Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9de8135-15d5-4e2d-91da-2744e9de020d.roa
File: f9de8135-15d5-4e2d-91da-2744e9de020d.roa (raw, json)
Hash identifier: 5tv1WliHmNZ7DQvyNuX0dzxKy6UttfL5hNL3wF2mJQ0=
Subject key identifier: 5F:7A:FD:57:BD:7E:73:96:28:44:42:B9:9D:8F:CD:2D:6B:07:31:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1457A2D954F71E7D9F2C7392F048306BFE62B787
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9de8135-15d5-4e2d-91da-2744e9de020d.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:c000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:57:a2:d9:54:f7:1e:7d:9f:2c:73:92:f0:48:30:6b:fe:62:b7:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=347c91dd671d9946cf484166a109c5e288cb3f024023603b10b60d76d4292379, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:e0:be:a3:34:fc:b3:d7:7a:e0:a2:58:4f:59:
f1:54:ee:c3:09:d9:57:1f:5b:2a:8e:0b:1a:60:90:
29:74:d0:39:1c:8c:e3:9d:6b:78:0d:44:c3:74:1c:
2a:0b:2e:45:46:be:3a:39:d8:2c:53:66:4f:28:7b:
9e:c3:0b:74:d1:23:2f:d1:07:9c:46:78:75:fd:cd:
6b:84:d3:b8:d3:b1:53:65:1c:85:d9:30:b6:b2:c9:
b4:1f:f0:0a:52:d9:ad:46:b7:ea:66:85:3e:cb:b3:
2c:15:9f:c3:f7:79:cf:25:c7:6e:86:aa:af:d3:34:
2f:6b:fb:8d:5b:53:7f:fb:b5:f4:8a:2e:71:ca:0f:
e7:31:4b:d4:82:0a:ad:9f:59:17:c3:b8:ec:64:a2:
e8:95:da:cf:97:85:79:52:0c:36:53:6a:eb:a1:be:
ab:df:43:80:b4:38:a5:f8:cc:0d:ab:74:8f:62:44:
7e:11:73:f0:2f:bb:51:78:54:28:c1:03:bb:84:78:
e2:67:d2:9e:43:93:c5:a0:27:6e:2e:ad:aa:8c:59:
5f:18:cb:0b:18:60:91:4f:cc:57:b6:cc:a7:39:56:
2f:22:29:f4:9a:82:7a:09:e6:1b:ac:7f:84:63:8c:
6f:86:c3:c4:ae:52:3a:33:6f:c7:34:d2:23:b4:45:
43:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:7A:FD:57:BD:7E:73:96:28:44:42:B9:9D:8F:CD:2D:6B:07:31:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f9de8135-15d5-4e2d-91da-2744e9de020d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
72:62:cd:ea:76:f1:49:08:7a:da:6e:61:a4:6c:f8:b4:c3:64:
6f:05:79:ff:c5:59:eb:07:20:35:3d:af:72:27:ec:57:7c:eb:
d6:1c:0b:35:b7:ef:01:ba:17:d6:ba:28:88:5a:66:2f:a6:70:
33:5a:80:58:f5:a0:78:43:37:79:ba:55:ad:fd:0d:a9:2a:74:
68:ca:0e:f4:02:3e:51:7a:d7:68:b4:f3:90:ac:b0:d1:7b:d6:
3b:47:16:07:c4:1b:9f:74:b2:eb:a5:22:81:d0:28:ea:99:49:
d9:09:e2:e2:0c:19:a5:f9:21:bb:30:1c:52:21:bc:16:8a:f1:
51:81:bd:94:15:8d:c7:d7:61:34:d0:23:35:68:55:69:78:6c:
84:c8:ca:19:47:b0:97:ea:63:1e:7f:61:c1:16:7f:c7:75:37:
15:38:9c:84:3d:a9:d0:2a:ab:da:d7:4c:9a:dc:3b:b7:cf:40:
b5:4b:59:11:9f:53:c2:30:a7:7a:e9:d5:85:37:d5:8e:03:4d:
f5:31:a1:18:28:3a:be:f4:b4:db:dc:44:ae:48:c1:6c:65:f8:
a2:9b:21:0f:29:4d:69:2f:53:fb:10:41:a5:bc:a2:6c:ec:66:
81:4c:2a:0c:46:e9:a4:20:bf:1b:f2:aa:f4:0c:2b:09:28:8a:
80:f3:02:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFFei2VT3Hn2fLHOS8Egwa/5it4cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM0N2M5MWRkNjcxZDk5NDZjZjQ4NDE2NmExMDljNWUyODhjYjNmMDI0MDIz
NjAzYjEwYjYwZDc2ZDQyOTIzNzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANXgvqM0/LPXeuCiWE9Z8VTuwwnZVx9bKo4LGmCQKXTQORyM451reA1Ew3Qc
KgsuRUa+OjnYLFNmTyh7nsMLdNEjL9EHnEZ4df3Na4TTuNOxU2UchdkwtrLJtB/w
ClLZrUa36maFPsuzLBWfw/d5zyXHboaqr9M0L2v7jVtTf/u19IouccoP5zFL1IIK
rZ9ZF8O47GSi6JXaz5eFeVIMNlNq66G+q99DgLQ4pfjMDat0j2JEfhFz8C+7UXhU
KMEDu4R44mfSnkOTxaAnbi6tqoxZXxjLCxhgkU/MV7bMpzlWLyIp9JqCegnmG6x/
hGOMb4bDxK5SOjNvxzTSI7RFQykCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRfev1X
vX5zlihEQrmdj80tawcxlTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjlkZTgxMzUtMTVkNS00ZTJkLTkxZGEtMjc0NGU5ZGUwMjBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQByYs3qdvFJCHrabmGkbPi0w2RvBXn/xVnrByA1
Pa9yJ+xXfOvWHAs1t+8BuhfWuiiIWmYvpnAzWoBY9aB4Qzd5ulWt/Q2pKnRoyg70
Aj5RetdotPOQrLDRe9Y7RxYHxBufdLLrpSKB0CjqmUnZCeLiDBml+SG7MBxSIbwW
ivFRgb2UFY3H12E00CM1aFVpeGyEyMoZR7CX6mMef2HBFn/HdTcVOJyEPanQKqva
10ya3Du3z0C1S1kRn1PCMKd66dWFN9WOA031MaEYKDq+9LTb3ESuSMFsZfiimyEP
KU1pL1P7EEGlvKJs7GaBTCoMRumkIL8b8qr0DCsJKIqA8wIx
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:26:24 2025 by rpki-client