Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868bb3c8-7825-4e79-8a14-42d9fac4e917.roa
File: 868bb3c8-7825-4e79-8a14-42d9fac4e917.roa (raw, json)
Hash identifier: bxRWdkDLxNwGBrPgM75MHvyzje93Rahznx146ao/tNA=
Subject key identifier: 5D:A5:21:6E:20:B2:65:1D:9E:73:38:B0:CB:D5:BA:BD:3C:A3:74:9B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 620D963723BE28D9AE42C048C9E4B4132CA604A4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868bb3c8-7825-4e79-8a14-42d9fac4e917.roa
Signing time: Tue 03 Dec 2024 00:00:00 +0000
ROA not before: Tue 03 Dec 2024 00:00:00 +0000
ROA not after: Tue 07 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 79.125.0.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:0d:96:37:23:be:28:d9:ae:42:c0:48:c9:e4:b4:13:2c:a6:04:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 3 00:00:00 2024 GMT
Not After : Jan 7 23:59:59 2025 GMT
Subject: serialNumber=a9ba6ad884d6125bd045ac87cb90de66e140e1a4779abb1fa52983c7e00b3edc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:65:3b:f2:c5:21:d4:d7:4e:03:11:b6:a8:2d:
20:7b:c3:39:be:a3:8a:1a:00:97:c7:82:5b:45:84:
bb:e2:eb:45:99:25:99:3f:60:72:fb:20:58:24:af:
18:72:0f:54:05:67:a8:46:f2:c3:f6:ab:40:9c:a4:
16:dc:4b:66:d5:63:a9:4c:ad:c2:24:c9:86:fe:a6:
f7:b1:f7:a6:b6:de:18:44:68:18:91:08:02:be:de:
b0:46:03:40:df:27:46:15:26:e0:dd:29:af:6b:04:
95:9e:a6:fb:0a:38:4d:65:14:82:41:be:8a:f3:4f:
5a:8f:f6:b6:84:42:df:9d:bd:c6:c1:d8:60:20:53:
af:af:a5:a7:20:98:c2:20:0d:40:2b:da:a1:d0:bf:
1e:c6:89:8c:75:af:2e:ba:f9:e3:8e:1a:01:a4:52:
b7:80:6b:95:71:4c:31:29:4c:35:1f:a9:85:9e:5f:
6c:c3:a8:c1:47:7e:d4:09:0a:7d:d7:eb:7b:60:88:
15:49:c8:0b:aa:9b:32:ac:9f:90:05:05:83:00:7d:
e6:23:f4:b3:ed:ed:6f:2e:67:81:a5:47:01:55:ea:
54:19:d7:c3:a2:2a:5d:69:61:69:71:d5:0d:23:3f:
47:d4:9a:f4:57:1d:e5:70:9b:7b:bd:b2:90:62:62:
d5:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:A5:21:6E:20:B2:65:1D:9E:73:38:B0:CB:D5:BA:BD:3C:A3:74:9B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/868bb3c8-7825-4e79-8a14-42d9fac4e917.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.125.0.0/17
Signature Algorithm: sha256WithRSAEncryption
2c:0c:93:90:ab:6f:de:ae:43:fc:78:9c:81:ae:9b:39:60:be:
c9:8b:59:a7:59:17:f7:fd:10:7e:87:1e:23:51:de:4e:10:42:
d3:cc:ef:b0:02:76:d1:56:0e:20:6b:64:ea:32:0a:da:85:3b:
d4:b9:75:d8:87:80:67:01:6e:bf:82:29:b5:a0:4e:ff:62:df:
94:3f:10:16:f3:3c:c3:12:fe:ab:93:d1:d6:48:95:85:71:d9:
fa:d9:70:f6:3a:01:31:b9:33:dd:16:81:22:90:3a:59:e8:af:
99:b7:38:5b:dd:7e:64:8c:21:a6:1f:02:38:6e:b1:2c:3d:62:
e7:89:7b:2a:ee:54:9b:db:1b:86:a0:41:6e:a0:c1:88:61:87:
86:b4:fe:f2:af:39:3b:78:d5:76:23:44:34:85:02:e8:94:a7:
62:95:6a:b5:86:ff:3f:4a:81:f8:b7:9b:f6:e1:55:eb:43:16:
55:eb:1b:42:0e:cb:47:bd:80:0b:ff:ed:77:3d:58:85:22:c5:
bc:61:f8:30:e9:6d:73:2e:eb:59:8d:c6:f9:6d:b7:e2:3b:39:
07:cc:ca:13:77:69:df:9e:5a:33:0f:38:91:61:ab:75:8f:8e:
8b:01:7d:05:d4:ca:64:15:42:cf:63:2f:cb:18:ce:48:6f:13:
6e:10:68:65
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUYg2WNyO+KNmuQsBIyeS0EyymBKQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMDMwMDAwMDBaFw0yNTAxMDcyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5YmE2YWQ4ODRkNjEyNWJkMDQ1YWM4N2NiOTBkZTY2ZTE0MGUxYTQ3Nzlh
YmIxZmE1Mjk4M2M3ZTAwYjNlZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK9lO/LFIdTXTgMRtqgtIHvDOb6jihoAl8eCW0WEu+LrRZklmT9gcvsgWCSv
GHIPVAVnqEbyw/arQJykFtxLZtVjqUytwiTJhv6m97H3prbeGERoGJEIAr7esEYD
QN8nRhUm4N0pr2sElZ6m+wo4TWUUgkG+ivNPWo/2toRC3529xsHYYCBTr6+lpyCY
wiANQCvaodC/HsaJjHWvLrr5444aAaRSt4BrlXFMMSlMNR+phZ5fbMOowUd+1AkK
fdfre2CIFUnIC6qbMqyfkAUFgwB95iP0s+3tby5ngaVHAVXqVBnXw6IqXWlhaXHV
DSM/R9Sa9Fcd5XCbe72ykGJi1V8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRdpSFu
ILJlHZ5zOLDL1bq9PKN0mzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODY4YmIzYzgtNzgyNS00ZTc5LThhMTQtNDJkOWZhYzRlOTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEB099ADAN
BgkqhkiG9w0BAQsFAAOCAQEALAyTkKtv3q5D/Hicga6bOWC+yYtZp1kX9/0Qfoce
I1HeThBC08zvsAJ20VYOIGtk6jIK2oU71Ll12IeAZwFuv4IptaBO/2LflD8QFvM8
wxL+q5PR1kiVhXHZ+tlw9joBMbkz3RaBIpA6Weivmbc4W91+ZIwhph8COG6xLD1i
54l7Ku5Um9sbhqBBbqDBiGGHhrT+8q85O3jVdiNENIUC6JSnYpVqtYb/P0qB+Leb
9uFV60MWVesbQg7LR72AC//tdz1YhSLFvGH4MOltcy7rWY3G+W234js5B8zKE3dp
355aMw84kWGrdY+OiwF9BdTKZBVCz2MvyxjOSG8TbhBoZQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:45:20 2025 by rpki-client