Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c779864-4bc0-46d9-826d-bdc4e03b1ebc.roa
File: 8c779864-4bc0-46d9-826d-bdc4e03b1ebc.roa (raw, json)
Hash identifier: gfKNyknDh6DMnxWg88ws1xvtWaOPgUMi1iz7habOtlQ=
Subject key identifier: 47:F1:AD:0A:30:79:8A:8C:69:2D:5D:C1:FF:1C:69:62:5F:2E:8C:A2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F80366823CC0DD6845FC09C1C3D5AE0B893BC60
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c779864-4bc0-46d9-826d-bdc4e03b1ebc.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:5000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:80:36:68:23:cc:0d:d6:84:5f:c0:9c:1c:3d:5a:e0:b8:93:bc:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=e110a2f7766335740fb5f287646e1855ab25e2fc30985d6a67ef0f145772f1c9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:f5:6d:3e:e5:67:c3:04:ff:0c:55:d3:e7:8a:
5c:05:4e:c5:c5:20:c9:5e:77:44:53:67:4d:b8:49:
c5:50:08:62:11:c6:a9:52:17:8a:09:82:39:ad:87:
40:78:12:5c:b8:d4:14:e3:ea:57:40:b5:d1:0f:74:
f5:de:f7:15:6f:ae:10:ae:58:25:8e:02:f1:a2:cf:
a3:16:b0:d3:e5:7d:69:95:11:61:65:77:00:65:be:
8f:6b:59:32:63:76:36:31:e4:a8:ce:d5:e5:57:3c:
70:78:6d:c8:9d:7d:21:4f:22:09:f7:3f:38:96:29:
43:17:6b:90:1c:af:5d:3e:60:60:8c:23:74:79:aa:
b4:9c:4c:9c:5e:e6:55:7d:20:01:9a:43:02:00:89:
01:58:ea:35:54:52:e5:54:2f:40:ca:32:52:9f:39:
4f:76:37:7f:d3:8a:6c:e9:63:7b:bc:b1:b8:bc:bb:
2c:1e:f4:fe:97:ca:df:bb:b6:e6:d9:16:00:11:38:
17:9b:3b:2e:ce:d0:30:fc:d3:be:6b:d9:ca:7f:2f:
cf:a6:88:43:4c:b5:b9:f6:13:12:47:81:00:51:f5:
df:f9:d9:6e:84:49:84:5c:ee:f6:53:a2:26:28:66:
64:29:91:d9:b8:01:53:2f:56:c4:78:ac:b5:78:d3:
2f:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:F1:AD:0A:30:79:8A:8C:69:2D:5D:C1:FF:1C:69:62:5F:2E:8C:A2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c779864-4bc0-46d9-826d-bdc4e03b1ebc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:5000::/40
Signature Algorithm: sha256WithRSAEncryption
04:f2:ba:84:6a:f3:27:0c:24:6b:ec:28:77:36:60:e8:09:d4:
72:a9:f1:e4:e7:87:44:a1:81:fc:d6:5a:50:60:d0:3c:a0:09:
11:b1:be:15:90:8f:7b:e6:39:96:b2:92:83:c3:64:1c:93:47:
ec:10:0c:6e:db:d5:c8:48:87:80:df:83:6f:f8:ec:2a:86:14:
73:3d:5d:b3:bf:94:da:39:31:b5:59:dd:b0:e6:61:77:00:12:
65:94:73:2c:34:39:a6:62:46:e9:7d:1e:35:ed:19:89:c8:ae:
f4:a3:86:f3:8b:d7:1b:d6:e1:0e:66:c9:09:cb:75:05:33:34:
06:c4:a9:78:31:36:90:0c:83:83:da:a9:b3:97:57:89:f7:00:
ed:b1:54:26:6d:58:79:60:d8:8a:9b:91:44:6a:92:d7:b9:f5:
e4:e6:29:43:32:e4:01:25:fd:e8:dd:ba:5a:8f:27:3d:0a:a1:
0c:4b:b5:c1:6e:a7:71:d4:81:53:0f:82:07:e9:c9:bf:fa:de:
a8:a7:28:dd:c8:e9:db:02:d4:6e:e9:f7:36:cb:c5:2e:97:37:
77:42:05:53:84:80:28:e8:bc:44:59:63:1e:f4:fb:d1:ee:1f:
3b:fb:8b:16:87:8c:87:d9:ef:31:5e:e9:15:40:2e:7f:46:7d:
4b:42:8c:4a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUL4A2aCPMDdaEX8CcHD1a4LiTvGAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUxMTBhMmY3NzY2MzM1NzQwZmI1ZjI4NzY0NmUxODU1YWIyNWUyZmMzMDk4
NWQ2YTY3ZWYwZjE0NTc3MmYxYzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKH1bT7lZ8ME/wxV0+eKXAVOxcUgyV53RFNnTbhJxVAIYhHGqVIXigmCOa2H
QHgSXLjUFOPqV0C10Q909d73FW+uEK5YJY4C8aLPoxaw0+V9aZURYWV3AGW+j2tZ
MmN2NjHkqM7V5Vc8cHhtyJ19IU8iCfc/OJYpQxdrkByvXT5gYIwjdHmqtJxMnF7m
VX0gAZpDAgCJAVjqNVRS5VQvQMoyUp85T3Y3f9OKbOlje7yxuLy7LB70/pfK37u2
5tkWABE4F5s7Ls7QMPzTvmvZyn8vz6aIQ0y1ufYTEkeBAFH13/nZboRJhFzu9lOi
JihmZCmR2bgBUy9WxHistXjTL0UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRH8a0K
MHmKjGktXcH/HGliXy6MojAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGM3Nzk4NjQtNGJjMC00NmQ5LTgyNmQtYmRjNGUwM2IxZWJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ABQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAE8rqEavMnDCRr7Ch3NmDoCdRyqfHk54dEoYH8
1lpQYNA8oAkRsb4VkI975jmWspKDw2Qck0fsEAxu29XISIeA34Nv+OwqhhRzPV2z
v5TaOTG1Wd2w5mF3ABJllHMsNDmmYkbpfR417RmJyK70o4bzi9cb1uEOZskJy3UF
MzQGxKl4MTaQDIOD2qmzl1eJ9wDtsVQmbVh5YNiKm5FEapLXufXk5ilDMuQBJf3o
3bpajyc9CqEMS7XBbqdx1IFTD4IH6cm/+t6opyjdyOnbAtRu6fc2y8Uulzd3QgVT
hIAo6LxEWWMe9PvR7h87+4sWh4yH2e8xXukVQC5/Rn1LQoxK
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:28 2025 by rpki-client