Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3b9479a-516a-4969-82fa-a0ee7531600b.roa
File: f3b9479a-516a-4969-82fa-a0ee7531600b.roa (raw, json)
Hash identifier: vNYulJwt5IHRA4CvtYeoZgrrIpSsi6X4GYbmMHVJmuo=
Subject key identifier: 21:69:9F:7E:37:56:53:3A:03:97:B8:A1:DF:51:A1:8B:EF:63:A3:E0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 67E44E7BDFF26C2BC90E5521E9F1C8642B0415DF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3b9479a-516a-4969-82fa-a0ee7531600b.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:6000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:e4:4e:7b:df:f2:6c:2b:c9:0e:55:21:e9:f1:c8:64:2b:04:15:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=b11466dfea071272c428885f978c68dd6aaa81df1f62ffa4fbddbc3eee0c3c80, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:11:ba:7a:6b:62:43:c9:79:9c:e3:d3:61:86:
fc:ba:63:b7:b7:80:38:2b:26:9b:14:06:fb:f0:36:
7f:35:16:aa:1f:aa:0a:57:b4:15:34:69:46:25:0d:
cd:98:85:1c:93:bd:d6:5b:ec:39:e0:20:e5:43:b8:
3f:5c:2e:43:bf:bd:8a:87:5e:71:9c:ee:7f:0c:3b:
39:2d:a9:a7:56:07:44:0c:02:00:87:53:75:06:49:
c1:ea:27:55:71:1b:8d:53:43:1b:a4:90:cf:13:10:
70:37:a4:4d:83:28:85:5e:71:dc:a9:49:94:3c:82:
c7:20:5b:fb:78:42:a6:92:ee:a1:9a:13:cc:68:1b:
60:37:dc:5c:0d:d1:ab:7d:86:c3:f4:f4:59:83:80:
59:d5:a5:d1:7b:91:d8:55:ec:e8:9f:27:0d:8b:62:
71:ab:b5:ac:48:32:cc:4e:d9:2d:19:6a:a4:2f:19:
5d:9b:f9:d2:2c:bf:26:00:fb:a0:13:56:77:1b:1f:
b1:51:d7:79:9f:d2:81:2f:15:06:1a:3d:6c:f7:ce:
00:8f:96:20:61:33:0d:ec:07:3f:52:4a:07:44:4d:
13:3e:48:fe:89:2d:2c:2f:31:f7:48:33:93:83:48:
ca:ea:11:7d:1d:59:4d:a1:60:7e:3d:25:a5:97:39:
11:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:69:9F:7E:37:56:53:3A:03:97:B8:A1:DF:51:A1:8B:EF:63:A3:E0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f3b9479a-516a-4969-82fa-a0ee7531600b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:6000::/40
Signature Algorithm: sha256WithRSAEncryption
98:b9:7e:3e:73:14:ed:dd:91:92:66:f0:8a:c8:dd:a6:c8:1e:
36:f1:f5:76:7b:65:59:fa:74:73:5c:36:64:f5:00:a3:ca:b3:
a2:9b:65:ea:b9:bd:df:1a:a4:5d:64:9b:6c:0e:ae:3f:37:a0:
77:8c:c1:24:01:80:7d:56:36:86:a4:68:be:d2:cc:56:78:dc:
7b:0e:5f:95:94:f6:8c:de:22:6c:dd:5d:9c:6c:6c:b2:5a:f5:
73:5b:f9:fb:78:f4:5f:53:30:f2:f8:94:bd:c8:9f:dc:d1:e5:
c0:22:5c:bf:ee:9d:31:af:99:f2:f8:47:60:2a:f3:74:83:64:
ac:de:4d:e7:00:4b:86:4d:23:41:83:28:bc:fd:f8:be:4a:56:
1c:e6:b0:53:94:2e:ce:cc:8c:5d:f7:38:9c:30:f4:4f:08:f1:
4f:3a:dd:bc:43:6f:24:d1:77:f8:ea:82:68:c4:24:d9:11:89:
30:12:ea:8d:c9:8d:e9:30:90:9d:3d:53:8e:35:de:6b:95:57:
3c:77:ff:6c:40:4b:6d:21:b8:c6:9e:12:6b:aa:4b:d7:cc:6a:
47:bc:d9:23:d0:29:56:20:ab:7b:76:5d:05:a8:78:03:13:15:
db:d5:f7:24:6c:a4:dd:61:bd:c6:fb:ec:c6:71:09:74:2b:40:
19:04:10:50
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUZ+ROe9/ybCvJDlUh6fHIZCsEFd8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTcwMDAwMDBaFw0yNTAxMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGIxMTQ2NmRmZWEwNzEyNzJjNDI4ODg1Zjk3OGM2OGRkNmFhYTgxZGYxZjYy
ZmZhNGZiZGRiYzNlZWUwYzNjODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIMRunprYkPJeZzj02GG/Lpjt7eAOCsmmxQG+/A2fzUWqh+qCle0FTRpRiUN
zZiFHJO91lvsOeAg5UO4P1wuQ7+9iodecZzufww7OS2pp1YHRAwCAIdTdQZJweon
VXEbjVNDG6SQzxMQcDekTYMohV5x3KlJlDyCxyBb+3hCppLuoZoTzGgbYDfcXA3R
q32Gw/T0WYOAWdWl0XuR2FXs6J8nDYticau1rEgyzE7ZLRlqpC8ZXZv50iy/JgD7
oBNWdxsfsVHXeZ/SgS8VBho9bPfOAI+WIGEzDewHP1JKB0RNEz5I/oktLC8x90gz
k4NIyuoRfR1ZTaFgfj0lpZc5ESsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQhaZ9+
N1ZTOgOXuKHfUaGL72Oj4DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjNiOTQ3OWEtNTE2YS00OTY5LTgyZmEtYTBlZTc1MzE2MDBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HRg
MA0GCSqGSIb3DQEBCwUAA4IBAQCYuX4+cxTt3ZGSZvCKyN2myB428fV2e2VZ+nRz
XDZk9QCjyrOim2Xqub3fGqRdZJtsDq4/N6B3jMEkAYB9VjaGpGi+0sxWeNx7Dl+V
lPaM3iJs3V2cbGyyWvVzW/n7ePRfUzDy+JS9yJ/c0eXAIly/7p0xr5ny+EdgKvN0
g2Ss3k3nAEuGTSNBgyi8/fi+SlYc5rBTlC7OzIxd9zicMPRPCPFPOt28Q28k0Xf4
6oJoxCTZEYkwEuqNyY3pMJCdPVOONd5rlVc8d/9sQEttIbjGnhJrqkvXzGpHvNkj
0ClWIKt7dl0FqHgDExXb1fckbKTdYb3G++zGcQl0K0AZBBBQ
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:10 2025 by rpki-client