Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a32599f-2ee4-4bbe-81e8-dc8dc9eb371c.roa
File: 2a32599f-2ee4-4bbe-81e8-dc8dc9eb371c.roa (raw, json)
Hash identifier: sei67W+I3NmU76xNtgGj34uZDzPTHKEjwqxazn9opDU=
Subject key identifier: 95:9E:72:7D:06:CF:AD:A1:00:73:87:01:7B:38:8F:FF:7C:A3:FD:89
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5DC991E5675A93D3B238868C070A43187D7AFDB0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a32599f-2ee4-4bbe-81e8-dc8dc9eb371c.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d032:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:c9:91:e5:67:5a:93:d3:b2:38:86:8c:07:0a:43:18:7d:7a:fd:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: serialNumber=d96e632d13972b43e50e45662fe9504de24f39e288703069d794565c428e8bc0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:f9:0d:3b:47:65:dc:19:8a:bd:ac:0e:b6:3a:
00:11:74:72:ca:eb:20:28:64:7a:89:b0:16:95:2b:
f1:a6:ee:c4:82:10:10:c7:4f:3d:05:e1:e1:7b:db:
41:13:0d:5f:27:a0:84:33:6d:38:2d:5d:93:16:93:
64:dd:ce:84:41:b8:0a:cc:5e:6a:53:bb:d1:98:7c:
6d:28:aa:e2:41:8c:f2:e3:c7:82:ba:b8:ac:67:52:
6f:a7:48:8d:8e:2b:6f:63:2f:43:c6:66:70:c9:90:
c5:47:d5:54:24:69:b7:f1:4b:1f:a0:49:0d:eb:0e:
28:f1:bb:8f:ea:5d:12:96:91:8b:d8:30:13:96:f3:
bb:72:d8:4c:92:3d:dc:9f:5a:b8:f9:db:74:4f:79:
70:59:c8:06:9c:be:58:3c:24:f8:9e:94:ac:81:1b:
a7:dc:8c:9a:e4:29:87:a7:13:59:3e:52:c5:b5:66:
65:34:a0:f6:b1:d5:50:c5:e2:32:38:7f:10:66:2a:
5c:94:86:aa:43:a7:6d:f6:65:f0:c0:6a:a6:32:08:
e6:2c:ec:c0:68:e0:2a:09:85:8f:ae:4f:94:52:29:
30:c1:f6:f8:61:46:c5:b9:6f:3c:fc:99:da:9a:03:
80:de:d4:b1:96:4b:42:43:8d:d2:2c:44:c4:8e:83:
92:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:9E:72:7D:06:CF:AD:A1:00:73:87:01:7B:38:8F:FF:7C:A3:FD:89
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2a32599f-2ee4-4bbe-81e8-dc8dc9eb371c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d032:2000::/40
Signature Algorithm: sha256WithRSAEncryption
85:b1:db:de:ba:20:90:db:dd:8a:ad:eb:d5:18:1f:db:5a:1e:
13:73:d9:e9:e2:58:9e:aa:65:5f:7f:ca:03:8a:2a:53:b5:32:
cf:5a:46:cf:58:87:dd:69:05:aa:3e:d6:d2:0c:3d:94:af:8a:
3e:c2:72:8a:2c:46:77:a9:40:4b:bb:0f:63:45:95:28:e9:03:
4c:ff:ac:a6:65:a6:c2:e1:4c:0a:ce:74:3b:13:32:cb:e4:4d:
9a:73:a4:87:58:40:8f:b9:ae:54:97:1f:5a:55:11:75:25:e7:
a6:e1:91:b3:fa:40:5f:ab:f6:aa:d9:31:bb:7a:b8:a0:ac:e4:
eb:e5:1f:c3:21:e5:aa:e5:3c:09:40:ab:c6:bd:09:06:93:1f:
c5:08:31:14:8a:43:55:42:0d:fc:fe:fa:e4:46:59:2b:c1:02:
ae:26:e4:3c:e9:e0:75:88:07:e5:ed:04:34:41:13:88:5f:42:
92:e8:e8:3a:e8:ee:04:9a:3e:4f:c3:ad:29:5c:68:65:43:1f:
41:51:74:f3:ea:ab:cc:22:52:66:34:a0:06:9e:2c:5b:f6:20:
08:d4:0a:1d:d7:db:4d:2d:47:e3:21:76:ee:9a:8d:41:37:60:
4e:7a:6a:43:f5:4e:10:fb:4b:1c:40:5e:02:79:b3:03:83:88:
f1:53:1a:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXcmR5Wdak9OyOIaMBwpDGH16/bAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMzEwMDAwMDBaFw0yNTAyMDQyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ5NmU2MzJkMTM5NzJiNDNlNTBlNDU2NjJmZTk1MDRkZTI0ZjM5ZTI4ODcw
MzA2OWQ3OTQ1NjVjNDI4ZThiYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOX5DTtHZdwZir2sDrY6ABF0csrrIChkeomwFpUr8abuxIIQEMdPPQXh4Xvb
QRMNXyeghDNtOC1dkxaTZN3OhEG4CsxealO70Zh8bSiq4kGM8uPHgrq4rGdSb6dI
jY4rb2MvQ8ZmcMmQxUfVVCRpt/FLH6BJDesOKPG7j+pdEpaRi9gwE5bzu3LYTJI9
3J9auPnbdE95cFnIBpy+WDwk+J6UrIEbp9yMmuQph6cTWT5SxbVmZTSg9rHVUMXi
Mjh/EGYqXJSGqkOnbfZl8MBqpjII5izswGjgKgmFj65PlFIpMMH2+GFGxblvPPyZ
2poDgN7UsZZLQkON0ixExI6DknkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSVnnJ9
Bs+toQBzhwF7OI//fKP9iTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmEzMjU5OWYtMmVlNC00YmJlLTgxZTgtZGM4ZGM5ZWIzNzFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DIg
MA0GCSqGSIb3DQEBCwUAA4IBAQCFsdveuiCQ292KrevVGB/bWh4Tc9np4lieqmVf
f8oDiipTtTLPWkbPWIfdaQWqPtbSDD2Ur4o+wnKKLEZ3qUBLuw9jRZUo6QNM/6ym
ZabC4UwKznQ7EzLL5E2ac6SHWECPua5Ulx9aVRF1Jeem4ZGz+kBfq/aq2TG7erig
rOTr5R/DIeWq5TwJQKvGvQkGkx/FCDEUikNVQg38/vrkRlkrwQKuJuQ86eB1iAfl
7QQ0QROIX0KS6Og66O4Emj5Pw60pXGhlQx9BUXTz6qvMIlJmNKAGnixb9iAI1Aod
19tNLUfjIXbumo1BN2BOempD9U4Q+0scQF4CebMDg4jxUxoE
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:22 2025 by rpki-client