Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f44e2851-6844-4150-9985-f362e9ff240c.roa
File: f44e2851-6844-4150-9985-f362e9ff240c.roa (raw, json)
Hash identifier: hFqLXygvAMsLtU84ZLptuV2HgtIhukgoKs27/OiScks=
Subject key identifier: 38:6D:6E:5D:A9:F6:CC:8C:3A:8D:C3:17:65:0D:D5:2E:8C:E0:8C:E6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0C753EA5825EE5C67E3D68389616BAA03D9CE5D4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f44e2851-6844-4150-9985-f362e9ff240c.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:6000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:75:3e:a5:82:5e:e5:c6:7e:3d:68:38:96:16:ba:a0:3d:9c:e5:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: serialNumber=6476ee3bf10799456ae65bed19536141361bbd7747cae06506e1a3350cd7b1ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:df:be:62:04:8b:d8:6f:56:41:c5:34:81:31:
e5:b1:1a:90:e0:ee:34:f1:92:9f:dd:40:87:f6:53:
1c:7d:52:46:2f:81:2e:61:7f:eb:e6:7d:2e:86:20:
de:11:40:ca:8e:d0:97:a9:f7:2b:e1:71:04:bc:7c:
22:db:6c:17:ca:2e:e3:76:c7:4a:76:e7:22:d8:31:
6b:22:5e:77:35:bb:c7:46:f1:17:02:c4:6d:09:c1:
3b:a0:ec:72:ee:f7:04:fa:4d:1a:05:46:36:35:04:
3d:a0:3f:f0:69:9c:3a:26:a9:bb:2f:7a:24:57:99:
82:56:ce:e0:e1:03:6c:15:51:1f:f9:f0:5a:a4:11:
27:bc:64:86:ff:5c:a1:37:9f:32:40:53:1e:d3:b1:
43:3f:0a:82:d2:96:a9:65:7d:74:4e:e6:f1:5b:4c:
4c:0e:30:33:b3:74:43:9c:1b:a3:78:32:4e:30:9a:
fe:14:62:59:3b:6a:86:6e:3f:c5:f4:e5:7b:75:db:
8e:d8:50:e9:b8:2c:89:bb:e0:bb:a3:d9:b6:3c:e8:
9c:82:17:0c:05:cd:42:f7:83:21:56:92:0a:f7:54:
7f:fe:59:a6:82:a6:20:0b:13:1e:f3:4c:e0:71:d5:
da:7e:e1:40:d5:71:ca:f8:1c:3d:30:4f:dd:1b:a3:
69:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:6D:6E:5D:A9:F6:CC:8C:3A:8D:C3:17:65:0D:D5:2E:8C:E0:8C:E6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f44e2851-6844-4150-9985-f362e9ff240c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:6000::/40
Signature Algorithm: sha256WithRSAEncryption
a4:53:1d:34:06:99:9f:a9:ff:a6:51:24:60:e7:ad:84:24:a8:
5e:d9:49:bc:0e:b5:0a:e6:ec:d6:c4:b4:77:db:af:94:53:a3:
4f:ac:ed:12:6a:24:f0:e9:af:48:ce:5e:18:f5:54:a0:9b:14:
27:9b:83:fb:2d:da:5c:70:33:79:ad:81:c2:52:28:f9:fc:c5:
bd:13:4b:da:53:80:7c:d0:50:e8:90:ce:79:ef:83:3a:e1:43:
05:cd:0a:86:85:d1:68:49:d3:75:43:79:aa:cc:fb:f2:b6:90:
ef:eb:75:e7:34:98:07:25:ed:b6:69:ee:97:dd:b2:91:18:a5:
19:9e:aa:76:07:99:66:db:08:d6:d8:5a:8b:d6:4e:06:a6:57:
b3:a9:31:d1:e0:11:f5:36:e1:87:f9:5b:66:a4:75:32:0c:71:
e1:3c:34:87:a9:93:09:db:a8:52:ac:e0:39:fa:7a:0e:d9:d7:
09:36:34:99:48:a1:12:f8:e9:24:12:78:f3:e0:da:36:5f:ef:
e7:5a:6d:d5:3c:12:37:4f:c8:9f:22:f9:d0:b0:b8:a4:29:e9:
5e:75:6c:ca:de:70:36:4f:b4:5e:99:f2:bb:b1:69:e5:ff:84:
b8:b2:62:18:cb:43:b2:f6:46:45:30:e0:cc:49:25:ae:f6:41:
dd:eb:3f:69
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDHU+pYJe5cZ+PWg4lha6oD2c5dQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0NzZlZTNiZjEwNzk5NDU2YWU2NWJlZDE5NTM2MTQxMzYxYmJkNzc0N2Nh
ZTA2NTA2ZTFhMzM1MGNkN2IxZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANnfvmIEi9hvVkHFNIEx5bEakODuNPGSn91Ah/ZTHH1SRi+BLmF/6+Z9LoYg
3hFAyo7Ql6n3K+FxBLx8IttsF8ou43bHSnbnItgxayJedzW7x0bxFwLEbQnBO6Ds
cu73BPpNGgVGNjUEPaA/8GmcOiapuy96JFeZglbO4OEDbBVRH/nwWqQRJ7xkhv9c
oTefMkBTHtOxQz8KgtKWqWV9dE7m8VtMTA4wM7N0Q5wbo3gyTjCa/hRiWTtqhm4/
xfTle3XbjthQ6bgsibvgu6PZtjzonIIXDAXNQveDIVaSCvdUf/5ZpoKmIAsTHvNM
4HHV2n7hQNVxyvgcPTBP3RujaTUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ4bW5d
qfbMjDqNwxdlDdUujOCM5jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjQ0ZTI4NTEtNjg0NC00MTUwLTk5ODUtZjM2MmU5ZmYyNDBjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DJg
MA0GCSqGSIb3DQEBCwUAA4IBAQCkUx00Bpmfqf+mUSRg562EJKhe2Um8DrUK5uzW
xLR326+UU6NPrO0SaiTw6a9Izl4Y9VSgmxQnm4P7LdpccDN5rYHCUij5/MW9E0va
U4B80FDokM5574M64UMFzQqGhdFoSdN1Q3mqzPvytpDv63XnNJgHJe22ae6X3bKR
GKUZnqp2B5lm2wjW2FqL1k4GplezqTHR4BH1NuGH+VtmpHUyDHHhPDSHqZMJ26hS
rOA5+noO2dcJNjSZSKES+OkkEnjz4No2X+/nWm3VPBI3T8ifIvnQsLikKeledWzK
3nA2T7RemfK7sWnl/4S4smIYy0Oy9kZFMODMSSWu9kHd6z9p
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:37 2025 by rpki-client