Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa
File: 39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa (raw, json)
Hash identifier: lJ+HQ31ZfsviO/8zqGOYqgCgqib8jI7CnbUBK8wuHc0=
Subject key identifier: 8E:3E:13:44:D7:92:E4:CD:93:13:3C:E9:18:F6:0D:BC:F7:38:2F:A7
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 014C6220D98772B093EFA731D64B38FE0B6FB8C3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:4c:62:20:d9:87:72:b0:93:ef:a7:31:d6:4b:38:fe:0b:6f:b8:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=ed4e093e8484152dbef019e32c18110b2c106cf83b6c03717c1e15471f42f757, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b3:42:37:5c:41:3d:2e:d3:53:b8:42:67:82:
97:99:17:37:e2:80:dc:a7:cc:7b:4e:6c:1a:cc:40:
9e:f2:f3:ea:aa:b1:81:e1:21:98:9e:b0:d3:98:98:
e6:8c:64:78:92:1c:e7:6c:a3:3d:83:a3:db:15:6d:
52:62:48:c2:f5:13:ba:3b:10:6d:76:1b:2b:2d:f5:
4f:66:d7:d0:71:c8:93:05:7f:42:e8:90:ee:be:16:
3d:b4:70:b0:82:5e:2a:3e:57:64:ef:49:52:fc:e4:
e7:2c:36:89:b4:b4:c1:cd:34:f2:86:b4:70:ba:67:
fa:ea:24:6b:b4:f5:8c:d2:bd:f2:5c:60:ba:6f:c0:
16:fd:3c:4d:d9:39:35:f2:ea:d5:74:ee:cf:cc:b7:
ac:5b:14:c4:f9:d4:30:4a:21:b5:63:34:e1:1a:80:
81:0d:a5:4a:15:ff:f5:26:11:4e:de:42:4f:47:42:
91:46:04:8a:14:51:f5:91:11:54:51:13:b5:46:aa:
c1:b6:0e:9d:11:af:07:8b:a2:65:a1:1b:52:bb:fa:
3a:5f:36:3b:ce:f2:80:4c:a9:02:f4:13:ee:5e:d3:
7a:4d:bf:b0:56:33:6b:a4:c1:68:c8:e3:a8:f4:43:
90:67:cd:27:9e:d2:17:d6:fd:05:26:c0:a7:fa:51:
34:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:3E:13:44:D7:92:E4:CD:93:13:3C:E9:18:F6:0D:BC:F7:38:2F:A7
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/39877ac0-d1f5-4cc3-b476-ba3a7fa0a0e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:2000::/40
Signature Algorithm: sha256WithRSAEncryption
5b:a8:09:34:72:5d:2c:60:d2:ee:cb:3c:50:62:f4:5f:ae:fa:
85:13:dc:9f:08:1c:f8:8d:0b:89:05:0b:19:50:88:ad:d6:1b:
5f:61:7f:16:d8:d9:a7:49:ea:fe:e6:77:02:88:fe:56:5d:3a:
44:ad:df:4f:0f:76:c6:cc:91:df:d4:89:84:90:3b:d8:7d:fc:
de:d8:10:7f:f5:71:d1:09:37:31:80:65:08:b8:ea:6e:a5:0e:
ce:dc:69:73:94:e2:af:58:27:8c:05:d3:1b:1b:b6:2d:ff:67:
85:30:90:f7:72:c9:43:0e:bf:29:aa:be:8e:f7:5d:5f:df:d3:
9d:f2:13:1e:1d:d9:b7:de:34:a6:82:17:20:81:2d:bb:be:59:
cd:79:5c:49:3c:da:63:bc:36:44:d6:37:c1:80:b1:a7:98:78:
c7:8e:a9:ea:4d:4c:81:79:30:2d:5e:f4:28:03:68:88:f2:ac:
ef:5d:b6:39:90:ff:29:7c:4c:eb:09:69:fd:a0:9b:9d:f5:3c:
4c:b5:07:e7:75:2c:e2:19:19:b4:9e:22:ef:1f:bb:9b:6f:2d:
37:8a:54:9d:af:c9:a4:c8:fd:35:a6:d4:4c:5c:61:85:0d:5f:
e6:2d:e3:50:4d:6a:22:7a:99:81:38:dd:ad:c7:ad:b1:36:33:
e5:72:64:4e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUAUxiINmHcrCT76cx1ks4/gtvuMMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkNGUwOTNlODQ4NDE1MmRiZWYwMTllMzJjMTgxMTBiMmMxMDZjZjgzYjZj
MDM3MTdjMWUxNTQ3MWY0MmY3NTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJuzQjdcQT0u01O4QmeCl5kXN+KA3KfMe05sGsxAnvLz6qqxgeEhmJ6w05iY
5oxkeJIc52yjPYOj2xVtUmJIwvUTujsQbXYbKy31T2bX0HHIkwV/QuiQ7r4WPbRw
sIJeKj5XZO9JUvzk5yw2ibS0wc008oa0cLpn+uoka7T1jNK98lxgum/AFv08Tdk5
NfLq1XTuz8y3rFsUxPnUMEohtWM04RqAgQ2lShX/9SYRTt5CT0dCkUYEihRR9ZER
VFETtUaqwbYOnRGvB4uiZaEbUrv6Ol82O87ygEypAvQT7l7Tek2/sFYza6TBaMjj
qPRDkGfNJ57SF9b9BSbAp/pRNF8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSOPhNE
15LkzZMTPOkY9g289zgvpzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Mzk4NzdhYzAtZDFmNS00Y2MzLWI0NzYtYmEzYTdmYTBhMGUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hcg
MA0GCSqGSIb3DQEBCwUAA4IBAQBbqAk0cl0sYNLuyzxQYvRfrvqFE9yfCBz4jQuJ
BQsZUIit1htfYX8W2NmnSer+5ncCiP5WXTpErd9PD3bGzJHf1ImEkDvYffze2BB/
9XHRCTcxgGUIuOpupQ7O3GlzlOKvWCeMBdMbG7Yt/2eFMJD3cslDDr8pqr6O911f
39Od8hMeHdm33jSmghcggS27vlnNeVxJPNpjvDZE1jfBgLGnmHjHjqnqTUyBeTAt
XvQoA2iI8qzvXbY5kP8pfEzrCWn9oJud9TxMtQfndSziGRm0niLvH7ubby03ilSd
r8mkyP01ptRMXGGFDV/mLeNQTWoiepmBON2tx62xNjPlcmRO
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:10:06 2025 by rpki-client