Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0329f72c-bcfc-450d-9501-0716fe320aff.roa
File: 0329f72c-bcfc-450d-9501-0716fe320aff.roa (raw, json)
Hash identifier: RHmSS2oKv8o4SEg3oce+1n3l4FX0ku7+UoQQMe63680=
Subject key identifier: 06:9B:7A:42:76:F3:74:0F:B1:0C:55:2B:9A:60:39:42:F9:DC:53:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1FDFF54B9C7A2A79D5E35A19AA0D8203839355F2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0329f72c-bcfc-450d-9501-0716fe320aff.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:c000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:df:f5:4b:9c:7a:2a:79:d5:e3:5a:19:aa:0d:82:03:83:93:55:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=f8c8a1111b5f5d80d29b706cc861cc8b4233d7bcd7f14d5fac5b171737d49b93, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:bd:fe:7a:b3:35:61:d0:8c:72:e5:e2:b5:af:
3a:3f:c2:f2:34:7e:60:36:66:b7:66:a7:31:82:a9:
e0:f1:bc:63:fa:97:97:8d:c4:c0:ab:f5:bb:ec:92:
b5:61:fa:95:4e:d9:d1:75:f9:1e:b5:78:3a:8e:19:
eb:fe:a5:7d:be:c0:df:e7:b3:6e:3c:df:41:ca:8e:
fa:4c:5a:e6:22:4d:14:7d:c9:c0:f1:06:1c:38:b3:
07:30:9b:34:1d:f5:cf:4b:61:49:5a:93:cf:e6:a3:
ec:0e:ad:88:b6:0e:f5:5a:de:8f:f1:32:cf:de:58:
c5:4d:9f:8c:15:f2:ea:42:cc:43:bc:6e:cc:d4:28:
22:fb:2f:4a:96:4c:69:b4:58:94:9b:a7:1a:60:97:
62:6a:be:8b:90:42:7e:75:9e:09:b8:78:10:2a:f1:
67:f7:60:d0:47:12:83:1c:08:41:6c:e2:30:c5:4d:
67:58:58:96:ff:7f:4a:b6:e0:12:7a:0d:54:19:4e:
bf:3c:bf:25:90:a3:03:3d:e6:e3:99:6f:7f:84:43:
fc:81:6b:57:a3:18:3a:04:c6:f1:ed:fe:59:ac:ef:
59:31:1f:66:74:8f:50:44:1e:17:73:fa:e1:cb:b5:
21:6f:ea:10:97:bd:6b:5b:c2:ed:ba:97:50:d5:fe:
b1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:9B:7A:42:76:F3:74:0F:B1:0C:55:2B:9A:60:39:42:F9:DC:53:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0329f72c-bcfc-450d-9501-0716fe320aff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:c000::/40
Signature Algorithm: sha256WithRSAEncryption
5e:13:08:e9:7d:c6:da:6d:9c:8b:66:2a:a3:95:05:c3:70:88:
aa:06:5b:cd:c7:07:e1:af:96:25:75:19:c6:e3:77:b2:60:5d:
b3:44:80:cc:09:75:2d:c8:8e:0c:73:44:a7:38:6b:0f:ed:43:
29:49:05:28:0a:c3:64:32:72:a7:3a:82:e6:c3:77:2d:dd:0a:
24:03:4a:14:ee:f7:85:bc:21:47:72:71:ab:5f:cb:aa:03:62:
13:bb:70:6b:c7:ac:a0:03:43:c1:0e:80:0d:e2:d5:37:60:a7:
a1:21:4f:37:24:d9:93:32:b6:ca:87:10:53:cc:88:2a:c4:01:
57:a7:9a:73:11:58:12:03:89:78:ed:13:e2:86:4f:f5:4e:14:
c1:54:a7:f2:ae:60:24:16:4d:ec:d7:4b:8c:e1:08:e0:15:da:
92:af:b7:39:fb:51:66:5f:ff:66:ec:d2:96:d9:ce:0a:f4:47:
a6:9e:74:85:4e:f0:b3:6c:07:bc:72:7e:b1:84:8d:92:7a:f1:
8e:58:ff:2a:e4:8d:4c:98:cf:80:5f:d1:ac:f1:a6:93:ee:91:
6b:8b:33:c0:d7:29:36:f4:c5:bf:82:a1:f1:98:71:e7:96:ae:
f7:a6:0a:d1:27:ad:66:78:45:d6:54:de:37:8f:49:42:a2:d4:
dd:c8:31:29
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH9/1S5x6KnnV41oZqg2CA4OTVfIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGY4YzhhMTExMWI1ZjVkODBkMjliNzA2Y2M4NjFjYzhiNDIzM2Q3YmNkN2Yx
NGQ1ZmFjNWIxNzE3MzdkNDliOTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ+9/nqzNWHQjHLl4rWvOj/C8jR+YDZmt2anMYKp4PG8Y/qXl43EwKv1u+yS
tWH6lU7Z0XX5HrV4Oo4Z6/6lfb7A3+ezbjzfQcqO+kxa5iJNFH3JwPEGHDizBzCb
NB31z0thSVqTz+aj7A6tiLYO9Vrej/Eyz95YxU2fjBXy6kLMQ7xuzNQoIvsvSpZM
abRYlJunGmCXYmq+i5BCfnWeCbh4ECrxZ/dg0EcSgxwIQWziMMVNZ1hYlv9/Srbg
EnoNVBlOvzy/JZCjAz3m45lvf4RD/IFrV6MYOgTG8e3+WazvWTEfZnSPUEQeF3P6
4cu1IW/qEJe9a1vC7bqXUNX+sV0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQGm3pC
dvN0D7EMVSuaYDlC+dxTrjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDMyOWY3MmMtYmNmYy00NTBkLTk1MDEtMDcxNmZlMzIwYWZmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ADA
MA0GCSqGSIb3DQEBCwUAA4IBAQBeEwjpfcbabZyLZiqjlQXDcIiqBlvNxwfhr5Yl
dRnG43eyYF2zRIDMCXUtyI4Mc0SnOGsP7UMpSQUoCsNkMnKnOoLmw3ct3QokA0oU
7veFvCFHcnGrX8uqA2ITu3Brx6ygA0PBDoAN4tU3YKehIU83JNmTMrbKhxBTzIgq
xAFXp5pzEVgSA4l47RPihk/1ThTBVKfyrmAkFk3s10uM4QjgFdqSr7c5+1FmX/9m
7NKW2c4K9EemnnSFTvCzbAe8cn6xhI2SevGOWP8q5I1MmM+AX9Gs8aaT7pFrizPA
1yk29MW/gqHxmHHnlq73pgrRJ61meEXWVN43j0lCotTdyDEp
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:26 2025 by rpki-client