Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/807af5d9-1ea1-407f-a2a9-39ad687146ec.roa
File: 807af5d9-1ea1-407f-a2a9-39ad687146ec.roa (raw, json)
Hash identifier: wm0XWEZrWkEjv5RjhaPzCas9VZan4rsWcdmJi/33Ybw=
Subject key identifier: 45:62:DF:7D:9A:1F:FE:1B:24:16:6E:CF:07:FE:AF:2C:9D:0F:C0:00
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B49397BCCC0E06AC139296ACCD993AAB57879B8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/807af5d9-1ea1-407f-a2a9-39ad687146ec.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:49:39:7b:cc:c0:e0:6a:c1:39:29:6a:cc:d9:93:aa:b5:78:79:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=41a1b03da24937600f6e618ba54b3350412b20903ef9f1e626234624f6078e6a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:35:74:93:f9:ce:d4:a2:50:a6:79:0c:93:ee:
c7:cf:f7:33:b0:b2:b0:00:61:d8:f3:3b:a2:36:db:
5b:8c:66:e9:7c:3e:dc:d8:57:d2:39:ea:60:23:a9:
5b:0f:b4:09:eb:80:d9:db:c1:66:86:b8:6c:63:de:
56:ef:f2:7b:60:71:37:71:65:df:4b:6c:4d:26:0a:
01:6f:c4:96:91:99:c6:89:75:d9:e9:ba:ac:bb:f4:
8e:f1:e4:6f:f6:b0:3d:96:e9:ef:be:c1:a1:de:5e:
70:e3:d8:75:3c:61:ee:af:96:6a:b7:cc:62:9b:6c:
f6:86:f1:fc:2d:25:d7:63:42:a5:00:7b:db:33:be:
9c:bc:74:71:dd:02:3e:1b:e7:98:8d:c7:8b:de:f1:
10:88:36:2f:e8:ae:03:fb:c9:fb:dd:46:bd:ac:1d:
d2:ea:69:11:c2:93:6c:25:1a:c6:c3:5a:8a:bc:12:
6d:c6:37:e7:66:1d:7f:f4:65:4b:c4:af:52:ee:06:
aa:59:db:c2:b5:26:e0:92:be:3d:fd:0d:78:51:95:
ee:c1:dd:8c:c5:f8:75:83:81:59:e0:bd:ce:8d:d2:
fd:12:68:fc:98:33:eb:98:57:96:57:e2:84:39:29:
99:7d:f5:d8:58:44:c8:36:41:7f:6d:05:ab:6e:9c:
fc:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:62:DF:7D:9A:1F:FE:1B:24:16:6E:CF:07:FE:AF:2C:9D:0F:C0:00
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/807af5d9-1ea1-407f-a2a9-39ad687146ec.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:8000::/40
Signature Algorithm: sha256WithRSAEncryption
2e:b8:25:78:3d:b3:12:95:ec:c5:6c:fe:b0:8f:76:3b:88:5d:
71:e6:64:43:a5:a9:cd:83:cd:8a:a9:0a:0e:49:1a:6b:73:78:
2b:8d:ec:37:d0:6a:72:a7:40:51:44:95:e9:2a:cb:80:fc:25:
3e:0e:65:69:dd:5c:97:c9:54:d2:92:cc:15:38:0e:16:43:bf:
c6:74:9e:5d:01:ab:c7:b3:74:23:09:b6:fa:b8:30:09:85:fe:
a1:4a:07:e6:e5:75:4d:b8:3c:e4:43:33:5f:3d:47:eb:94:5a:
03:42:7f:ac:88:8c:07:10:eb:68:c8:9a:f0:8d:bc:75:a3:7d:
29:a3:cf:4b:94:75:bb:e1:96:f5:fe:f0:5d:b4:13:32:86:64:
18:69:11:59:03:ba:79:e0:12:1a:68:57:94:3c:a4:53:4f:a6:
8b:4c:91:57:5a:82:b4:40:d8:be:88:4d:a6:70:24:d5:d5:89:
0d:30:79:26:57:31:c3:77:85:0e:f1:9b:bc:cb:38:05:5a:c2:
87:88:b8:83:29:62:ab:b1:3e:37:1c:20:7b:7e:8b:d7:73:f6:
bd:10:fb:eb:12:3e:ee:2a:7e:df:4e:25:07:a9:5c:02:37:bb:
eb:4f:2c:26:2b:51:5e:2e:97:c4:fe:6a:5b:6b:6f:c9:bd:72:
9b:d2:c3:da
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG0k5e8zA4GrBOSlqzNmTqrV4ebgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDQxYTFiMDNkYTI0OTM3NjAwZjZlNjE4YmE1NGIzMzUwNDEyYjIwOTAzZWY5
ZjFlNjI2MjM0NjI0ZjYwNzhlNmExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJU1dJP5ztSiUKZ5DJPux8/3M7CysABh2PM7ojbbW4xm6Xw+3NhX0jnqYCOp
Ww+0CeuA2dvBZoa4bGPeVu/ye2BxN3Fl30tsTSYKAW/ElpGZxol12em6rLv0jvHk
b/awPZbp777Bod5ecOPYdTxh7q+WarfMYpts9obx/C0l12NCpQB72zO+nLx0cd0C
PhvnmI3Hi97xEIg2L+iuA/vJ+91Gvawd0uppEcKTbCUaxsNairwSbcY352Ydf/Rl
S8SvUu4GqlnbwrUm4JK+Pf0NeFGV7sHdjMX4dYOBWeC9zo3S/RJo/Jgz65hXllfi
hDkpmX312FhEyDZBf20Fq26c/B8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRFYt99
mh/+GyQWbs8H/q8snQ/AADAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODA3YWY1ZDktMWVhMS00MDdmLWEyYTktMzlhZDY4NzE0NmVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DWA
MA0GCSqGSIb3DQEBCwUAA4IBAQAuuCV4PbMSlezFbP6wj3Y7iF1x5mRDpanNg82K
qQoOSRprc3grjew30Gpyp0BRRJXpKsuA/CU+DmVp3VyXyVTSkswVOA4WQ7/GdJ5d
AavHs3QjCbb6uDAJhf6hSgfm5XVNuDzkQzNfPUfrlFoDQn+siIwHEOtoyJrwjbx1
o30po89LlHW74Zb1/vBdtBMyhmQYaRFZA7p54BIaaFeUPKRTT6aLTJFXWoK0QNi+
iE2mcCTV1YkNMHkmVzHDd4UO8Zu8yzgFWsKHiLiDKWKrsT43HCB7fovXc/a9EPvr
Ej7uKn7fTiUHqVwCN7vrTywmK1FeLpfE/mpba2/JvXKb0sPa
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:14 2025 by rpki-client