Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b9f858-170f-4e66-8d4d-515e5f3bfe0f.roa
File: 83b9f858-170f-4e66-8d4d-515e5f3bfe0f.roa (raw, json)
Hash identifier: 0X/K5TZ16J3Ef+4q8ja/+vuRtSQQb+1biPU9lWMBQZ8=
Subject key identifier: 0B:AE:9F:91:6B:66:F4:D8:4A:9A:DE:C5:60:BA:7B:4D:EA:1A:FB:EA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F1EC3EE35D2144645FB7222492D6940BA8482F3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b9f858-170f-4e66-8d4d-515e5f3bfe0f.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:a000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:1e:c3:ee:35:d2:14:46:45:fb:72:22:49:2d:69:40:ba:84:82:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=bbfc1bda3f74c06f50467a85298d22adc07915603739fe81256fbd27cebd8402, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:0c:81:a8:5d:4f:7e:8a:0c:14:dc:10:75:f1:
13:0e:14:39:f3:d7:95:e4:e8:f8:90:35:81:13:a7:
76:22:e3:0f:c1:f9:59:48:0d:5a:5f:4b:af:7c:7e:
81:2a:44:d0:87:7f:7b:4d:6c:72:d7:55:5c:c6:56:
5d:9d:79:d2:83:1f:e7:d5:8a:3f:58:45:61:d4:87:
0d:3d:4e:89:59:50:9e:ee:cd:a5:c5:1c:30:15:e5:
5f:54:e0:45:4b:54:9a:cc:f2:d6:13:20:7b:c2:eb:
6f:23:70:29:37:b8:d8:58:0d:1c:70:88:f9:81:0d:
9c:7c:db:bb:22:45:8f:02:bf:eb:33:db:86:0b:0b:
13:a3:48:32:47:a5:f4:0a:c3:14:9c:2f:ed:c1:4a:
2a:73:d0:52:21:51:82:24:e6:fb:e4:a7:ca:2b:56:
9b:a3:0f:fb:9f:63:c4:db:88:48:c8:87:5f:e0:60:
a4:03:e3:f3:29:bc:27:05:9c:23:59:d1:1a:32:0f:
6b:2f:cf:38:5a:65:37:74:97:b3:d8:7c:b8:49:71:
ef:cc:93:75:08:97:76:41:ac:04:38:6d:b4:2b:f2:
52:5f:3f:68:2d:28:d2:58:ea:60:9e:18:9c:10:85:
49:63:12:fc:2f:25:ab:38:c3:48:ef:19:77:cb:b5:
3b:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0B:AE:9F:91:6B:66:F4:D8:4A:9A:DE:C5:60:BA:7B:4D:EA:1A:FB:EA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/83b9f858-170f-4e66-8d4d-515e5f3bfe0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:a000::/40
Signature Algorithm: sha256WithRSAEncryption
60:60:a6:af:ea:a7:52:d7:bc:dd:14:d0:c9:f6:5e:fa:1f:cb:
c4:34:27:aa:5c:a2:04:ea:7d:ba:88:da:3d:ca:5b:1b:d7:bd:
f3:c8:34:ad:15:9f:08:49:26:19:66:bc:c1:d5:86:a1:69:23:
b3:01:b5:fe:c1:b8:36:22:f1:55:5b:7d:de:c8:4c:40:9c:f4:
60:19:3e:44:18:0d:94:fd:97:c0:67:c4:a8:0d:9b:4c:09:16:
df:5e:b3:20:41:82:8d:28:05:fa:8b:a2:f0:1e:0b:fb:03:22:
d9:e8:4d:49:65:47:7c:68:48:a1:0d:0b:36:ed:3b:d0:ab:d3:
ab:e5:46:da:9e:b9:3a:fd:a7:57:37:56:95:b6:44:d4:9f:53:
9c:6a:2a:6d:9d:04:98:15:25:ec:93:e8:e0:05:80:2c:fe:01:
7d:0a:39:0c:e9:48:38:f3:0f:81:f6:46:19:a0:80:ef:ab:9f:
44:cb:c8:ca:e7:c8:16:27:ab:76:50:8a:5f:28:63:02:cb:a3:
1e:fa:8f:82:51:e2:93:db:f6:3f:42:f4:ea:1b:a3:bc:b8:9b:
a6:d7:fc:16:46:e6:46:ed:20:68:05:4f:2d:d1:e4:5c:ac:a5:
6b:58:dc:3d:37:bc:fa:c7:fa:42:68:a0:ca:bd:9c:49:5e:48:
8c:8c:1b:4f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULx7D7jXSFEZF+3IiSS1pQLqEgvMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTcwMDAwMDBaFw0yNTAxMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJiZmMxYmRhM2Y3NGMwNmY1MDQ2N2E4NTI5OGQyMmFkYzA3OTE1NjAzNzM5
ZmU4MTI1NmZiZDI3Y2ViZDg0MDIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANsMgahdT36KDBTcEHXxEw4UOfPXleTo+JA1gROndiLjD8H5WUgNWl9Lr3x+
gSpE0Id/e01sctdVXMZWXZ150oMf59WKP1hFYdSHDT1OiVlQnu7NpcUcMBXlX1Tg
RUtUmszy1hMge8LrbyNwKTe42FgNHHCI+YENnHzbuyJFjwK/6zPbhgsLE6NIMkel
9ArDFJwv7cFKKnPQUiFRgiTm++SnyitWm6MP+59jxNuISMiHX+BgpAPj8ym8JwWc
I1nRGjIPay/POFplN3SXs9h8uElx78yTdQiXdkGsBDhttCvyUl8/aC0o0ljqYJ4Y
nBCFSWMS/C8lqzjDSO8Zd8u1O90CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQLrp+R
a2b02Eqa3sVguntN6hr76jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODNiOWY4NTgtMTcwZi00ZTY2LThkNGQtNTE1ZTVmM2JmZTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hag
MA0GCSqGSIb3DQEBCwUAA4IBAQBgYKav6qdS17zdFNDJ9l76H8vENCeqXKIE6n26
iNo9ylsb173zyDStFZ8ISSYZZrzB1YahaSOzAbX+wbg2IvFVW33eyExAnPRgGT5E
GA2U/ZfAZ8SoDZtMCRbfXrMgQYKNKAX6i6LwHgv7AyLZ6E1JZUd8aEihDQs27TvQ
q9Or5Ubanrk6/adXN1aVtkTUn1OcaiptnQSYFSXsk+jgBYAs/gF9CjkM6Ug48w+B
9kYZoIDvq59Ey8jK58gWJ6t2UIpfKGMCy6Me+o+CUeKT2/Y/QvTqG6O8uJum1/wW
RuZG7SBoBU8t0eRcrKVrWNw9N7z6x/pCaKDKvZxJXkiMjBtP
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:23 2025 by rpki-client