Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48f73660-406b-4e38-9816-df2fb01d127a.roa
File: 48f73660-406b-4e38-9816-df2fb01d127a.roa (raw, json)
Hash identifier: JiKIy+LyuAo11mdU5cWa7irW33A1LjzYfayarbkK24w=
Subject key identifier: 75:CE:AF:A3:DB:60:24:D0:73:BC:38:16:62:C9:99:9D:E5:65:ED:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3CEDA111AF021ACF32C5E85D5F0FCA325856E904
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48f73660-406b-4e38-9816-df2fb01d127a.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:ed:a1:11:af:02:1a:cf:32:c5:e8:5d:5f:0f:ca:32:58:56:e9:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=3edad991dfdbd7e7a741a3a685c52b4e35cf91e9bf4eced9c74fe1e8b2bf6f4b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:dd:12:0f:f6:0f:e2:5a:d6:47:a7:78:33:69:
22:fd:7a:9f:d9:40:29:c0:f6:c4:8f:bf:94:c6:e3:
1a:95:b5:6a:23:39:94:3f:0a:24:da:fa:6e:4f:d7:
68:a5:b5:3f:ac:c6:05:56:a3:9f:35:65:1c:e4:64:
0b:a8:27:df:d8:e1:f7:b4:14:a5:52:09:75:94:a9:
f1:82:17:08:b9:7b:a1:12:56:be:a1:33:6b:de:e3:
a0:dd:62:24:c9:f5:e6:c6:56:2f:34:97:c8:d0:6a:
29:65:79:eb:d7:eb:49:83:b4:15:67:e2:11:d4:62:
3e:b5:27:78:b7:95:3f:8a:86:59:a2:8e:09:e9:e2:
94:9a:30:6e:58:2b:35:b6:81:20:9e:7f:ad:53:81:
67:ff:b5:b8:21:9a:c0:04:af:11:5c:08:cc:bf:32:
c3:a8:7b:a5:5c:6d:cf:de:4a:3c:c6:ba:7a:b1:b9:
75:83:1b:18:7c:60:8c:9f:63:b8:2c:fa:f9:e9:10:
4a:3d:f2:e2:a3:59:fa:c6:0f:6b:76:4a:ad:9d:d4:
e7:64:0c:43:b2:a1:3b:6f:79:10:60:85:1f:ef:96:
07:a6:dd:86:cf:4a:c3:af:97:ee:02:c6:aa:64:95:
9c:a0:35:04:5a:e8:87:b1:54:14:57:0c:64:3c:7f:
b8:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:CE:AF:A3:DB:60:24:D0:73:BC:38:16:62:C9:99:9D:E5:65:ED:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/48f73660-406b-4e38-9816-df2fb01d127a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a9:c9:70:73:d4:72:c4:7a:77:4a:36:32:02:0a:d2:df:81:0b:
5e:a1:e3:3d:2c:60:3b:28:ba:5c:a4:99:9d:b9:2d:d2:bc:9a:
b4:b2:de:42:0c:63:33:e9:e2:16:b0:94:72:71:25:fc:cf:10:
9d:71:11:e5:d8:1b:a8:35:9c:a3:9d:4c:b6:37:f8:22:62:c3:
50:53:c4:04:9a:9a:fc:98:fe:0c:f1:9c:4d:6e:ee:86:89:55:
fd:b1:33:fd:6d:69:3b:87:ed:14:03:e4:5b:61:08:4d:e8:76:
14:e0:86:4f:87:c6:af:31:60:9c:35:96:74:dd:fc:8c:14:9e:
3e:fb:e5:ae:be:a3:1f:86:d0:f6:63:9d:ab:9e:a6:0d:6c:8c:
0b:60:38:84:4b:b4:4d:ae:8f:68:fc:b5:f4:b9:aa:ed:0c:19:
e8:92:d8:25:cb:23:a6:d1:3d:5c:e6:a1:78:cb:c5:1d:da:a2:
5e:55:5d:65:e5:aa:9e:d9:d2:53:6b:34:3e:08:19:97:96:82:
68:1d:ef:a7:6e:fe:c9:84:e5:31:9d:9f:ed:5b:f0:51:0d:bd:
cf:be:ec:c5:f8:19:5c:12:04:2d:f7:6c:84:2b:86:6c:60:7f:
33:b4:1e:fc:14:24:93:8c:5d:85:5b:b3:2a:64:6d:04:18:38:
5e:db:c7:b1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPO2hEa8CGs8yxehdXw/KMlhW6QQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTcwMDAwMDBaFw0yNTAxMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDNlZGFkOTkxZGZkYmQ3ZTdhNzQxYTNhNjg1YzUyYjRlMzVjZjkxZTliZjRl
Y2VkOWM3NGZlMWU4YjJiZjZmNGIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANbdEg/2D+Ja1keneDNpIv16n9lAKcD2xI+/lMbjGpW1aiM5lD8KJNr6bk/X
aKW1P6zGBVajnzVlHORkC6gn39jh97QUpVIJdZSp8YIXCLl7oRJWvqEza97joN1i
JMn15sZWLzSXyNBqKWV569frSYO0FWfiEdRiPrUneLeVP4qGWaKOCenilJowblgr
NbaBIJ5/rVOBZ/+1uCGawASvEVwIzL8yw6h7pVxtz95KPMa6erG5dYMbGHxgjJ9j
uCz6+ekQSj3y4qNZ+sYPa3ZKrZ3U52QMQ7KhO295EGCFH++WB6bdhs9Kw6+X7gLG
qmSVnKA1BFroh7FUFFcMZDx/uBcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR1zq+j
22Ak0HO8OBZiyZmd5WXtxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDhmNzM2NjAtNDA2Yi00ZTM4LTk4MTYtZGYyZmIwMWQxMjdhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HaA
MA0GCSqGSIb3DQEBCwUAA4IBAQCpyXBz1HLEendKNjICCtLfgQteoeM9LGA7KLpc
pJmduS3SvJq0st5CDGMz6eIWsJRycSX8zxCdcRHl2BuoNZyjnUy2N/giYsNQU8QE
mpr8mP4M8ZxNbu6GiVX9sTP9bWk7h+0UA+RbYQhN6HYU4IZPh8avMWCcNZZ03fyM
FJ4+++WuvqMfhtD2Y52rnqYNbIwLYDiES7RNro9o/LX0uartDBnoktglyyOm0T1c
5qF4y8Ud2qJeVV1l5aqe2dJTazQ+CBmXloJoHe+nbv7JhOUxnZ/tW/BRDb3PvuzF
+BlcEgQt92yEK4ZsYH8ztB78FCSTjF2FW7MqZG0EGDhe28ex
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:08 2025 by rpki-client