Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa
File: 706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa (raw, json)
Hash identifier: c7wOoObHUWZUgE+iw2vZlmPAa2doV3qBs6TI7kn+J4E=
Subject key identifier: 2F:07:11:ED:4B:EE:39:E4:3F:99:F2:14:B7:B1:41:4F:4D:46:C9:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 59CB2631058C8EA9C78AA317B6BAFA0C6B7B8DFA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:9000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:cb:26:31:05:8c:8e:a9:c7:8a:a3:17:b6:ba:fa:0c:6b:7b:8d:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=24c5a229376a621403d2b46826546819e56c16872328c9e0cd81c17b08191908, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7d:37:ee:48:e9:1a:f1:f1:7b:93:0f:2a:c1:
56:f1:3c:d3:2b:1f:27:3b:30:3b:24:2e:8a:1c:2d:
bd:e4:e7:fe:16:c8:af:95:d8:31:12:00:37:6c:7b:
f3:dd:17:d4:be:8a:ac:83:f4:34:8a:6b:08:d3:ba:
12:b7:86:93:d8:c6:61:66:7a:14:1f:ac:78:09:7d:
5e:36:da:ea:fe:ed:23:30:c1:b4:31:24:bd:c2:4e:
14:a4:e6:37:c3:20:d9:99:ea:4a:e9:da:6a:00:1a:
70:8b:2d:16:9b:ed:89:23:7a:a7:09:86:fe:95:f9:
2c:5f:08:6d:d1:88:f6:3c:b9:e1:b0:75:cf:22:34:
fb:48:aa:c5:0d:0f:43:bb:48:67:57:37:5d:24:7b:
f8:1f:ca:26:44:af:34:d8:67:19:ac:0d:be:65:f9:
e2:53:00:b9:b8:2f:15:4a:07:72:a2:f8:49:b9:68:
38:d1:7b:d2:fd:a1:b5:b2:98:f7:d9:28:88:39:d4:
03:83:62:45:4c:4a:a8:a3:ea:d7:82:89:b2:53:22:
7a:e4:1c:e3:09:a6:5f:08:89:d7:98:d6:b8:95:9f:
89:0f:d4:88:70:bf:ab:9d:b1:94:a1:f0:86:b7:a2:
8d:e2:f0:3d:1a:0f:6c:14:03:18:ea:a4:35:2f:77:
67:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:07:11:ED:4B:EE:39:E4:3F:99:F2:14:B7:B1:41:4F:4D:46:C9:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/706b4d5a-dbff-436a-9e9a-0c243ef12d01.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:9000::/40
Signature Algorithm: sha256WithRSAEncryption
0a:f0:89:d0:10:65:31:5f:40:b4:5d:db:2f:6d:fe:0a:25:aa:
50:9a:d2:cf:e3:74:21:fa:1a:92:26:1e:a4:3b:f3:dd:e6:db:
62:b5:21:ef:8c:22:3d:bc:e6:0e:ff:0c:c0:99:a9:57:93:fc:
31:6d:08:af:e4:0e:a7:00:55:2c:52:36:aa:a3:c0:48:d7:b9:
c3:6c:78:56:00:e4:28:bb:d4:92:b0:3f:f5:c6:31:9c:85:d9:
5e:88:1c:d2:62:79:3b:4e:88:d2:b9:11:65:1c:c2:f4:a3:dc:
78:20:c5:74:1c:ec:98:10:d0:93:e5:bc:ee:78:53:e0:af:8d:
1d:f8:e0:72:d4:4b:a5:ec:f9:8e:67:6d:d8:cd:d6:26:58:cb:
cb:a8:24:9b:3c:b0:6e:2e:2c:22:22:94:e8:4b:be:92:9d:76:
72:44:2e:f8:ec:ee:3e:82:db:b9:ad:39:b0:be:5c:61:dd:d9:
3a:ae:4a:3c:3e:1c:f3:00:70:13:5c:0a:8d:3d:85:4d:b7:db:
1b:e6:ff:82:bf:44:a9:00:f5:cb:d1:d9:d6:f6:6f:6f:2e:48:
c9:b4:e5:be:a1:53:21:eb:ce:34:5c:f7:0e:bf:82:48:f6:e3:
fe:ad:07:01:84:c9:8a:36:1e:96:43:cf:6f:cc:71:56:02:dc:
9f:61:d6:cc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUWcsmMQWMjqnHiqMXtrr6DGt7jfowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDI0YzVhMjI5Mzc2YTYyMTQwM2QyYjQ2ODI2NTQ2ODE5ZTU2YzE2ODcyMzI4
YzllMGNkODFjMTdiMDgxOTE5MDgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALd9N+5I6Rrx8XuTDyrBVvE80ysfJzswOyQuihwtveTn/hbIr5XYMRIAN2x7
890X1L6KrIP0NIprCNO6EreGk9jGYWZ6FB+seAl9Xjba6v7tIzDBtDEkvcJOFKTm
N8Mg2ZnqSunaagAacIstFpvtiSN6pwmG/pX5LF8IbdGI9jy54bB1zyI0+0iqxQ0P
Q7tIZ1c3XSR7+B/KJkSvNNhnGawNvmX54lMAubgvFUoHcqL4SbloONF70v2htbKY
99koiDnUA4NiRUxKqKPq14KJslMieuQc4wmmXwiJ15jWuJWfiQ/UiHC/q52xlKHw
hreijeLwPRoPbBQDGOqkNS93Z0cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQvBxHt
S+455D+Z8hS3sUFPTUbJ9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzA2YjRkNWEtZGJmZi00MzZhLTllOWEtMGMyNDNlZjEyZDAxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HmQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAK8InQEGUxX0C0Xdsvbf4KJapQmtLP43Qh+hqS
Jh6kO/Pd5ttitSHvjCI9vOYO/wzAmalXk/wxbQiv5A6nAFUsUjaqo8BI17nDbHhW
AOQou9SSsD/1xjGchdleiBzSYnk7TojSuRFlHML0o9x4IMV0HOyYENCT5bzueFPg
r40d+OBy1Eul7PmOZ23YzdYmWMvLqCSbPLBuLiwiIpToS76SnXZyRC747O4+gtu5
rTmwvlxh3dk6rko8PhzzAHATXAqNPYVNt9sb5v+Cv0SpAPXL0dnW9m9vLkjJtOW+
oVMh6840XPcOv4JI9uP+rQcBhMmKNh6WQ89vzHFWAtyfYdbM
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:21 2025 by rpki-client