Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/930d7941-ad20-4348-94b1-5c8d5e9e016c.roa
File: 930d7941-ad20-4348-94b1-5c8d5e9e016c.roa (raw, json)
Hash identifier: ynT/kxHdne8MV4LyQcndb0LGFL9ocuV80xWGCtBkcho=
Subject key identifier: FF:73:15:87:DE:B6:27:6E:FC:BC:A3:8C:A3:B6:D2:F8:96:C1:39:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F981B0C6FB4AF62E9457820DB820E3C51F82EE6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/930d7941-ad20-4348-94b1-5c8d5e9e016c.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:98:1b:0c:6f:b4:af:62:e9:45:78:20:db:82:0e:3c:51:f8:2e:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=a2370b60219a0a03d8954a44b459e16bb19e1911b9ff6cb0d45a360efa77ee0a, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:a6:4d:b1:e3:41:2e:75:23:1e:1f:e5:42:98:
24:0b:b1:a9:c6:58:23:81:74:bb:d7:ce:38:2c:6b:
12:4b:00:67:46:eb:17:9d:9c:eb:20:93:4f:bb:f3:
45:03:6d:2c:14:f8:44:ee:f6:06:97:ed:b5:09:c6:
b7:03:ae:1d:5a:bd:06:9c:c1:a8:cc:d1:ad:2f:ea:
dc:37:9c:8f:01:7b:b2:db:16:03:d9:00:07:e9:c6:
99:15:63:59:6f:9a:45:cc:59:59:bc:32:d8:c3:45:
b7:e1:16:d6:43:62:a8:42:08:f5:d2:9c:89:af:66:
f2:c8:49:61:66:94:12:b0:77:f3:79:4d:95:cb:f5:
5c:ac:70:42:f6:05:1c:6b:53:4d:3c:ce:a4:1c:c1:
6c:55:fc:a1:fa:f3:3d:55:70:6b:10:b7:9e:0b:c6:
43:9a:98:f0:a9:7c:3f:fe:41:1a:9a:ce:b8:6e:01:
b8:3a:dc:f5:b5:c4:c4:87:bb:52:20:bb:1f:d1:ca:
0b:f8:27:93:cf:4e:81:cf:f1:64:b8:7a:46:a9:ce:
bc:57:90:45:13:81:90:26:6b:61:7e:2c:17:ef:ed:
5a:92:f5:52:53:d4:9b:f9:21:b4:e2:ed:93:f3:be:
3b:cf:5f:ce:6f:af:43:0c:cc:fd:c8:8e:27:d1:de:
42:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:73:15:87:DE:B6:27:6E:FC:BC:A3:8C:A3:B6:D2:F8:96:C1:39:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/930d7941-ad20-4348-94b1-5c8d5e9e016c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:2000::/40
Signature Algorithm: sha256WithRSAEncryption
54:38:6d:75:50:84:98:fe:e9:03:47:1d:02:7f:42:5c:80:f2:
a6:46:9e:d2:3a:22:46:58:e6:fc:8c:1a:7c:11:17:52:ba:80:
b3:67:47:b5:a9:13:f3:b0:1c:e5:3f:71:7a:0d:a1:70:9b:db:
13:1c:bb:ed:89:6b:0e:fd:b7:d6:ce:92:41:15:da:9f:2d:57:
ed:40:9b:13:b2:11:01:73:9f:f6:57:b6:c1:dd:91:60:f9:ad:
ac:31:a2:1c:56:56:58:c3:96:21:4b:e0:8d:b2:6c:2e:d7:8a:
33:81:bb:98:83:23:47:0e:5b:9a:b0:41:8c:9c:a4:02:fa:fa:
83:c7:79:87:0e:7b:9a:ed:9e:4e:57:80:f0:72:4d:a5:90:f7:
98:c1:b8:91:e3:18:3d:9a:08:15:75:29:d2:4b:45:c1:7d:88:
f3:c0:f8:ca:15:20:48:2c:16:f7:26:22:a7:4a:c1:c2:e6:6d:
3d:69:14:4c:3c:8b:93:f0:cb:1b:61:41:b9:f9:c0:c0:f6:c3:
ed:54:57:80:bf:95:b9:0c:cd:76:07:c9:8a:16:db:c8:90:de:
3b:e8:36:0e:8a:ac:74:19:fb:5a:61:f2:ca:f5:7c:f0:36:13:
ac:7c:9c:5d:a0:c2:18:97:d7:98:ad:94:78:f2:aa:f9:c2:7f:
5c:44:f3:95
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH5gbDG+0r2LpRXgg24IOPFH4LuYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTcwMDAwMDBaFw0yNTAxMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyMzcwYjYwMjE5YTBhMDNkODk1NGE0NGI0NTllMTZiYjE5ZTE5MTFiOWZm
NmNiMGQ0NWEzNjBlZmE3N2VlMGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJOmTbHjQS51Ix4f5UKYJAuxqcZYI4F0u9fOOCxrEksAZ0brF52c6yCTT7vz
RQNtLBT4RO72BpfttQnGtwOuHVq9BpzBqMzRrS/q3DecjwF7stsWA9kAB+nGmRVj
WW+aRcxZWbwy2MNFt+EW1kNiqEII9dKcia9m8shJYWaUErB383lNlcv1XKxwQvYF
HGtTTTzOpBzBbFX8ofrzPVVwaxC3ngvGQ5qY8Kl8P/5BGprOuG4BuDrc9bXExIe7
UiC7H9HKC/gnk89Ogc/xZLh6RqnOvFeQRROBkCZrYX4sF+/tWpL1UlPUm/khtOLt
k/O+O89fzm+vQwzM/ciOJ9HeQg8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT/cxWH
3rYnbvy8o4yjttL4lsE5gjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OTMwZDc5NDEtYWQyMC00MzQ4LTk0YjEtNWM4ZDVlOWUwMTZjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HQg
MA0GCSqGSIb3DQEBCwUAA4IBAQBUOG11UISY/ukDRx0Cf0JcgPKmRp7SOiJGWOb8
jBp8ERdSuoCzZ0e1qRPzsBzlP3F6DaFwm9sTHLvtiWsO/bfWzpJBFdqfLVftQJsT
shEBc5/2V7bB3ZFg+a2sMaIcVlZYw5YhS+CNsmwu14ozgbuYgyNHDluasEGMnKQC
+vqDx3mHDnua7Z5OV4Dwck2lkPeYwbiR4xg9mggVdSnSS0XBfYjzwPjKFSBILBb3
JiKnSsHC5m09aRRMPIuT8MsbYUG5+cDA9sPtVFeAv5W5DM12B8mKFtvIkN476DYO
iqx0GftaYfLK9XzwNhOsfJxdoMIYl9eYrZR48qr5wn9cRPOV
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:03 2025 by rpki-client