Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc8b5e2d-b0f1-4159-899a-3f32cb08a825.roa
File: cc8b5e2d-b0f1-4159-899a-3f32cb08a825.roa (raw, json)
Hash identifier: vvzTx/72BWCr/+Ih9vruXZ3TKMYghWvlwewFKNeLE7A=
Subject key identifier: D5:1F:30:B8:F3:C7:A8:E1:FD:E9:D1:19:7A:D0:68:6E:BF:7C:82:36
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59A4FA3B6366A2A4F16515493327EAAD25B4B15D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc8b5e2d-b0f1-4159-899a-3f32cb08a825.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d019::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:a4:fa:3b:63:66:a2:a4:f1:65:15:49:33:27:ea:ad:25:b4:b1:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=ecb28cd7c984f2358bcfd9f75135acefc723e37c292edab186b1daa45ae19d5e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:80:31:a1:65:2c:8e:5e:42:b3:55:14:c5:27:
de:7f:98:82:cd:5b:4d:5a:48:f3:e1:63:21:15:df:
19:59:5e:a0:fb:95:cd:21:6b:34:8f:bf:67:e9:84:
82:44:54:73:e4:88:c8:40:60:ca:c2:eb:6e:ae:e2:
1c:a1:c3:35:e4:ab:83:fa:14:f8:99:06:b0:e4:3a:
55:71:4f:ad:af:3e:09:d8:e9:56:bb:72:f9:26:90:
ea:87:c3:70:cb:28:43:37:c8:10:c3:f1:e8:78:42:
50:65:99:6b:a3:ac:63:22:b3:1a:e4:85:25:55:b2:
63:b9:41:e6:a0:e4:92:2f:73:4c:80:b1:e7:80:e1:
54:8a:70:d2:a7:af:4c:30:91:19:fa:2b:f7:78:47:
24:6e:6a:20:67:a1:5a:de:83:f7:10:2a:24:22:74:
27:b0:b3:4d:71:55:a2:45:c4:7c:dc:37:e3:01:05:
89:8a:c2:d3:09:c2:c9:3a:f0:ca:bb:ee:85:b7:17:
89:6d:ee:02:bf:7b:6c:b4:a6:92:45:e6:ed:f9:a8:
83:28:5a:29:02:08:17:0d:93:b0:12:c5:f3:22:e4:
78:1d:0f:14:8d:3e:d4:4f:d7:08:54:79:3d:76:d3:
7b:10:13:27:ce:ca:17:dd:ab:4a:a9:3c:b1:e7:86:
fa:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:1F:30:B8:F3:C7:A8:E1:FD:E9:D1:19:7A:D0:68:6E:BF:7C:82:36
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/cc8b5e2d-b0f1-4159-899a-3f32cb08a825.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d019::/36
Signature Algorithm: sha256WithRSAEncryption
9a:7b:03:8a:98:9a:1d:8f:77:2b:cd:41:61:17:51:6a:8b:5b:
82:cf:d6:90:50:06:3e:38:07:7f:8f:b9:65:aa:36:96:92:78:
1c:02:dc:be:a2:f3:e7:71:93:86:d0:dc:51:6a:cb:ec:60:6f:
0f:a5:17:78:9d:ac:92:30:4f:5f:48:0c:22:93:12:e9:c5:8b:
07:20:c7:2b:b0:54:19:6f:1c:02:c2:5f:cc:07:83:34:19:02:
5f:e2:17:e6:26:fe:2f:8d:da:4e:60:0f:ad:00:9f:b8:45:84:
02:c0:16:ec:9f:21:f0:98:9e:56:72:53:2d:ce:f7:f2:5c:1a:
a0:7c:16:df:60:53:40:b2:4c:1b:96:0e:02:5e:97:fb:60:b7:
7e:66:3c:1a:7d:bd:c6:92:c0:c3:28:96:cc:e1:18:dc:71:19:
a6:92:36:47:9d:da:2d:35:b7:da:8c:75:a2:d7:a0:74:57:49:
a9:35:5c:e9:d9:2a:ca:72:96:a8:9b:55:55:f5:00:6e:b7:77:
76:cd:9e:23:06:44:66:c5:54:f8:10:3c:07:51:2a:7f:2c:c8:
da:21:4b:1b:4d:de:cd:0e:94:25:16:03:02:e5:21:3c:07:52:
93:49:5c:b4:13:bd:8f:20:04:d8:1d:3c:20:5b:68:c2:75:a4:
f8:0d:f1:7f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWaT6O2NmoqTxZRVJMyfqrSW0sV0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVjYjI4Y2Q3Yzk4NGYyMzU4YmNmZDlmNzUxMzVhY2VmYzcyM2UzN2MyOTJl
ZGFiMTg2YjFkYWE0NWFlMTlkNWUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKGAMaFlLI5eQrNVFMUn3n+Ygs1bTVpI8+FjIRXfGVleoPuVzSFrNI+/Z+mE
gkRUc+SIyEBgysLrbq7iHKHDNeSrg/oU+JkGsOQ6VXFPra8+CdjpVrty+SaQ6ofD
cMsoQzfIEMPx6HhCUGWZa6OsYyKzGuSFJVWyY7lB5qDkki9zTICx54DhVIpw0qev
TDCRGfor93hHJG5qIGehWt6D9xAqJCJ0J7CzTXFVokXEfNw34wEFiYrC0wnCyTrw
yrvuhbcXiW3uAr97bLSmkkXm7fmogyhaKQIIFw2TsBLF8yLkeB0PFI0+1E/XCFR5
PXbTexATJ87KF92rSqk8seeG+ssCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTVHzC4
88eo4f3p0Rl60Ghuv3yCNjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Y2M4YjVlMmQtYjBmMS00MTU5LTg5OWEtM2YzMmNiMDhhODI1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BkA
MA0GCSqGSIb3DQEBCwUAA4IBAQCaewOKmJodj3crzUFhF1Fqi1uCz9aQUAY+OAd/
j7llqjaWkngcAty+ovPncZOG0NxRasvsYG8PpRd4naySME9fSAwikxLpxYsHIMcr
sFQZbxwCwl/MB4M0GQJf4hfmJv4vjdpOYA+tAJ+4RYQCwBbsnyHwmJ5WclMtzvfy
XBqgfBbfYFNAskwblg4CXpf7YLd+Zjwafb3GksDDKJbM4RjccRmmkjZHndotNbfa
jHWi16B0V0mpNVzp2SrKcpaom1VV9QBut3d2zZ4jBkRmxVT4EDwHUSp/LMjaIUsb
Td7NDpQlFgMC5SE8B1KTSVy0E72PIATYHTwgW2jCdaT4DfF/
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:08 2025 by rpki-client