Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01060bed-8b00-41db-905e-7e744843b50f.roa
File: 01060bed-8b00-41db-905e-7e744843b50f.roa (raw, json)
Hash identifier: 2dVVBI44rtdA6FOc/EPUjKW50Zpx1KPgr1vek+C/gQI=
Subject key identifier: 0D:4F:FD:BD:D6:1A:80:D0:66:8E:24:B4:2D:72:C4:13:57:86:65:0A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 779FE4F8B66BB97DC052B7300D70473D63D3727E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01060bed-8b00-41db-905e-7e744843b50f.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:9000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:9f:e4:f8:b6:6b:b9:7d:c0:52:b7:30:0d:70:47:3d:63:d3:72:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=3de4fdc28c4b63dfe8257c477403ca66b1f5574a428c5d745132bfc243cdb1d5, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:45:63:1d:5c:2c:dc:36:4e:6a:ac:ee:67:e0:
b1:80:ff:51:e6:0e:53:af:e3:54:25:1a:e1:13:55:
12:99:b2:7c:03:99:b8:f5:7c:85:2b:20:30:4b:08:
de:7f:c8:35:fd:8a:e4:4f:00:4b:0f:d7:13:a5:9b:
5a:7e:c2:45:fb:b5:69:8b:9e:5f:fe:f7:65:80:33:
86:d2:93:e6:73:92:cf:d3:92:ce:cd:97:fc:c8:fc:
09:f3:76:e1:4e:0e:4f:62:3e:4b:4a:4c:bc:11:c7:
5f:72:db:15:af:97:c6:ab:f2:71:7f:5a:6f:45:ec:
3d:0e:f2:fa:f5:a6:9e:7e:21:38:1a:21:86:83:fe:
78:a0:de:75:89:1c:f7:2d:0c:d0:e1:2a:f0:9b:a0:
10:4e:45:d4:8e:69:79:e7:e7:02:da:36:29:fd:71:
33:72:9e:18:37:d1:df:ea:05:ff:be:da:92:1f:63:
92:1b:66:22:84:0d:62:b9:e0:48:a2:03:29:aa:45:
df:53:1f:06:dc:3c:ff:44:80:5e:d8:d2:03:fc:2c:
cd:6a:12:f3:d9:59:5a:fa:fe:8b:55:3e:a2:96:08:
24:ff:9d:7e:14:40:b1:71:09:af:9f:30:23:86:0f:
27:0d:fe:72:63:2d:cc:d8:3e:12:a9:bf:2e:f0:56:
7b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:4F:FD:BD:D6:1A:80:D0:66:8E:24:B4:2D:72:C4:13:57:86:65:0A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/01060bed-8b00-41db-905e-7e744843b50f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:9000::/40
Signature Algorithm: sha256WithRSAEncryption
aa:2c:ef:ff:f1:3a:93:36:94:16:fe:bb:23:2d:ad:0a:12:19:
0a:cd:1c:87:95:6b:4c:06:f3:a0:b7:92:f6:af:24:f9:c6:fb:
7a:41:3d:23:64:af:5e:ba:ca:5e:96:55:2a:be:72:3d:6d:d0:
1b:63:54:0d:c0:8b:40:90:4f:db:ad:4d:ba:71:ef:5a:5e:9f:
3f:a6:0f:a1:a4:67:ce:c6:d4:96:56:7e:c4:f2:8b:34:7a:60:
ad:e5:cf:ac:5b:4d:e1:3f:6a:05:3f:7e:0f:be:79:32:08:d4:
c9:49:6a:d0:68:e6:ec:7e:ff:e5:ae:2e:c3:ca:04:bc:0e:36:
b9:a5:7a:b9:15:bd:e8:cd:f7:df:58:46:0c:d2:d8:06:4d:2a:
09:35:e6:7b:8f:ad:d8:da:04:5a:ae:51:7e:5a:ca:f5:9c:12:
27:c5:ae:c4:10:7a:a4:56:7d:63:45:69:63:64:3a:17:a0:2c:
47:ab:b7:44:22:ca:3b:fd:82:e3:99:f0:14:33:1f:7f:15:51:
fd:ff:1a:b4:c3:77:cb:d5:a4:86:03:d7:52:0b:24:8c:a1:ce:
27:c9:3f:b9:08:4f:b3:b8:79:eb:9f:5d:77:53:68:b5:7f:76:
54:da:80:8a:78:d7:43:3a:34:10:60:89:f5:46:37:12:1a:c2:
9a:50:ed:33
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd5/k+LZruX3AUrcwDXBHPWPTcn4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNkZTRmZGMyOGM0YjYzZGZlODI1N2M0Nzc0MDNjYTY2YjFmNTU3NGE0Mjhj
NWQ3NDUxMzJiZmMyNDNjZGIxZDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMxFYx1cLNw2Tmqs7mfgsYD/UeYOU6/jVCUa4RNVEpmyfAOZuPV8hSsgMEsI
3n/INf2K5E8ASw/XE6WbWn7CRfu1aYueX/73ZYAzhtKT5nOSz9OSzs2X/Mj8CfN2
4U4OT2I+S0pMvBHHX3LbFa+XxqvycX9ab0XsPQ7y+vWmnn4hOBohhoP+eKDedYkc
9y0M0OEq8JugEE5F1I5peefnAto2Kf1xM3KeGDfR3+oF/77akh9jkhtmIoQNYrng
SKIDKapF31MfBtw8/0SAXtjSA/wszWoS89lZWvr+i1U+opYIJP+dfhRAsXEJr58w
I4YPJw3+cmMtzNg+Eqm/LvBWe90CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQNT/29
1hqA0GaOJLQtcsQTV4ZlCjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDEwNjBiZWQtOGIwMC00MWRiLTkwNWUtN2U3NDQ4NDNiNTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HuQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCqLO//8TqTNpQW/rsjLa0KEhkKzRyHlWtMBvOg
t5L2ryT5xvt6QT0jZK9euspellUqvnI9bdAbY1QNwItAkE/brU26ce9aXp8/pg+h
pGfOxtSWVn7E8os0emCt5c+sW03hP2oFP34PvnkyCNTJSWrQaObsfv/lri7DygS8
Dja5pXq5Fb3ozfffWEYM0tgGTSoJNeZ7j63Y2gRarlF+Wsr1nBInxa7EEHqkVn1j
RWljZDoXoCxHq7dEIso7/YLjmfAUMx9/FVH9/xq0w3fL1aSGA9dSCySMoc4nyT+5
CE+zuHnrn113U2i1f3ZU2oCKeNdDOjQQYIn1RjcSGsKaUO0z
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:18 2025 by rpki-client