Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa
File: d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa (raw, json)
Hash identifier: rCHLOEYldV4aBynAPRtgs6VgjDEf1ujr5DTtQdLtyrE=
Subject key identifier: FB:02:1A:80:C9:12:19:4D:09:BB:87:16:72:B1:B6:F2:6D:8C:55:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3EADC5CE71EA5501705E811103BAC4CCDC9E888F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:1000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:ad:c5:ce:71:ea:55:01:70:5e:81:11:03:ba:c4:cc:dc:9e:88:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=5e075664220cd16c01f5187eb989e9c6dd96d106472fb7dd0f21e49388879c07, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:ed:f7:c1:f6:7b:8d:79:0a:df:13:19:30:07:
b9:d0:bd:ab:76:ce:ef:32:0b:c9:01:a7:75:dd:1c:
2a:07:2f:a0:a2:12:df:08:4b:01:f2:f5:a7:b4:0f:
90:18:50:08:dc:a0:3d:b2:0a:37:a6:86:a7:9a:7e:
1c:81:8d:a4:26:6a:f7:89:de:87:00:26:fd:75:4a:
64:30:e2:4b:68:26:8c:a9:1a:99:7d:9d:ed:13:28:
2e:20:7e:42:58:a8:2b:96:0e:fc:89:0a:8d:41:9f:
c3:35:03:15:c1:fb:c9:66:98:ab:e1:de:f3:6e:29:
1e:53:d1:da:ca:8c:b2:a2:1c:98:8e:bc:fa:ae:a0:
23:2e:dd:0b:75:a0:c2:2f:72:1b:b5:ad:82:ec:f6:
ab:5a:84:de:c9:5d:95:9d:33:9f:ae:d0:f2:fa:7d:
b1:80:1d:e8:e1:ba:ae:ea:36:2b:2d:ff:cb:ec:29:
af:89:38:ec:e0:83:8c:f6:cc:06:7b:61:05:93:a5:
b9:5c:5c:a6:22:f0:f1:b0:55:da:23:7d:3f:9d:fc:
8a:ab:b2:a4:39:f7:8a:69:2e:e6:bb:e0:b0:c3:60:
cd:7f:ef:35:52:5b:c5:47:ea:88:5a:59:09:5d:77:
59:45:e9:04:84:2f:62:fe:dc:f5:82:84:8e:2f:37:
aa:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:02:1A:80:C9:12:19:4D:09:BB:87:16:72:B1:B6:F2:6D:8C:55:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d67752ef-5be4-49e1-bfb3-b6ad809586e1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:1000::/40
Signature Algorithm: sha256WithRSAEncryption
03:d2:31:7d:30:0f:ab:ac:58:00:f5:74:fe:22:b7:9f:10:1e:
2f:25:64:3d:f3:be:2b:0a:27:af:9b:f7:fe:f8:a9:0a:be:df:
12:e0:4a:9f:1c:63:b0:b9:2a:19:fe:25:93:a2:ad:7a:93:87:
21:ee:16:be:6a:ea:06:15:f3:e3:b5:74:2a:75:22:e3:df:fd:
7b:c3:01:10:14:84:22:aa:67:d4:b1:9b:7b:c1:40:83:cb:3b:
eb:a5:93:f1:fb:1b:63:55:81:f9:7d:b7:fc:0c:bf:f0:36:66:
53:44:5d:5d:3e:74:10:48:d8:ba:5b:8e:6e:d8:38:95:4c:f3:
46:87:34:b0:93:3d:a9:fa:33:27:e6:21:4a:ce:24:29:ce:05:
ba:9f:31:67:f5:cb:ef:d2:e9:68:8a:4c:77:2e:03:58:54:33:
17:19:c4:f6:62:a0:48:42:25:dc:72:f0:85:48:9c:1b:04:89:
ab:05:05:5a:1a:2b:e4:7e:56:bd:a4:42:2b:69:f2:d9:be:b9:
3f:93:67:1a:4e:4d:b2:bd:13:b3:67:a6:ba:d5:1b:f9:cf:9c:
22:10:92:ae:a5:a0:bb:ab:e0:c8:6b:be:f9:b0:8b:d4:ef:44:
5e:92:c1:1e:5d:9f:86:ea:7d:38:8d:67:92:2a:2b:e6:cc:2b:
d5:3e:d3:37
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPq3FznHqVQFwXoERA7rEzNyeiI8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVlMDc1NjY0MjIwY2QxNmMwMWY1MTg3ZWI5ODllOWM2ZGQ5NmQxMDY0NzJm
YjdkZDBmMjFlNDkzODg4NzljMDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMrt98H2e415Ct8TGTAHudC9q3bO7zILyQGndd0cKgcvoKIS3whLAfL1p7QP
kBhQCNygPbIKN6aGp5p+HIGNpCZq94nehwAm/XVKZDDiS2gmjKkamX2d7RMoLiB+
QlioK5YO/IkKjUGfwzUDFcH7yWaYq+He824pHlPR2sqMsqIcmI68+q6gIy7dC3Wg
wi9yG7Wtguz2q1qE3sldlZ0zn67Q8vp9sYAd6OG6ruo2Ky3/y+wpr4k47OCDjPbM
BnthBZOluVxcpiLw8bBV2iN9P538iquypDn3imku5rvgsMNgzX/vNVJbxUfqiFpZ
CV13WUXpBIQvYv7c9YKEji83qj0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT7AhqA
yRIZTQm7hxZysbbybYxVKDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDY3NzUyZWYtNWJlNC00OWUxLWJmYjMtYjZhZDgwOTU4NmUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HsQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAD0jF9MA+rrFgA9XT+IrefEB4vJWQ9874rCiev
m/f++KkKvt8S4EqfHGOwuSoZ/iWToq16k4ch7ha+auoGFfPjtXQqdSLj3/17wwEQ
FIQiqmfUsZt7wUCDyzvrpZPx+xtjVYH5fbf8DL/wNmZTRF1dPnQQSNi6W45u2DiV
TPNGhzSwkz2p+jMn5iFKziQpzgW6nzFn9cvv0uloikx3LgNYVDMXGcT2YqBIQiXc
cvCFSJwbBImrBQVaGivkfla9pEIrafLZvrk/k2caTk2yvROzZ6a61Rv5z5wiEJKu
paC7q+DIa775sIvU70ReksEeXZ+G6n04jWeSKivmzCvVPtM3
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:35 2025 by rpki-client