Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fa23d6c-fd5a-4d4c-9504-fa93a22f52cb.roa
File: 0fa23d6c-fd5a-4d4c-9504-fa93a22f52cb.roa (raw, json)
Hash identifier: Z2QlQQee8eiZsTAdh2UDlCzJoBK/cxbJgCUM9qJkn4w=
Subject key identifier: ED:54:C1:C8:B8:29:32:7A:F1:40:4A:D4:E7:5E:BF:2B:FE:F6:20:75
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 442DACE4FC7749BFDB3C2627E7B5D4C853EC5BDB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fa23d6c-fd5a-4d4c-9504-fa93a22f52cb.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:2d:ac:e4:fc:77:49:bf:db:3c:26:27:e7:b5:d4:c8:53:ec:5b:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=a5496ee6704fe2c4b991aecdbd928bb9116a56467079e8ef9bcc041229ed2b3f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:5e:41:58:fd:8f:c9:17:3a:9b:ed:5c:a1:2f:
68:cd:1a:20:3c:64:66:7c:70:b6:1b:b0:0a:cc:8b:
da:f9:06:db:2c:9f:ef:4f:2d:d7:2a:8b:ef:5f:e2:
7d:4f:c2:90:b0:b4:76:dd:0d:18:36:27:fc:b2:b5:
25:fb:6b:5b:7e:31:d2:b7:23:53:a9:09:06:e3:01:
51:f4:08:e8:85:72:e2:59:57:e1:ab:b3:75:da:bf:
76:2c:ff:d9:04:4b:0c:4b:38:ee:75:d0:15:9c:25:
5c:f8:0e:12:83:47:09:e0:2c:5c:dc:36:b9:a6:a4:
5c:80:db:a1:bd:20:20:a3:8e:bc:63:8d:a0:8c:09:
55:82:69:37:ef:4e:14:b2:c4:4c:f7:0e:28:8a:87:
ca:be:25:1a:a2:30:ea:70:1d:e6:1d:0f:b4:a5:b1:
e9:c7:1b:e2:ae:65:84:e6:14:14:5c:4b:9b:b6:17:
4c:d6:0b:52:69:ca:1f:c9:31:9b:94:6c:4c:c9:d1:
0f:7e:be:0c:46:cd:8e:51:9b:42:4b:7a:2a:42:a9:
16:e8:2a:d3:c2:ba:a5:bd:af:1f:9f:77:00:35:39:
39:8f:b0:3f:5e:b5:96:4e:a1:43:55:a3:ff:17:5f:
52:a6:88:21:18:e3:13:7f:d7:b4:69:2d:ad:a0:6b:
a5:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:54:C1:C8:B8:29:32:7A:F1:40:4A:D4:E7:5E:BF:2B:FE:F6:20:75
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0fa23d6c-fd5a-4d4c-9504-fa93a22f52cb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:4000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:4b:c7:07:45:d2:41:10:51:c4:6f:c7:91:51:8e:a0:c8:39:
a5:7f:31:9e:2a:a7:88:51:9d:fe:67:e5:d3:6f:44:3e:58:8a:
3f:54:c7:d6:a0:d2:22:ba:39:a2:75:12:dd:10:5f:64:ae:7a:
86:98:c7:f0:07:be:a7:2e:b9:ed:ed:41:0a:aa:a1:86:31:c2:
d8:c9:29:57:47:cd:f6:10:cf:a8:9f:25:2a:07:bb:d9:66:27:
bf:ba:a3:ae:24:12:b5:59:b8:51:4d:b0:5d:5a:5c:44:03:83:
d3:49:13:62:c8:f2:f0:cc:18:3a:63:df:22:8c:b9:1e:1d:89:
ab:80:8e:b1:9e:be:44:c1:b7:b2:07:64:52:aa:af:f3:88:31:
23:e6:ab:7d:a3:0d:23:de:a8:87:70:a0:bb:05:36:19:71:0e:
10:23:70:e5:26:6e:3c:7f:e5:d3:53:2e:82:f0:96:31:0c:08:
1a:7a:14:19:c8:a4:39:21:5b:08:28:74:47:ee:c8:b5:c8:a1:
1c:a0:a3:ff:d2:c4:a0:3b:24:c1:7b:17:54:1a:38:da:2f:db:
35:67:9b:d2:99:52:44:f3:fd:9a:11:2f:5d:7f:88:b5:c8:13:
e7:11:52:6a:4b:75:ec:a7:18:45:cd:de:f4:f3:aa:6d:10:c0:
7d:37:a7:6f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURC2s5Px3Sb/bPCYn57XUyFPsW9swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGE1NDk2ZWU2NzA0ZmUyYzRiOTkxYWVjZGJkOTI4YmI5MTE2YTU2NDY3MDc5
ZThlZjliY2MwNDEyMjllZDJiM2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMteQVj9j8kXOpvtXKEvaM0aIDxkZnxwthuwCsyL2vkG2yyf708t1yqL71/i
fU/CkLC0dt0NGDYn/LK1JftrW34x0rcjU6kJBuMBUfQI6IVy4llX4auzddq/diz/
2QRLDEs47nXQFZwlXPgOEoNHCeAsXNw2uaakXIDbob0gIKOOvGONoIwJVYJpN+9O
FLLETPcOKIqHyr4lGqIw6nAd5h0PtKWx6ccb4q5lhOYUFFxLm7YXTNYLUmnKH8kx
m5RsTMnRD36+DEbNjlGbQkt6KkKpFugq08K6pb2vH593ADU5OY+wP161lk6hQ1Wj
/xdfUqaIIRjjE3/XtGktraBrpWkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTtVMHI
uCkyevFAStTnXr8r/vYgdTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGZhMjNkNmMtZmQ1YS00ZDRjLTk1MDQtZmE5M2EyMmY1MmNiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJA
MA0GCSqGSIb3DQEBCwUAA4IBAQCyS8cHRdJBEFHEb8eRUY6gyDmlfzGeKqeIUZ3+
Z+XTb0Q+WIo/VMfWoNIiujmidRLdEF9krnqGmMfwB76nLrnt7UEKqqGGMcLYySlX
R832EM+onyUqB7vZZie/uqOuJBK1WbhRTbBdWlxEA4PTSRNiyPLwzBg6Y98ijLke
HYmrgI6xnr5EwbeyB2RSqq/ziDEj5qt9ow0j3qiHcKC7BTYZcQ4QI3DlJm48f+XT
Uy6C8JYxDAgaehQZyKQ5IVsIKHRH7si1yKEcoKP/0sSgOyTBexdUGjjaL9s1Z5vS
mVJE8/2aES9df4i1yBPnEVJqS3XspxhFzd7086ptEMB9N6dv
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:22 2025 by rpki-client