Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8898007d-2aed-42e4-9438-5ce1854de163.roa
File: 8898007d-2aed-42e4-9438-5ce1854de163.roa (raw, json)
Hash identifier: aAxP+99ND/QpaFi9JXw7w7gESV5BCFqv4Iy1cb9s2yg=
Subject key identifier: 3C:3C:67:7E:36:92:F4:1F:49:FC:AF:07:BC:08:0B:87:7A:69:5B:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0A82C940101E804BDC5D6480AFD2FDB651A919D3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8898007d-2aed-42e4-9438-5ce1854de163.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:1000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:82:c9:40:10:1e:80:4b:dc:5d:64:80:af:d2:fd:b6:51:a9:19:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=bfe3a9d42966efaa66ed9121c16a59e9a9ea13bef83af68cfcdcc084684db7cf, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:05:1a:f4:54:4f:22:c2:d6:c5:0c:0a:69:4f:
c8:b2:4c:bb:24:96:9d:55:ed:c7:c4:3e:23:44:60:
0b:b6:6d:e8:f9:76:eb:76:29:9d:e9:42:b4:2f:f2:
2f:2e:68:29:4d:84:c9:23:68:24:dd:00:32:3c:a1:
b0:82:fc:95:62:31:a4:42:58:e2:a0:99:35:e2:d8:
1a:6f:18:9e:46:fb:07:88:c8:ae:b7:22:9e:d0:12:
22:fb:61:69:f5:4d:3b:85:d9:c2:c4:e9:91:a7:59:
5a:2e:0b:62:40:e6:30:6a:3a:57:a2:f1:f1:57:7d:
5b:1b:03:e6:6c:94:9c:87:5a:e7:06:76:3d:37:6e:
53:59:cb:99:82:3f:c9:d6:38:3e:0a:c9:8d:f5:2e:
93:70:0c:38:aa:cb:35:90:c8:f6:6e:e4:61:53:83:
89:32:68:5d:41:ce:0b:10:dd:42:d7:1f:19:10:e3:
4e:0d:a6:9d:a9:74:de:b0:03:80:53:6b:07:e2:2d:
20:38:bb:05:cd:9e:f8:0e:75:25:3a:bd:6a:63:97:
d2:32:e2:1c:e1:c9:04:c0:e3:b4:77:6e:e7:4d:22:
fd:5f:07:0e:5d:b3:55:68:8f:9e:ef:4b:d7:81:47:
8d:97:bf:46:f5:3d:8f:2e:6c:96:1c:e0:eb:bb:39:
6e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:3C:67:7E:36:92:F4:1F:49:FC:AF:07:BC:08:0B:87:7A:69:5B:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8898007d-2aed-42e4-9438-5ce1854de163.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:1000::/40
Signature Algorithm: sha256WithRSAEncryption
53:2f:90:06:e2:cc:59:19:52:b1:d5:95:ef:5b:cc:78:a4:78:
76:b6:5e:ab:84:21:cd:2e:cf:93:96:4f:5d:32:d7:c2:68:15:
b1:13:92:32:66:15:29:7c:d5:d5:f9:30:7a:14:96:2a:54:1b:
32:20:e7:ce:73:1a:f8:ac:8c:cd:1d:d0:d9:8c:c7:a0:18:a5:
5c:0c:f5:f6:e7:3d:25:c3:0e:7f:63:11:10:1c:9b:3f:fd:f5:
2a:52:00:3d:f7:87:97:ae:f6:b1:f5:46:30:81:4f:f3:44:bf:
ec:7b:87:fa:db:23:26:09:72:ca:17:e3:6d:27:49:c0:4c:e9:
d2:25:b6:46:96:2c:9c:19:f5:1d:9e:86:cc:90:3b:95:8f:d0:
a8:ec:90:9c:99:40:92:a6:05:ab:5d:b2:e3:bf:e5:df:e2:7b:
7a:7a:33:26:cf:22:3a:06:e1:5a:44:b7:27:d6:40:9a:91:5e:
d8:36:3c:0c:98:5b:a9:d2:9f:e0:6e:7f:89:b1:83:64:04:ff:
9d:31:96:5d:a7:6b:8b:de:eb:90:67:04:8d:50:9f:51:2f:44:
dd:fe:a2:66:a7:d1:1c:71:45:92:e6:66:4d:f5:32:b7:f0:28:
b1:d4:5a:86:54:fd:72:f6:62:dd:47:49:d1:63:bd:03:25:c2:
92:93:77:b6
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUCoLJQBAegEvcXWSAr9L9tlGpGdMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTcwMDAwMDBaFw0yNTAxMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGJmZTNhOWQ0Mjk2NmVmYWE2NmVkOTEyMWMxNmE1OWU5YTllYTEzYmVmODNh
ZjY4Y2ZjZGNjMDg0Njg0ZGI3Y2YxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL4FGvRUTyLC1sUMCmlPyLJMuySWnVXtx8Q+I0RgC7Zt6Pl263YpnelCtC/y
Ly5oKU2EySNoJN0AMjyhsIL8lWIxpEJY4qCZNeLYGm8Ynkb7B4jIrrcintASIvth
afVNO4XZwsTpkadZWi4LYkDmMGo6V6Lx8Vd9WxsD5myUnIda5wZ2PTduU1nLmYI/
ydY4PgrJjfUuk3AMOKrLNZDI9m7kYVODiTJoXUHOCxDdQtcfGRDjTg2mnal03rAD
gFNrB+ItIDi7Bc2e+A51JTq9amOX0jLiHOHJBMDjtHdu500i/V8HDl2zVWiPnu9L
14FHjZe/RvU9jy5slhzg67s5blkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8PGd+
NpL0H0n8rwe8CAuHemlbkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg5ODAwN2QtMmFlZC00MmU0LTk0MzgtNWNlMTg1NGRlMTYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBTL5AG4sxZGVKx1ZXvW8x4pHh2tl6rhCHNLs+T
lk9dMtfCaBWxE5IyZhUpfNXV+TB6FJYqVBsyIOfOcxr4rIzNHdDZjMegGKVcDPX2
5z0lww5/YxEQHJs//fUqUgA994eXrvax9UYwgU/zRL/se4f62yMmCXLKF+NtJ0nA
TOnSJbZGliycGfUdnobMkDuVj9Co7JCcmUCSpgWrXbLjv+Xf4nt6ejMmzyI6BuFa
RLcn1kCakV7YNjwMmFup0p/gbn+JsYNkBP+dMZZdp2uL3uuQZwSNUJ9RL0Td/qJm
p9EccUWS5mZN9TK38Cix1FqGVP1y9mLdR0nRY70DJcKSk3e2
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:10:56 2025 by rpki-client