Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba508b2b-e1e6-4e3b-8c63-d3f785854119.roa
File: ba508b2b-e1e6-4e3b-8c63-d3f785854119.roa (raw, json)
Hash identifier: Z3cKSrn5RhBfrIbPtE7THVoC5i5lPa/MR+E2VVmdDzU=
Subject key identifier: B1:D9:AC:2C:0F:D4:6E:F6:9C:95:71:69:E3:4A:8C:9A:D8:68:FA:BE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2A8FF2C0524BD221167A193B2B112958E135AA1D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba508b2b-e1e6-4e3b-8c63-d3f785854119.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:8f:f2:c0:52:4b:d2:21:16:7a:19:3b:2b:11:29:58:e1:35:aa:1d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=de3252217cf970d0ff633da1b240d061ff68b5da842fe3c0994664757df7ec61, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:4f:7d:73:82:5e:21:8b:de:36:5a:52:9a:a4:
8d:0e:a5:08:07:9f:2a:1a:14:10:54:ee:48:b8:88:
a8:f2:ed:1e:a5:f8:0d:67:6c:7c:ab:4e:23:1f:1d:
90:02:3a:b6:eb:b8:03:c4:7d:b1:ce:ca:c8:4f:d2:
bd:e3:ce:8f:68:d4:33:be:b7:4d:69:ff:a3:8d:2d:
20:20:8a:cf:0b:c9:bf:40:fa:a5:a0:09:6b:72:33:
ae:31:cf:29:56:ee:ba:93:26:cb:40:2e:35:5d:20:
9a:a3:19:2f:81:89:cf:9f:40:fb:e6:15:64:ff:91:
ab:c6:e5:e7:0b:37:d0:92:71:1c:19:28:56:ba:bc:
00:ef:cd:cb:0c:d0:9f:ec:73:ee:65:89:f2:06:a9:
6d:25:ae:45:cf:03:6e:37:05:82:13:57:11:10:0a:
fc:9a:f5:32:e2:8e:eb:df:f1:8f:13:e9:c1:c5:11:
51:d2:e9:33:1b:66:6a:a5:37:2c:c5:0d:2d:fb:36:
83:b6:0c:74:96:6d:dc:4f:d7:d9:11:ec:01:e6:95:
4c:00:58:49:ff:b4:55:6d:0e:c6:34:b6:53:dd:2e:
00:5b:d7:09:ab:84:5a:ea:63:c0:65:de:73:6e:3a:
3e:3a:d0:25:19:aa:73:00:c9:17:01:20:d3:47:85:
ed:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:D9:AC:2C:0F:D4:6E:F6:9C:95:71:69:E3:4A:8C:9A:D8:68:FA:BE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ba508b2b-e1e6-4e3b-8c63-d3f785854119.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040:4000::/40
Signature Algorithm: sha256WithRSAEncryption
9b:a4:23:99:5e:9c:34:64:ef:c4:0d:cd:ee:9f:92:59:6c:f0:
b0:eb:e7:de:65:e1:28:17:15:84:7b:74:eb:7f:f7:40:20:af:
21:82:ff:6d:ae:38:ac:96:85:c7:34:2d:fe:d9:31:34:81:19:
5d:ed:85:87:a2:2d:67:48:9f:92:20:7a:a4:cf:38:58:e5:3b:
60:f0:a5:78:97:45:06:bc:7b:15:4f:a9:15:0f:c8:40:f7:8f:
f2:10:a4:b6:bb:02:75:3c:4b:a7:47:64:8c:5d:c0:8b:b4:b6:
f1:d7:2c:af:96:9f:77:9a:8c:f1:f6:67:0f:51:60:a2:e4:34:
58:ef:1b:d5:c7:7d:fa:84:7b:6c:03:57:da:1c:d3:66:26:95:
c9:ce:a3:65:b4:6d:c2:0c:25:7a:13:e1:16:aa:80:1f:86:25:
fb:a6:77:3a:1d:f1:13:15:b8:f0:e3:80:25:62:47:26:b2:2a:
62:2d:e4:03:83:d9:9c:4f:fa:d3:59:72:4d:dc:79:68:6f:c2:
0c:5e:8f:30:9b:ff:d6:21:a3:4d:76:88:45:6b:31:6d:01:86:
3f:8d:93:d3:33:38:c9:58:90:ea:2f:df:83:38:b3:8d:f7:c0:
48:b4:28:9d:3d:23:f7:78:22:ba:97:b5:cf:26:37:23:74:2f:
2d:42:3d:a1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKo/ywFJL0iEWehk7KxEpWOE1qh0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGRlMzI1MjIxN2NmOTcwZDBmZjYzM2RhMWIyNDBkMDYxZmY2OGI1ZGE4NDJm
ZTNjMDk5NDY2NDc1N2RmN2VjNjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKpPfXOCXiGL3jZaUpqkjQ6lCAefKhoUEFTuSLiIqPLtHqX4DWdsfKtOIx8d
kAI6tuu4A8R9sc7KyE/SvePOj2jUM763TWn/o40tICCKzwvJv0D6paAJa3IzrjHP
KVbuupMmy0AuNV0gmqMZL4GJz59A++YVZP+Rq8bl5ws30JJxHBkoVrq8AO/NywzQ
n+xz7mWJ8gapbSWuRc8DbjcFghNXERAK/Jr1MuKO69/xjxPpwcURUdLpMxtmaqU3
LMUNLfs2g7YMdJZt3E/X2RHsAeaVTABYSf+0VW0OxjS2U90uAFvXCauEWupjwGXe
c246PjrQJRmqcwDJFwEg00eF7eMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSx2aws
D9Ru9pyVcWnjSoya2Gj6vjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmE1MDhiMmItZTFlNi00ZTNiLThjNjMtZDNmNzg1ODU0MTE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0EBA
MA0GCSqGSIb3DQEBCwUAA4IBAQCbpCOZXpw0ZO/EDc3un5JZbPCw6+feZeEoFxWE
e3Trf/dAIK8hgv9trjisloXHNC3+2TE0gRld7YWHoi1nSJ+SIHqkzzhY5Ttg8KV4
l0UGvHsVT6kVD8hA94/yEKS2uwJ1PEunR2SMXcCLtLbx1yyvlp93mozx9mcPUWCi
5DRY7xvVx336hHtsA1faHNNmJpXJzqNltG3CDCV6E+EWqoAfhiX7pnc6HfETFbjw
44AlYkcmsipiLeQDg9mcT/rTWXJN3Hlob8IMXo8wm//WIaNNdohFazFtAYY/jZPT
MzjJWJDqL9+DOLON98BItCidPSP3eCK6l7XPJjcjdC8tQj2h
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:26 2025 by rpki-client