Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3711d18e-8589-4699-9cf4-2646a99f3614.roa
File: 3711d18e-8589-4699-9cf4-2646a99f3614.roa (raw, json)
Hash identifier: +LDqojGwhXsYNtxQnT1vi5CuIo8yjEGqogyHhuqbt9g=
Subject key identifier: 01:9E:48:00:44:DC:3F:59:65:E2:15:4C:58:90:2B:64:F0:E8:76:AC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73C74A4455175D52E43BEEFBB798F0A28DE9F4A0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3711d18e-8589-4699-9cf4-2646a99f3614.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:c7:4a:44:55:17:5d:52:e4:3b:ee:fb:b7:98:f0:a2:8d:e9:f4:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=6180898a7372efeef14b435bfb1daf92294bde54a5d7e5b0e8ade93372a13133, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b6:2a:d2:eb:cb:4e:ef:d0:43:ea:a8:51:ee:
35:c6:39:ec:65:29:16:11:22:59:c7:73:08:da:d7:
0f:14:f0:37:97:89:fa:9a:a4:02:66:97:10:92:51:
51:cd:5d:94:cc:3e:28:1b:2f:56:39:68:8c:2e:45:
f8:fe:24:05:40:6c:67:db:12:94:3a:58:60:b1:b8:
eb:cb:c4:f6:a3:c0:39:31:bd:a6:73:14:c8:ce:bc:
da:3e:10:85:04:2c:f7:d2:d4:13:98:b5:9a:1d:c9:
42:28:3a:3e:b4:4e:23:d2:d9:0e:10:60:c8:e2:f7:
67:d2:f5:be:33:81:b9:86:df:7e:13:4a:f3:87:dd:
d8:f4:92:a3:41:ce:c5:fb:e2:02:4e:b1:c2:ce:06:
af:a8:bf:74:9b:75:9e:28:b3:f5:b2:6e:19:79:bc:
33:2e:bf:7b:98:dc:7f:b4:2b:fd:b1:c9:8a:37:17:
0a:d1:4e:90:94:a2:ec:f3:0a:0d:63:f0:88:1e:6b:
ff:8d:11:a8:ec:ea:60:f2:c1:9e:e4:91:04:e9:23:
90:f5:c3:31:54:89:12:3a:5e:56:eb:8c:3f:51:29:
7d:ed:64:53:6c:4e:39:18:a6:91:8f:3a:fd:1f:f0:
41:04:71:a7:13:6e:e8:fa:ee:44:26:eb:39:70:48:
ed:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:9E:48:00:44:DC:3F:59:65:E2:15:4C:58:90:2B:64:F0:E8:76:AC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3711d18e-8589-4699-9cf4-2646a99f3614.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:4000::/40
Signature Algorithm: sha256WithRSAEncryption
88:11:ad:34:ed:8b:ab:38:ee:a4:ca:1c:b5:22:8c:04:85:00:
91:1d:e1:89:53:70:d2:e7:22:91:6d:60:3d:a5:93:c2:7d:92:
99:48:65:b5:76:d9:3a:a9:22:21:cc:35:6f:82:8b:11:f8:66:
3f:d2:8e:c3:09:a3:24:88:1f:79:c8:04:12:6d:04:1c:3c:8e:
22:0f:dd:11:f6:fb:b1:65:dd:3e:ea:86:75:46:f6:2a:ea:47:
87:9c:35:89:9c:ce:25:22:f7:19:9b:be:16:a5:e3:fe:fd:55:
21:f4:7f:47:46:fc:2b:1b:5b:20:c9:0e:77:0a:44:31:b2:5d:
35:6a:e8:af:ed:3c:3d:fd:92:65:3b:ca:fc:27:e0:8e:1e:60:
9b:92:8a:a9:22:0f:01:9a:79:f6:6d:6d:41:69:50:be:b2:97:
15:b5:2a:13:31:32:c0:9d:c1:be:22:b1:21:89:47:a0:da:f8:
88:d4:f1:08:18:06:db:c4:e8:38:a9:6d:d3:49:44:00:72:f3:
6c:52:fc:7f:7f:ba:f0:4e:f3:d2:c5:47:bc:5c:8e:c2:a6:55:
36:80:4b:d7:cf:59:70:d4:1b:cd:35:0d:3d:63:fc:a1:5f:3a:
b3:9a:0a:5d:13:86:f7:c7:6f:bc:dc:ac:1e:b5:d6:fe:e7:17:
3c:74:09:d1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc8dKRFUXXVLkO+77t5jwoo3p9KAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDYxODA4OThhNzM3MmVmZWVmMTRiNDM1YmZiMWRhZjkyMjk0YmRlNTRhNWQ3
ZTViMGU4YWRlOTMzNzJhMTMxMzMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALK2KtLry07v0EPqqFHuNcY57GUpFhEiWcdzCNrXDxTwN5eJ+pqkAmaXEJJR
Uc1dlMw+KBsvVjlojC5F+P4kBUBsZ9sSlDpYYLG468vE9qPAOTG9pnMUyM682j4Q
hQQs99LUE5i1mh3JQig6PrROI9LZDhBgyOL3Z9L1vjOBuYbffhNK84fd2PSSo0HO
xfviAk6xws4Gr6i/dJt1niiz9bJuGXm8My6/e5jcf7Qr/bHJijcXCtFOkJSi7PMK
DWPwiB5r/40RqOzqYPLBnuSRBOkjkPXDMVSJEjpeVuuMP1Epfe1kU2xOORimkY86
/R/wQQRxpxNu6PruRCbrOXBI7XkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQBnkgA
RNw/WWXiFUxYkCtk8Oh2rDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzcxMWQxOGUtODU4OS00Njk5LTljZjQtMjY0NmE5OWYzNjE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H9A
MA0GCSqGSIb3DQEBCwUAA4IBAQCIEa007YurOO6kyhy1IowEhQCRHeGJU3DS5yKR
bWA9pZPCfZKZSGW1dtk6qSIhzDVvgosR+GY/0o7DCaMkiB95yAQSbQQcPI4iD90R
9vuxZd0+6oZ1RvYq6keHnDWJnM4lIvcZm74WpeP+/VUh9H9HRvwrG1sgyQ53CkQx
sl01auiv7Tw9/ZJlO8r8J+COHmCbkoqpIg8Bmnn2bW1BaVC+spcVtSoTMTLAncG+
IrEhiUeg2viI1PEIGAbbxOg4qW3TSUQAcvNsUvx/f7rwTvPSxUe8XI7CplU2gEvX
z1lw1BvNNQ09Y/yhXzqzmgpdE4b3x2+83Kwetdb+5xc8dAnR
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:10:58 2025 by rpki-client