Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dce6e5a-9e56-400a-a952-8f5f502553c7.roa
File: 7dce6e5a-9e56-400a-a952-8f5f502553c7.roa (raw, json)
Hash identifier: 8J08fcMeIxhnIEehu+u1bXgGkfaeUkNCEWvAzmVIgAY=
Subject key identifier: DA:A6:EB:5D:03:65:44:88:5F:0E:70:DF:28:81:BB:F1:D1:4A:AA:1B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 10966832A4FAD9859A6DCD84D178DA2FB728285A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dce6e5a-9e56-400a-a952-8f5f502553c7.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:96:68:32:a4:fa:d9:85:9a:6d:cd:84:d1:78:da:2f:b7:28:28:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=ca7c711f5b356509fb83e8e007a5257f1921146cfc95a5ad4d58efdffcf33b13, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:9a:d3:ee:e0:b7:0d:72:a7:aa:7c:f3:19:d1:
96:c2:5c:84:d3:e5:20:0f:2c:c7:2f:ae:28:d1:f7:
9c:2c:37:ca:90:ea:24:8c:08:9c:0b:ea:3c:ad:1b:
47:3c:03:ec:c4:83:21:34:d9:34:f3:47:f6:17:9b:
4d:12:e2:9a:21:66:b4:d5:79:26:29:7d:72:de:6d:
3f:95:eb:6a:59:10:8f:91:6e:fd:ba:42:a0:09:f5:
1b:1c:1f:02:4f:e5:93:1b:04:b2:20:e8:14:66:0b:
9a:b4:61:ce:58:60:0e:8d:5a:2b:33:6f:e8:d9:a5:
ba:16:a8:88:7b:9e:e2:b0:8c:3a:40:5c:f0:69:1f:
1b:d6:86:41:b8:89:02:fa:34:e1:12:17:2a:ac:19:
75:a0:7d:3f:0e:8d:43:dd:0d:d8:6a:47:f1:82:1f:
7b:6b:4e:5c:2b:1a:62:3d:29:83:2a:d8:14:d6:22:
79:97:ee:41:ee:ae:c3:ba:4d:58:16:f6:f5:a7:45:
62:dc:f1:37:3a:77:81:41:59:98:5d:f7:28:77:dc:
ef:a0:7b:56:8b:66:a8:66:ac:e8:fb:9f:9b:da:3b:
1b:07:aa:4e:3a:72:f9:25:9f:a6:2a:68:6b:2b:bd:
2f:1e:0d:a7:d5:cc:53:1c:73:1f:e9:ec:f4:4b:3a:
70:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:A6:EB:5D:03:65:44:88:5F:0E:70:DF:28:81:BB:F1:D1:4A:AA:1B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7dce6e5a-9e56-400a-a952-8f5f502553c7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:b000::/40
Signature Algorithm: sha256WithRSAEncryption
24:3a:6d:4a:d4:f5:a9:95:b7:0f:74:a1:d5:05:6f:4c:98:bb:
a0:71:cf:3f:19:df:12:23:f6:23:0a:c3:ba:93:29:57:ab:10:
5f:ee:5b:42:e3:c3:d2:82:82:cd:d2:f0:68:6a:d5:54:4e:47:
9f:e2:ac:a3:df:16:37:28:24:10:77:c9:5b:88:0f:91:d3:cb:
44:d8:a8:5e:e7:c0:ac:11:d3:ec:aa:26:58:8b:86:48:04:1a:
3c:c8:24:21:b1:62:fb:97:84:61:d4:f6:c2:c8:e8:25:99:c3:
df:da:78:35:8d:b7:bc:e4:b9:58:31:43:7f:07:9b:ad:9b:4a:
50:60:05:c1:b8:70:38:62:81:96:a8:c6:95:a0:cb:00:54:2a:
8f:53:ca:0d:2d:80:34:7a:dd:ea:e0:79:57:88:0e:f5:70:ce:
b4:b9:30:76:01:4b:48:98:fa:10:be:da:01:25:d7:12:07:1b:
d2:a9:66:40:3d:e6:2f:0e:83:b1:6e:87:9c:9c:dc:d4:17:9a:
0f:cc:00:b1:4a:4c:c8:8b:10:c3:8b:a2:5b:60:9d:15:c7:a6:
d9:5d:c0:80:ee:b2:da:5e:e4:30:05:59:1f:ae:db:11:03:7c:
30:d0:fc:13:2a:44:3d:b9:71:9b:c0:a2:de:29:02:13:8d:47:
e4:76:6c:f6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUEJZoMqT62YWabc2E0XjaL7coKFowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGNhN2M3MTFmNWIzNTY1MDlmYjgzZThlMDA3YTUyNTdmMTkyMTE0NmNmYzk1
YTVhZDRkNThlZmRmZmNmMzNiMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOKa0+7gtw1yp6p88xnRlsJchNPlIA8sxy+uKNH3nCw3ypDqJIwInAvqPK0b
RzwD7MSDITTZNPNH9hebTRLimiFmtNV5Jil9ct5tP5XralkQj5Fu/bpCoAn1Gxwf
Ak/lkxsEsiDoFGYLmrRhzlhgDo1aKzNv6NmluhaoiHue4rCMOkBc8GkfG9aGQbiJ
Avo04RIXKqwZdaB9Pw6NQ90N2GpH8YIfe2tOXCsaYj0pgyrYFNYieZfuQe6uw7pN
WBb29adFYtzxNzp3gUFZmF33KHfc76B7VotmqGas6Pufm9o7GweqTjpy+SWfpipo
ayu9Lx4Np9XMUxxzH+ns9Es6cNsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTaputd
A2VEiF8OcN8ogbvx0UqqGzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2RjZTZlNWEtOWU1Ni00MDBhLWE5NTItOGY1ZjUwMjU1M2M3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hmw
MA0GCSqGSIb3DQEBCwUAA4IBAQAkOm1K1PWplbcPdKHVBW9MmLugcc8/Gd8SI/Yj
CsO6kylXqxBf7ltC48PSgoLN0vBoatVUTkef4qyj3xY3KCQQd8lbiA+R08tE2Khe
58CsEdPsqiZYi4ZIBBo8yCQhsWL7l4Rh1PbCyOglmcPf2ng1jbe85LlYMUN/B5ut
m0pQYAXBuHA4YoGWqMaVoMsAVCqPU8oNLYA0et3q4HlXiA71cM60uTB2AUtImPoQ
vtoBJdcSBxvSqWZAPeYvDoOxboecnNzUF5oPzACxSkzIixDDi6JbYJ0Vx6bZXcCA
7rLaXuQwBVkfrtsRA3ww0PwTKkQ9uXGbwKLeKQITjUfkdmz2
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:23 2025 by rpki-client