Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a88367e7-0dbc-4c05-8e09-7593b923bed7.roa
File: a88367e7-0dbc-4c05-8e09-7593b923bed7.roa (raw, json)
Hash identifier: 5U6bTLo0ezxn06Xjjf5sc5OdhRYXNWLZFUQNF/sohSI=
Subject key identifier: 4D:96:16:90:CD:2D:9A:10:45:4D:CC:47:23:C2:2A:A9:01:8E:F3:48
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4662538D03B5B8736C1D8FA4EA031B32C9F64F4C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a88367e7-0dbc-4c05-8e09-7593b923bed7.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:62:53:8d:03:b5:b8:73:6c:1d:8f:a4:ea:03:1b:32:c9:f6:4f:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=57cd67ec8a4ccda72f3d28d995a22be31402ecefac632cd1e249cca15aebf56e, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:fc:87:e9:ec:6b:07:79:79:50:99:0a:e1:2a:
85:c1:eb:95:26:3c:ba:61:cd:f7:c4:14:93:b3:a3:
84:95:58:09:45:8f:e3:1f:73:d5:7f:f8:0a:f3:fe:
55:3a:80:3c:55:cc:d0:ce:9f:bf:bd:89:6c:c9:78:
b9:6b:79:80:2a:3c:d0:fc:0d:1b:a6:46:2a:b8:d0:
3d:1a:71:12:29:e1:fc:67:22:6a:60:a2:21:14:36:
33:7f:e0:64:84:5e:74:ee:f9:98:2c:ae:d4:7b:af:
15:ef:ea:ed:67:20:ce:05:43:29:f3:ac:9f:9c:9a:
8b:b1:3e:a8:6f:b4:58:3b:90:04:bd:db:e7:6d:af:
4e:4b:c9:af:4e:ec:97:40:b9:d6:ca:74:84:6e:3d:
61:4d:c1:2c:8d:79:a0:e4:d7:bb:96:66:b4:04:a9:
4c:27:7f:bb:55:bc:ce:c2:7e:ea:0d:24:4c:e3:8f:
ff:c3:1c:85:c2:19:c7:ff:4c:43:ef:e4:f6:0d:73:
b3:1f:e9:bb:c2:39:27:fa:1c:54:91:ee:5a:a0:05:
df:5d:75:28:74:03:6c:d8:52:7a:c2:de:c9:65:10:
4b:a6:fc:b2:cd:2a:4a:b7:0b:59:12:2a:32:5e:2b:
26:2c:76:38:5d:60:79:a2:fb:6b:2e:f4:a4:a4:f2:
7f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:96:16:90:CD:2D:9A:10:45:4D:CC:47:23:C2:2A:A9:01:8E:F3:48
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a88367e7-0dbc-4c05-8e09-7593b923bed7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:8000::/40
Signature Algorithm: sha256WithRSAEncryption
40:71:8a:d8:c0:01:f0:f8:f2:9f:ea:8f:0f:48:09:54:70:7b:
29:2e:a4:28:1d:05:1a:26:9c:fc:91:2f:5a:5e:13:49:4d:9f:
dd:8b:03:33:cf:3b:dc:3d:e7:b1:78:d0:cf:a8:39:75:b4:48:
95:37:12:85:5e:2b:a3:b0:da:42:23:6f:de:39:71:4b:47:8c:
fc:48:f6:f9:25:f0:59:2d:71:e8:ea:45:98:74:dd:b1:89:cc:
f7:7b:ec:dd:00:75:6c:31:dc:14:6f:2f:23:20:74:a3:af:ea:
7c:54:08:20:28:25:99:33:61:85:b1:71:7f:79:ed:14:29:e0:
37:55:ec:d5:6b:5c:8e:cc:92:73:bb:27:d6:72:86:ae:a1:59:
47:d8:2b:93:68:5f:6a:24:af:a5:00:42:45:14:4c:4a:db:f2:
d6:86:7c:e4:d2:3e:22:f0:01:05:d7:6d:5b:58:a8:26:32:13:
7e:a6:f4:04:6c:7e:95:fb:9a:5d:47:dd:42:42:71:de:4d:58:
51:3f:f2:57:1f:cd:27:0a:b8:32:ad:47:aa:86:c0:55:fd:6d:
47:6f:bf:54:eb:88:16:93:09:70:ab:b9:85:72:fb:15:00:9b:
84:41:32:12:9f:9c:a3:58:f6:71:d3:04:f6:99:14:19:bb:0a:
28:e2:9f:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIURmJTjQO1uHNsHY+k6gMbMsn2T0wwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDU3Y2Q2N2VjOGE0Y2NkYTcyZjNkMjhkOTk1YTIyYmUzMTQwMmVjZWZhYzYz
MmNkMWUyNDljY2ExNWFlYmY1NmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM38h+nsawd5eVCZCuEqhcHrlSY8umHN98QUk7OjhJVYCUWP4x9z1X/4CvP+
VTqAPFXM0M6fv72JbMl4uWt5gCo80PwNG6ZGKrjQPRpxEinh/GciamCiIRQ2M3/g
ZIRedO75mCyu1HuvFe/q7WcgzgVDKfOsn5yai7E+qG+0WDuQBL3b522vTkvJr07s
l0C51sp0hG49YU3BLI15oOTXu5ZmtASpTCd/u1W8zsJ+6g0kTOOP/8MchcIZx/9M
Q+/k9g1zsx/pu8I5J/ocVJHuWqAF3111KHQDbNhSesLeyWUQS6b8ss0qSrcLWRIq
Ml4rJix2OF1geaL7ay70pKTyf5kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRNlhaQ
zS2aEEVNzEcjwiqpAY7zSDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTg4MzY3ZTctMGRiYy00YzA1LThlMDktNzU5M2I5MjNiZWQ3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DqA
MA0GCSqGSIb3DQEBCwUAA4IBAQBAcYrYwAHw+PKf6o8PSAlUcHspLqQoHQUaJpz8
kS9aXhNJTZ/diwMzzzvcPeexeNDPqDl1tEiVNxKFXiujsNpCI2/eOXFLR4z8SPb5
JfBZLXHo6kWYdN2xicz3e+zdAHVsMdwUby8jIHSjr+p8VAggKCWZM2GFsXF/ee0U
KeA3VezVa1yOzJJzuyfWcoauoVlH2CuTaF9qJK+lAEJFFExK2/LWhnzk0j4i8AEF
121bWKgmMhN+pvQEbH6V+5pdR91CQnHeTVhRP/JXH80nCrgyrUeqhsBV/W1Hb79U
64gWkwlwq7mFcvsVAJuEQTISn5yjWPZx0wT2mRQZuwoo4p93
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:21 2025 by rpki-client