Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ff17242-6969-405d-8fb0-659ea027b7bd.roa
File: 2ff17242-6969-405d-8fb0-659ea027b7bd.roa (raw, json)
Hash identifier: gknPt9mCSuib+b/FIvZz6TOxt90H5Up4zZvutkhXXRk=
Subject key identifier: 98:6C:7D:5A:9B:F1:90:AB:59:35:CB:9F:00:37:F4:FD:9F:19:FD:51
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 66D4AF5A6194B50186283A02AFC2F0723C36B716
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ff17242-6969-405d-8fb0-659ea027b7bd.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:d4:af:5a:61:94:b5:01:86:28:3a:02:af:c2:f0:72:3c:36:b7:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=9170ccdeee3c5ca26d542d03e57285d70ab69e4e0e98a19994498b15910922be, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:63:5d:32:25:23:2d:7a:36:d0:27:f2:5c:82:
bb:1b:7b:8e:27:80:c2:86:18:84:f7:69:a0:ca:ec:
e3:32:22:9c:27:4a:85:90:33:37:e5:e5:d9:ae:45:
c8:ff:0b:64:57:bf:88:7f:b5:a9:b8:c9:a0:c2:79:
4e:36:e1:0a:2a:61:69:af:d4:48:24:98:3f:58:ea:
bf:2d:e9:3f:ee:e4:fd:14:48:a0:54:95:b6:ef:4b:
5b:1f:3b:ed:cf:d0:62:34:1a:c1:82:f9:5b:71:ae:
0b:d3:64:bc:4f:cf:2e:fb:c5:7e:39:ef:36:da:eb:
06:bf:61:0f:6f:a2:5d:5c:0d:c8:89:ef:4b:76:8f:
30:ec:cd:28:35:8f:e6:20:9a:21:38:e7:1f:06:be:
d5:70:af:0d:ca:4a:a8:be:33:12:92:a1:ac:ae:21:
e4:f8:6b:f2:33:97:5e:33:2b:8f:c1:31:b5:9a:de:
ee:e1:23:66:8b:bb:d1:4b:29:e1:d7:66:e3:00:8f:
08:14:99:7b:3f:f7:bf:78:6d:72:2a:1b:6c:3b:9c:
48:da:c8:bc:d9:72:81:df:b6:d1:17:a5:68:66:21:
5a:5a:a0:aa:ed:f1:86:31:7a:22:a7:45:a4:7b:ff:
2f:cb:a3:97:68:07:81:7a:dc:79:d0:52:2f:d7:41:
ac:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:6C:7D:5A:9B:F1:90:AB:59:35:CB:9F:00:37:F4:FD:9F:19:FD:51
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2ff17242-6969-405d-8fb0-659ea027b7bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8000::/40
Signature Algorithm: sha256WithRSAEncryption
53:00:79:4e:67:78:4a:25:22:d6:58:d8:4d:47:36:b6:f1:26:
34:3e:35:86:a4:0e:84:e5:e7:de:4c:f8:d4:43:1c:49:48:1b:
85:e9:93:9c:6b:ff:43:88:4a:b7:c6:db:bf:35:88:1d:6f:4b:
61:3f:3a:ed:cb:4e:3e:c2:b6:17:f0:ab:28:1c:c6:40:e0:2f:
e8:7c:a5:85:4e:43:32:b3:21:ef:98:c1:a1:be:74:a2:eb:27:
7f:da:4b:e4:54:c5:c5:f3:c1:10:bb:c7:30:66:02:43:28:d8:
3d:d6:d8:a0:63:ce:4a:05:a1:ec:12:97:b8:cc:60:ab:b7:ae:
8e:08:6c:76:20:6d:ee:46:d2:19:35:8b:8c:7e:f6:8c:b5:b6:
9b:d2:91:4b:32:35:38:6f:69:3f:0a:28:42:ff:b6:03:16:34:
db:7c:9e:18:c2:e0:66:c3:85:04:10:9c:14:b6:9d:85:54:d8:
26:72:6b:22:d3:40:90:7b:12:4c:46:b7:25:5e:11:db:aa:5b:
df:a3:a8:1b:db:ea:4d:0d:85:11:c4:ba:75:9b:bd:dc:a1:aa:
8b:68:e7:1b:12:8a:79:d1:b4:f7:d8:2e:97:9d:50:f7:f8:ff:
22:a0:bc:17:ee:15:e9:85:bb:43:63:25:cc:28:aa:32:27:dd:
84:18:ae:9b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZtSvWmGUtQGGKDoCr8Lwcjw2txYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTcwMDAwMDBaFw0yNTAxMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDkxNzBjY2RlZWUzYzVjYTI2ZDU0MmQwM2U1NzI4NWQ3MGFiNjllNGUwZTk4
YTE5OTk0NDk4YjE1OTEwOTIyYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKRjXTIlIy16NtAn8lyCuxt7jieAwoYYhPdpoMrs4zIinCdKhZAzN+Xl2a5F
yP8LZFe/iH+1qbjJoMJ5TjbhCiphaa/USCSYP1jqvy3pP+7k/RRIoFSVtu9LWx87
7c/QYjQawYL5W3GuC9NkvE/PLvvFfjnvNtrrBr9hD2+iXVwNyInvS3aPMOzNKDWP
5iCaITjnHwa+1XCvDcpKqL4zEpKhrK4h5Phr8jOXXjMrj8ExtZre7uEjZou70Usp
4ddm4wCPCBSZez/3v3htciobbDucSNrIvNlygd+20RelaGYhWlqgqu3xhjF6IqdF
pHv/L8ujl2gHgXrcedBSL9dBrD0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSYbH1a
m/GQq1k1y58AN/T9nxn9UTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmZmMTcyNDItNjk2OS00MDVkLThmYjAtNjU5ZWEwMjdiN2JkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSA
MA0GCSqGSIb3DQEBCwUAA4IBAQBTAHlOZ3hKJSLWWNhNRza28SY0PjWGpA6E5efe
TPjUQxxJSBuF6ZOca/9DiEq3xtu/NYgdb0thPzrty04+wrYX8KsoHMZA4C/ofKWF
TkMysyHvmMGhvnSi6yd/2kvkVMXF88EQu8cwZgJDKNg91tigY85KBaHsEpe4zGCr
t66OCGx2IG3uRtIZNYuMfvaMtbab0pFLMjU4b2k/CihC/7YDFjTbfJ4YwuBmw4UE
EJwUtp2FVNgmcmsi00CQexJMRrclXhHbqlvfo6gb2+pNDYURxLp1m73coaqLaOcb
Eop50bT32C6XnVD3+P8ioLwX7hXphbtDYyXMKKoyJ92EGK6b
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:25 2025 by rpki-client