Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/923dbc95-0449-446c-ae51-58e8fbf6f2ca.roa
File: 923dbc95-0449-446c-ae51-58e8fbf6f2ca.roa (raw, json)
Hash identifier: Y//0JSh43Vs+eEURngt04qh0vRn9o3I4F1UK1+d/dfM=
Subject key identifier: EA:99:4C:60:49:34:85:97:C1:1F:EB:D3:F1:00:03:CB:63:69:D5:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6740C810C91075E0F2951CFEA5F17B23027C072B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/923dbc95-0449-446c-ae51-58e8fbf6f2ca.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:6000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:40:c8:10:c9:10:75:e0:f2:95:1c:fe:a5:f1:7b:23:02:7c:07:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=4e05df3028232c2b1d76e2c455a1f071d206640e464cf8b903c9e8844a9fc511, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:2f:8b:09:22:a2:2d:94:f9:e4:73:a3:86:13:
bc:4f:aa:e1:26:1d:c2:0e:b7:9d:48:55:37:e1:d6:
00:7c:07:0e:a5:7c:77:1c:e0:93:42:ec:c7:6e:2f:
a9:50:b6:0e:78:e7:a8:5b:19:2e:a7:79:e0:4c:0f:
56:43:d4:98:e0:33:29:90:6c:2a:c6:5c:4b:1d:04:
bf:0c:27:f3:19:cf:ca:72:06:32:87:2a:17:4e:0f:
b0:26:b7:63:57:53:93:b2:27:f7:20:45:a6:a6:1a:
ab:3c:cc:d9:cb:a4:fc:ba:4a:0c:03:e8:b2:d5:f9:
2f:b1:4e:58:39:0a:c2:4f:5c:24:f0:c9:fb:b5:28:
c5:4a:dc:b9:e7:8b:6d:de:72:4d:36:e0:22:9c:96:
b5:c8:d8:ba:b8:dc:7e:1b:a8:71:66:4c:52:7b:4a:
1b:ac:1a:c6:bf:10:30:e5:1f:5e:24:2d:c9:dc:ef:
09:57:9d:3c:d9:01:ca:6a:54:50:13:e7:91:84:fb:
42:dc:b5:f0:8b:2c:26:05:70:a7:34:f2:2d:c8:01:
eb:7d:04:6e:46:26:3d:95:8d:2e:cf:fb:73:90:0a:
2d:29:96:b5:23:d6:8b:92:5b:43:dc:12:d6:1a:68:
34:51:51:7b:7e:55:e4:0a:a6:59:ea:9b:ef:13:ca:
f3:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:99:4C:60:49:34:85:97:C1:1F:EB:D3:F1:00:03:CB:63:69:D5:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/923dbc95-0449-446c-ae51-58e8fbf6f2ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:6000::/40
Signature Algorithm: sha256WithRSAEncryption
7a:97:e3:79:1f:03:ab:d4:b1:ad:45:08:5a:f3:70:7f:22:30:
de:52:c1:4b:55:cc:f4:87:09:07:43:0a:5a:16:c0:3a:ab:c5:
5d:82:ca:a4:2d:1b:8c:e5:17:83:8a:bb:7b:95:94:cc:b9:52:
bc:bd:54:ed:bd:9a:c0:13:5b:99:a8:ba:50:27:9a:07:92:5c:
e7:a6:aa:e4:a0:42:11:35:fc:6b:e7:04:3d:ef:22:d4:af:99:
8d:59:28:a5:1d:be:15:68:2e:3e:1c:10:55:70:1a:32:2b:24:
f0:1d:e3:6d:c4:e3:93:23:b6:08:56:81:5c:60:11:2f:4a:f3:
b5:b0:ea:96:d8:04:7e:03:40:dd:1b:27:14:5d:75:ee:f4:42:
4c:3c:5f:9e:4f:a5:9d:ee:24:70:01:06:75:89:16:1a:a4:75:
7d:3e:fa:4c:c2:16:82:d8:fb:a6:12:05:19:42:10:b3:f7:cc:
f2:69:02:dd:c6:0a:0d:6d:11:60:82:bb:90:64:d4:4d:98:9f:
7f:df:f8:20:19:09:77:01:05:ca:af:bf:77:74:f2:02:e1:f7:
00:5d:c1:86:65:ae:b3:35:02:44:8a:4c:dc:ca:3a:14:4b:ee:
f7:fd:74:75:b8:83:aa:09:4d:cd:d5:f8:d8:2b:4e:ef:70:c4:
b3:f6:c9:00
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ0DIEMkQdeDylRz+pfF7IwJ8ByswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRlMDVkZjMwMjgyMzJjMmIxZDc2ZTJjNDU1YTFmMDcxZDIwNjY0MGU0NjRj
ZjhiOTAzYzllODg0NGE5ZmM1MTExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKwviwkioi2U+eRzo4YTvE+q4SYdwg63nUhVN+HWAHwHDqV8dxzgk0Lsx24v
qVC2DnjnqFsZLqd54EwPVkPUmOAzKZBsKsZcSx0Evwwn8xnPynIGMocqF04PsCa3
Y1dTk7In9yBFpqYaqzzM2cuk/LpKDAPostX5L7FOWDkKwk9cJPDJ+7UoxUrcueeL
bd5yTTbgIpyWtcjYurjcfhuocWZMUntKG6waxr8QMOUfXiQtydzvCVedPNkBympU
UBPnkYT7Qty18IssJgVwpzTyLcgB630EbkYmPZWNLs/7c5AKLSmWtSPWi5JbQ9wS
1hpoNFFRe35V5AqmWeqb7xPK85UCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTqmUxg
STSFl8Ef69PxAAPLY2nViTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTIzZGJjOTUtMDQ0OS00NDZjLWFlNTEtNThlOGZiZjZmMmNhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hlg
MA0GCSqGSIb3DQEBCwUAA4IBAQB6l+N5HwOr1LGtRQha83B/IjDeUsFLVcz0hwkH
QwpaFsA6q8VdgsqkLRuM5ReDirt7lZTMuVK8vVTtvZrAE1uZqLpQJ5oHklznpqrk
oEIRNfxr5wQ97yLUr5mNWSilHb4VaC4+HBBVcBoyKyTwHeNtxOOTI7YIVoFcYBEv
SvO1sOqW2AR+A0DdGycUXXXu9EJMPF+eT6Wd7iRwAQZ1iRYapHV9PvpMwhaC2Pum
EgUZQhCz98zyaQLdxgoNbRFggruQZNRNmJ9/3/ggGQl3AQXKr793dPIC4fcAXcGG
Za6zNQJEikzcyjoUS+73/XR1uIOqCU3N1fjYK07vcMSz9skA
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:14 2025 by rpki-client