Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b0e282b-3b78-4530-8323-91f35bf9b20b.roa
File: 9b0e282b-3b78-4530-8323-91f35bf9b20b.roa (raw, json)
Hash identifier: GBda4t9vVosJYTIxH++VK9ngEGuw196sF4eqtCn1kyY=
Subject key identifier: 69:E7:A1:FC:EA:69:AC:5F:82:A0:FD:53:01:7A:05:CF:12:05:8C:DD
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 65B5BCB6E15EE673A6199FE3A17C1F207F8F44D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b0e282b-3b78-4530-8323-91f35bf9b20b.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:6000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:b5:bc:b6:e1:5e:e6:73:a6:19:9f:e3:a1:7c:1f:20:7f:8f:44:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=600f9e00562a0240add917aa3447663f254feb9dad4a4d99899f79317847e701, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b3:79:86:42:7f:21:2b:79:a2:73:5d:24:88:
b0:f7:f7:ff:20:c7:0d:56:2e:00:34:8d:b3:c2:5a:
87:9a:3b:af:b8:81:ab:63:a4:e9:fc:7f:f1:15:70:
47:42:4c:b6:45:66:42:24:01:3e:7c:cd:f2:9f:1a:
b0:e9:27:cd:3e:c3:13:23:83:e1:5e:79:b0:ea:17:
6e:f6:a9:f2:1a:b1:92:87:6b:24:e4:ab:e3:f6:d9:
a1:5a:8c:4d:29:4b:b1:c9:9d:91:cc:d4:b7:b5:a2:
1d:9c:b8:0f:b2:06:4f:54:4f:f3:be:8b:18:39:b4:
ec:8b:cd:75:11:3b:92:0b:b8:25:c0:24:14:98:9d:
09:ee:8f:95:5b:ef:c0:8a:a9:39:e5:6b:21:cd:a7:
e7:76:78:6e:b5:65:86:1a:6f:a3:c5:f3:1b:c8:d9:
8b:93:c4:32:14:08:77:76:25:cd:9d:3f:18:ae:d5:
b9:3d:77:15:93:f2:04:b1:a9:42:77:39:5c:4a:31:
cb:58:44:ac:86:b7:13:a0:f3:bd:3e:ec:6d:fe:80:
86:ac:6b:aa:b0:d1:32:e1:b4:e9:46:a1:39:f9:f2:
cb:72:57:8b:99:c5:f3:25:49:fb:2e:c2:58:a5:04:
57:5e:90:b7:9a:ec:0c:3d:54:ee:02:ff:33:45:c6:
8f:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:E7:A1:FC:EA:69:AC:5F:82:A0:FD:53:01:7A:05:CF:12:05:8C:DD
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b0e282b-3b78-4530-8323-91f35bf9b20b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:6000::/40
Signature Algorithm: sha256WithRSAEncryption
23:d4:62:96:73:01:1b:ad:bf:71:4d:a2:2c:53:27:82:cc:c7:
fa:00:c4:2e:fb:8e:3b:84:02:44:39:4a:3a:2c:3e:a9:dd:5c:
32:30:80:30:1b:52:29:1c:99:21:0e:6f:ec:85:86:14:c0:2e:
e0:64:44:fd:54:1d:4e:39:6e:2c:94:08:6e:24:3a:48:e8:9b:
63:69:c3:08:01:68:37:11:53:47:7d:b7:af:e5:5c:46:6b:bb:
b2:06:5a:45:58:28:d1:0e:59:4f:47:e8:a1:90:e2:a0:61:ed:
3d:e6:cd:f4:00:89:0e:39:71:fb:98:02:26:6b:55:63:15:0e:
23:32:4c:86:e4:4d:39:5a:ec:f5:e6:2d:89:e8:96:80:9d:65:
40:b7:40:a1:a7:5b:b1:6c:8e:67:99:bc:44:6c:06:c3:7b:03:
9d:90:8f:24:7b:ef:74:fd:79:fe:af:18:2f:be:a9:13:28:9d:
b6:80:64:07:17:dd:1c:3a:96:a3:06:35:6d:c7:48:c4:c1:65:
80:d1:c9:20:7b:73:7b:17:e2:33:44:3b:c7:3e:ed:ca:5b:ff:
d3:66:fc:82:56:d1:3d:d3:d2:3e:f0:5f:b1:28:18:84:5f:ba:
0f:f4:fa:82:f0:93:31:37:75:85:bb:39:f6:2f:c1:1b:c1:ad:
46:0b:a7:c6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZbW8tuFe5nOmGZ/joXwfIH+PRNQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYwMGY5ZTAwNTYyYTAyNDBhZGQ5MTdhYTM0NDc2NjNmMjU0ZmViOWRhZDRh
NGQ5OTg5OWY3OTMxNzg0N2U3MDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMKzeYZCfyEreaJzXSSIsPf3/yDHDVYuADSNs8Jah5o7r7iBq2Ok6fx/8RVw
R0JMtkVmQiQBPnzN8p8asOknzT7DEyOD4V55sOoXbvap8hqxkodrJOSr4/bZoVqM
TSlLscmdkczUt7WiHZy4D7IGT1RP876LGDm07IvNdRE7kgu4JcAkFJidCe6PlVvv
wIqpOeVrIc2n53Z4brVlhhpvo8XzG8jZi5PEMhQId3YlzZ0/GK7VuT13FZPyBLGp
Qnc5XEoxy1hErIa3E6DzvT7sbf6AhqxrqrDRMuG06UahOfnyy3JXi5nF8yVJ+y7C
WKUEV16Qt5rsDD1U7gL/M0XGj08CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRp56H8
6mmsX4Kg/VMBegXPEgWM3TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWIwZTI4MmItM2I3OC00NTMwLTgzMjMtOTFmMzViZjliMjBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hdg
MA0GCSqGSIb3DQEBCwUAA4IBAQAj1GKWcwEbrb9xTaIsUyeCzMf6AMQu+447hAJE
OUo6LD6p3VwyMIAwG1IpHJkhDm/shYYUwC7gZET9VB1OOW4slAhuJDpI6JtjacMI
AWg3EVNHfbev5VxGa7uyBlpFWCjRDllPR+ihkOKgYe095s30AIkOOXH7mAIma1Vj
FQ4jMkyG5E05Wuz15i2J6JaAnWVAt0Chp1uxbI5nmbxEbAbDewOdkI8ke+90/Xn+
rxgvvqkTKJ22gGQHF90cOpajBjVtx0jEwWWA0ckge3N7F+IzRDvHPu3KW//TZvyC
VtE909I+8F+xKBiEX7oP9PqC8JMxN3WFuzn2L8Ebwa1GC6fG
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:32 2025 by rpki-client