Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a75eda97-cc53-4a04-9991-af2bfeeed825.roa
File: a75eda97-cc53-4a04-9991-af2bfeeed825.roa (raw, json)
Hash identifier: lxw1n/TQIsD9f+MOPLAf0j7upKHVmZAgBKa4xpYrq3U=
Subject key identifier: 39:8A:A0:2B:BE:88:9B:B6:17:08:E7:41:61:F6:8C:C1:A3:67:07:44
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78CC5A3E74446CD047C4D7B70AB1366847E66252
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a75eda97-cc53-4a04-9991-af2bfeeed825.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:9000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:cc:5a:3e:74:44:6c:d0:47:c4:d7:b7:0a:b1:36:68:47:e6:62:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=bb1600e7ce39975e460bbf1344b83db4c20be3f720843d8b7839b68a407fe226, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:b6:19:78:5f:fd:5f:b5:05:16:fc:9a:2f:f6:
1c:a4:9d:2d:81:32:66:ec:dd:3c:29:88:b1:d7:55:
90:96:eb:69:48:a9:21:e1:69:91:30:e8:01:9a:76:
24:37:71:e3:bd:6f:1c:84:ba:65:75:ee:0f:85:1a:
82:15:6f:27:a7:40:3b:8e:c2:87:bd:a8:ea:8c:dd:
c7:4c:78:5b:88:c5:68:5f:3d:a8:60:a4:dd:07:a8:
2e:c8:4a:5f:e0:8f:cf:77:bc:1a:41:54:b3:a4:12:
c4:3a:3f:be:c1:5a:e3:3f:d0:b7:e1:a6:ad:30:aa:
30:20:45:e3:bc:e0:4f:43:c2:1c:43:d5:2f:fd:da:
94:dd:74:1b:76:2f:82:4a:e9:86:66:37:c3:db:7c:
a5:dc:f9:59:21:51:32:9a:00:eb:a8:cb:00:0e:21:
3a:6a:24:40:a2:93:7d:77:0b:a4:da:57:31:c6:69:
b2:6b:0c:46:fd:73:dd:87:05:3e:8b:c2:cd:cf:12:
78:14:a3:39:1d:4b:80:bb:12:5a:38:58:02:df:1f:
c8:98:5d:6e:f6:d3:af:93:06:92:b5:31:1b:12:fc:
73:52:b5:4f:07:f0:f7:dd:a8:a4:5b:cb:51:47:8c:
7d:4b:1d:d0:37:36:57:45:66:0b:69:d9:27:78:ce:
a0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
39:8A:A0:2B:BE:88:9B:B6:17:08:E7:41:61:F6:8C:C1:A3:67:07:44
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a75eda97-cc53-4a04-9991-af2bfeeed825.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:9000::/40
Signature Algorithm: sha256WithRSAEncryption
37:98:80:ea:60:8b:b0:35:74:d3:3a:88:de:38:df:8f:04:5e:
8a:92:ee:02:17:af:f4:58:7f:fb:cc:4a:f8:a1:b4:fc:3d:4d:
b6:90:01:3e:bc:e9:77:c4:0b:21:13:73:77:63:ef:5d:7f:0b:
97:68:8b:4a:2c:a5:e0:f4:39:4e:11:59:41:47:52:33:d4:f3:
bf:9d:a7:88:cc:dd:d7:f3:a1:7a:3b:80:37:c5:66:fd:75:0a:
ac:73:0e:1c:ce:2d:a1:bc:8a:e3:be:09:78:e5:42:42:a8:57:
25:f0:62:75:1a:6b:28:6a:b4:e4:84:a2:5a:ac:12:08:2d:13:
ca:3d:9b:5e:1e:df:9a:04:7c:39:63:8d:fb:16:e4:1b:fc:4a:
f8:17:2a:c2:b5:f3:95:f1:3d:53:a3:da:f1:21:20:f0:45:49:
16:aa:a7:ae:61:81:69:8b:17:cb:7b:69:c8:69:b4:8c:7f:ad:
03:de:65:7f:8b:40:1f:44:1b:ad:25:89:54:5a:cc:a1:67:88:
ed:d4:06:08:e0:77:cb:50:87:f0:88:55:33:ae:70:78:d6:3a:
17:6a:c3:bb:fe:63:b2:7b:38:fc:96:c3:7e:f9:13:fb:54:33:
df:25:b9:3b:3f:60:d7:55:ed:31:7b:db:b1:a9:8b:ac:58:4b:
57:9f:19:81
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeMxaPnREbNBHxNe3CrE2aEfmYlIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiMTYwMGU3Y2UzOTk3NWU0NjBiYmYxMzQ0YjgzZGI0YzIwYmUzZjcyMDg0
M2Q4Yjc4MzliNjhhNDA3ZmUyMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMC2GXhf/V+1BRb8mi/2HKSdLYEyZuzdPCmIsddVkJbraUipIeFpkTDoAZp2
JDdx471vHIS6ZXXuD4UaghVvJ6dAO47Ch72o6ozdx0x4W4jFaF89qGCk3QeoLshK
X+CPz3e8GkFUs6QSxDo/vsFa4z/Qt+GmrTCqMCBF47zgT0PCHEPVL/3alN10G3Yv
gkrphmY3w9t8pdz5WSFRMpoA66jLAA4hOmokQKKTfXcLpNpXMcZpsmsMRv1z3YcF
PovCzc8SeBSjOR1LgLsSWjhYAt8fyJhdbvbTr5MGkrUxGxL8c1K1Twfw992opFvL
UUeMfUsd0Dc2V0VmC2nZJ3jOoBMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ5iqAr
voibthcI50Fh9ozBo2cHRDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTc1ZWRhOTctY2M1My00YTA0LTk5OTEtYWYyYmZlZWVkODI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA3mIDqYIuwNXTTOojeON+PBF6Kku4CF6/0WH/7
zEr4obT8PU22kAE+vOl3xAshE3N3Y+9dfwuXaItKLKXg9DlOEVlBR1Iz1PO/naeI
zN3X86F6O4A3xWb9dQqscw4czi2hvIrjvgl45UJCqFcl8GJ1GmsoarTkhKJarBII
LRPKPZteHt+aBHw5Y437FuQb/Er4FyrCtfOV8T1To9rxISDwRUkWqqeuYYFpixfL
e2nIabSMf60D3mV/i0AfRButJYlUWsyhZ4jt1AYI4HfLUIfwiFUzrnB41joXasO7
/mOyezj8lsN++RP7VDPfJbk7P2DXVe0xe9uxqYusWEtXnxmB
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:29 2025 by rpki-client