Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6edff633-7cc0-4bac-8414-cdc1c17589dd.roa
File: 6edff633-7cc0-4bac-8414-cdc1c17589dd.roa (raw, json)
Hash identifier: gR982FD29zRg+s/Q14Ij+v7VuOEHFt7FvhK3u21r7Dg=
Subject key identifier: F9:38:47:A6:8C:03:E0:5A:48:7B:F7:C8:4F:8C:8B:F3:71:6D:8D:E7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0E307D5DE9E146123DDCCFDFC68802B7A2811776
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6edff633-7cc0-4bac-8414-cdc1c17589dd.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:a000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:30:7d:5d:e9:e1:46:12:3d:dc:cf:df:c6:88:02:b7:a2:81:17:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=47fba25ac3faaea7e3d06448f12bf01543915bcd7e2ee6b15dc4a087ac5c0e60, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b2:98:4f:3b:e7:54:2a:f9:3c:fc:34:b0:bd:
a3:b0:86:30:3c:35:3f:c5:61:c2:bd:72:2c:aa:e5:
dc:c8:5d:f7:b3:38:a0:86:26:a9:b8:c0:6b:4f:f4:
fe:1a:5f:95:68:b1:14:e8:9f:83:53:48:33:89:f0:
79:d5:d3:70:fb:bf:2c:95:a4:22:f8:06:67:67:b5:
35:26:a0:1f:75:69:c7:0e:b2:43:01:e7:7c:ab:f2:
e7:0e:be:91:5b:fb:05:57:17:ca:f5:41:b4:4a:50:
61:c1:21:23:2f:4b:c7:22:64:69:26:be:75:1d:dc:
c0:43:94:92:c5:20:51:fb:41:13:42:31:86:04:6c:
fa:ed:ab:5f:b5:5a:66:f7:67:69:e5:f4:19:2b:83:
c2:26:df:d8:93:ed:a6:dd:4c:23:4d:cf:75:88:60:
87:27:fb:1e:00:3f:bd:6b:08:f0:95:d0:77:f8:81:
e1:b8:03:fd:62:16:e5:03:76:4f:1d:31:56:1f:e5:
d4:64:1a:80:24:59:02:8c:a5:b1:3f:1d:99:6d:87:
01:0e:01:f8:a6:ab:2c:87:f2:d9:a9:5f:98:16:b1:
11:3d:1b:40:10:60:10:5b:05:c2:47:96:dc:f4:b4:
79:30:6d:dc:3b:a7:97:ca:e7:7f:7f:21:ae:55:10:
66:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:38:47:A6:8C:03:E0:5A:48:7B:F7:C8:4F:8C:8B:F3:71:6D:8D:E7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6edff633-7cc0-4bac-8414-cdc1c17589dd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:a000::/40
Signature Algorithm: sha256WithRSAEncryption
73:35:c5:0d:86:8f:73:c7:ad:5c:da:dc:ab:d2:de:28:5e:92:
8e:fc:28:4f:be:9b:17:48:d7:9c:91:fc:89:f0:e5:4b:68:d8:
7a:cf:15:4a:07:5c:d3:88:20:5b:2b:9b:e3:65:14:54:63:82:
ee:8d:e3:be:44:54:93:8c:3a:9d:49:70:e9:c5:24:31:0c:51:
83:bf:f9:67:1d:0a:b0:8c:40:2f:51:7b:86:20:a5:d8:af:d0:
81:25:8e:92:a8:ce:e2:89:b5:e1:a3:66:ad:8a:7b:1d:0c:f5:
db:b5:ba:6d:50:98:7e:22:cb:ff:cc:4d:bf:08:46:97:96:15:
2e:3e:24:ee:93:60:e9:28:75:4b:33:ef:fb:5b:93:28:39:54:
7e:c0:de:f5:42:fb:3b:39:17:0c:c8:1c:2b:e8:d9:0f:7e:bb:
76:0c:40:25:21:10:f4:65:6d:68:73:60:4e:c5:f1:6f:f6:b5:
72:f0:35:0e:3e:1e:97:fc:7c:92:43:61:9b:9b:7e:07:25:c7:
2c:d2:c0:56:33:21:ca:ed:cb:f7:c6:52:dc:89:4d:ed:47:12:
63:ce:9a:5f:5f:bc:57:3e:13:a7:65:2d:88:72:a8:87:d0:1f:
c0:96:bf:05:a7:f2:21:37:37:88:a7:76:ac:99:59:04:b1:c3:
17:f4:88:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDjB9XenhRhI93M/fxogCt6KBF3YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ3ZmJhMjVhYzNmYWFlYTdlM2QwNjQ0OGYxMmJmMDE1NDM5MTViY2Q3ZTJl
ZTZiMTVkYzRhMDg3YWM1YzBlNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2ymE8751Qq+Tz8NLC9o7CGMDw1P8Vhwr1yLKrl3Mhd97M4oIYmqbjAa0/0
/hpflWixFOifg1NIM4nwedXTcPu/LJWkIvgGZ2e1NSagH3Vpxw6yQwHnfKvy5w6+
kVv7BVcXyvVBtEpQYcEhIy9LxyJkaSa+dR3cwEOUksUgUftBE0IxhgRs+u2rX7Va
ZvdnaeX0GSuDwibf2JPtpt1MI03PdYhghyf7HgA/vWsI8JXQd/iB4bgD/WIW5QN2
Tx0xVh/l1GQagCRZAoylsT8dmW2HAQ4B+KarLIfy2alfmBaxET0bQBBgEFsFwkeW
3PS0eTBt3Dunl8rnf38hrlUQZgUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT5OEem
jAPgWkh798hPjIvzcW2N5zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmVkZmY2MzMtN2NjMC00YmFjLTg0MTQtY2RjMWMxNzU4OWRkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWg
MA0GCSqGSIb3DQEBCwUAA4IBAQBzNcUNho9zx61c2tyr0t4oXpKO/ChPvpsXSNec
kfyJ8OVLaNh6zxVKB1zTiCBbK5vjZRRUY4LujeO+RFSTjDqdSXDpxSQxDFGDv/ln
HQqwjEAvUXuGIKXYr9CBJY6SqM7iibXho2atinsdDPXbtbptUJh+Isv/zE2/CEaX
lhUuPiTuk2DpKHVLM+/7W5MoOVR+wN71Qvs7ORcMyBwr6NkPfrt2DEAlIRD0ZW1o
c2BOxfFv9rVy8DUOPh6X/HySQ2Gbm34HJccs0sBWMyHK7cv3xlLciU3tRxJjzppf
X7xXPhOnZS2IcqiH0B/Alr8Fp/IhNzeIp3asmVkEscMX9Iju
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:51:06 2025 by rpki-client