxSTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGM3MTM2OGMtYWRlZC00ZDk3LThmYzQtZTU1Y2E2YTY3ZGY1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HbA
MA0GCSqGSIb3DQEBCwUAA4IBAQASH7j6qLlthTIcmZjPI7QDAw9YnDgEGMKwu9W8
sdPFBKPUS7O69g0rINTmEub4EHRLUUGZaWW3t9u6tiZEbEs1ZdZOP++lpbsBR09a
qqkncWwarxGISOfWkaYJ/VV3I9e1CRmmwJaLnpBc61sOdYh0Oh/SufaimlHE+StC
T8o+167qcVn2uDEJbNPhN1YGSGyPlNAOdbxdkCP36xdHegq5rCj5XP5ltaH/6ojN
5KWc6nPctA5xRcF4C1B3mEIfvGgFeyNrE4aLjk57/ePQ2RODejpvwpKAZl7gZ6J/
lUBUPpH8qf3w2VMV+xE4j2l4rZtS7i6AyDPoKklNrrn+rMVo
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:28 2025 by rpki-client