Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a9b3bae-5f17-4404-ae89-eb0f4e765100.roa
File: 5a9b3bae-5f17-4404-ae89-eb0f4e765100.roa (raw, json)
Hash identifier: VKn3dDBNmGNf/NRUfxaPfE9UqHCSHm7WmVaoilpjWQQ=
Subject key identifier: D9:24:9F:36:E0:09:8E:FF:41:72:A3:F7:F9:05:61:04:C6:BE:93:54
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A5C227CD82B9FC1558ABCFC416918DFA837D209
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a9b3bae-5f17-4404-ae89-eb0f4e765100.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:e000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:5c:22:7c:d8:2b:9f:c1:55:8a:bc:fc:41:69:18:df:a8:37:d2:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=c987c4b75e0227b451a8a3b34a7400441b71555be6b7606a26df6f8d0b28e27b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:9a:ca:c3:8f:3c:b1:30:4e:6b:9f:34:d0:3f:
00:3b:30:4c:2b:1f:54:7f:e1:70:84:ce:d4:b6:dc:
95:63:16:6f:e2:c0:93:07:0f:65:d9:0f:21:de:e0:
4d:88:0c:9b:c0:42:69:d6:e7:0d:f2:ef:1d:7a:e4:
71:55:84:22:7c:0f:73:4f:bf:4a:14:6c:08:29:ff:
50:a9:37:c9:81:d8:79:ae:2c:f7:7a:a8:9a:66:40:
9a:ce:12:18:2a:9b:ed:7b:01:0c:9a:a3:e7:c3:38:
4e:e8:d1:12:e1:bb:ac:69:3f:b4:3a:2c:c1:13:3c:
68:cf:69:5d:3a:f0:8e:ff:56:24:38:4a:48:a1:c4:
9f:d0:2f:c0:cc:d8:56:ee:10:79:f4:01:7c:9b:f1:
42:78:d0:3c:03:f7:4a:d9:75:ae:5c:f6:d0:d8:d0:
77:5c:69:14:15:21:e9:6a:f1:39:67:68:f4:94:a8:
f1:36:5d:cb:13:43:f7:e9:70:54:91:48:59:83:52:
00:09:21:b2:9d:9e:a6:df:fe:b4:c7:c0:53:8e:87:
9c:ba:be:0d:11:6d:5c:6e:03:76:67:82:56:34:e7:
d4:28:07:fd:60:2c:1e:10:96:54:6b:8e:74:f2:ae:
0b:b5:07:0d:f6:be:42:30:c3:48:d5:c8:77:65:9c:
ba:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:24:9F:36:E0:09:8E:FF:41:72:A3:F7:F9:05:61:04:C6:BE:93:54
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/5a9b3bae-5f17-4404-ae89-eb0f4e765100.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:e000::/40
Signature Algorithm: sha256WithRSAEncryption
83:5e:5d:3b:3a:db:ad:23:82:d1:43:de:80:de:22:a8:3b:e6:
02:cd:36:3d:5a:4e:79:b0:da:0a:a4:56:22:36:43:71:b7:22:
09:ef:15:19:9c:a9:ee:8f:37:7e:d2:9d:6c:83:d6:05:a2:18:
f2:95:da:1b:da:09:c7:60:e4:37:84:a9:c0:04:bb:9c:61:2e:
61:f5:5b:ca:48:89:cd:e1:c0:1a:f9:a4:45:99:79:32:08:1d:
df:46:c8:56:a4:82:06:42:39:ea:f9:4b:33:ad:7b:4c:dc:6c:
8d:cb:91:59:8e:65:d8:d7:2b:1b:6d:58:92:69:94:cd:ac:2d:
be:7b:8d:f6:c8:49:94:96:99:03:83:cb:a0:b3:5c:11:53:d3:
b0:24:2d:e5:46:5c:fc:a4:58:5a:b9:4c:5e:9a:ed:b2:0b:39:
75:24:dd:42:d6:d1:4d:f7:79:7b:37:4b:db:c7:06:6e:b0:63:
d3:32:b2:e8:c9:27:74:29:97:b8:6f:91:1d:b3:40:60:08:32:
7a:4b:f5:a1:16:7b:5b:5d:8d:41:97:6f:88:a0:38:15:8a:cc:
49:d7:f8:bf:b5:1c:de:db:52:26:0a:f3:6d:09:6c:4a:2c:e5:
1e:39:82:a5:2d:6e:d7:2d:01:40:60:3c:53:80:7c:88:3d:d9:
25:67:13:2e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSlwifNgrn8FVirz8QWkY36g30gkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM5ODdjNGI3NWUwMjI3YjQ1MWE4YTNiMzRhNzQwMDQ0MWI3MTU1NWJlNmI3
NjA2YTI2ZGY2ZjhkMGIyOGUyN2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ2aysOPPLEwTmufNNA/ADswTCsfVH/hcITO1LbclWMWb+LAkwcPZdkPId7g
TYgMm8BCadbnDfLvHXrkcVWEInwPc0+/ShRsCCn/UKk3yYHYea4s93qommZAms4S
GCqb7XsBDJqj58M4TujREuG7rGk/tDoswRM8aM9pXTrwjv9WJDhKSKHEn9AvwMzY
Vu4QefQBfJvxQnjQPAP3Stl1rlz20NjQd1xpFBUh6WrxOWdo9JSo8TZdyxND9+lw
VJFIWYNSAAkhsp2ept/+tMfAU46HnLq+DRFtXG4DdmeCVjTn1CgH/WAsHhCWVGuO
dPKuC7UHDfa+QjDDSNXId2WculcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZJJ82
4AmO/0Fyo/f5BWEExr6TVDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NWE5YjNiYWUtNWYxNy00NDA0LWFlODktZWIwZjRlNzY1MTAwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Drg
MA0GCSqGSIb3DQEBCwUAA4IBAQCDXl07OtutI4LRQ96A3iKoO+YCzTY9Wk55sNoK
pFYiNkNxtyIJ7xUZnKnujzd+0p1sg9YFohjyldob2gnHYOQ3hKnABLucYS5h9VvK
SInN4cAa+aRFmXkyCB3fRshWpIIGQjnq+UszrXtM3GyNy5FZjmXY1ysbbViSaZTN
rC2+e432yEmUlpkDg8ugs1wRU9OwJC3lRlz8pFhauUxemu2yCzl1JN1C1tFN93l7
N0vbxwZusGPTMrLoySd0KZe4b5Eds0BgCDJ6S/WhFntbXY1Bl2+IoDgVisxJ1/i/
tRze21ImCvNtCWxKLOUeOYKlLW7XLQFAYDxTgHyIPdklZxMu
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:10:56 2025 by rpki-client