Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa
File: bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa (raw, json)
Hash identifier: eHDYS6tBCHfxQl1mdvrFsKkZyXsKEybOyn/BMl+wa+k=
Subject key identifier: 5E:37:0F:73:BF:0B:B9:AB:73:27:36:8A:F5:F3:F4:88:25:86:A6:39
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6167626219B7E63B4CEBE7B3951D1BA749044C29
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:67:62:62:19:b7:e6:3b:4c:eb:e7:b3:95:1d:1b:a7:49:04:4c:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=669934844dbae623c2cf677f64482fd978199388545c4442a5d88e2304c3f4e4, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:ac:8e:21:90:db:f2:a0:5d:5b:81:5c:b1:61:
9b:21:1e:d8:37:31:ec:d5:05:c9:8e:4e:31:31:b8:
41:39:d4:54:64:65:35:6c:e3:8c:10:31:e0:b2:7b:
4f:96:79:cd:76:2f:e8:bd:5b:f5:d9:4f:cb:84:f0:
39:4e:7b:20:cb:14:93:fe:14:cd:0f:94:41:a5:82:
d6:3b:b5:f3:65:9a:65:97:6e:8c:f5:09:b4:24:22:
ca:de:38:d2:9d:d2:12:7c:4f:fb:e5:ec:8c:df:60:
c9:f1:f4:cc:ae:75:48:6c:cb:9e:26:0f:62:a6:11:
40:05:57:1f:06:5a:ad:4a:f8:c4:e6:9f:73:4d:36:
f4:80:f4:db:31:49:ae:d7:95:8f:8b:fd:a2:5f:8c:
a3:a9:60:de:9b:4c:c4:e4:e3:2e:cb:6f:00:ac:43:
ee:93:cf:00:0f:56:ba:ea:46:37:84:65:76:f6:4b:
d5:7f:8c:ac:92:1a:59:90:e2:9a:57:73:54:50:fb:
3b:1b:ec:c5:00:90:57:45:95:37:44:68:e3:d5:09:
47:d7:3d:cc:74:82:67:31:d9:24:25:74:af:90:65:
d5:92:4e:74:6a:59:c3:b5:85:87:2a:ad:0d:90:b0:
a0:91:ad:ae:01:5f:1a:50:fb:e1:be:d4:1e:ce:ff:
c1:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:37:0F:73:BF:0B:B9:AB:73:27:36:8A:F5:F3:F4:88:25:86:A6:39
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/bcc54b09-bf59-4a2e-b56b-ff5ead915cfb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:4000::/40
Signature Algorithm: sha256WithRSAEncryption
00:14:4e:16:90:76:19:97:2b:da:c3:d9:dd:36:2a:52:11:6f:
87:bd:94:07:f9:b0:8a:f4:e2:c3:ab:6c:81:6c:61:70:62:4b:
d2:e2:f0:cc:a7:53:7c:1a:9c:d2:da:b2:c1:33:41:da:c0:04:
aa:b0:78:66:e7:a9:58:6c:e9:49:9f:c6:39:89:be:3d:8f:f8:
5b:da:14:35:1c:c3:04:d2:e6:de:4e:f2:16:fc:3a:3b:e5:8d:
e6:44:2b:e1:c0:38:bd:a0:b8:c7:5b:7d:c2:b5:49:b0:9d:77:
3f:5d:38:d6:c7:59:d7:bc:0b:e3:a3:02:d8:f1:b0:f2:8f:bf:
bb:87:cd:2f:6c:de:60:f1:80:2f:6e:d9:23:cd:db:18:a8:e0:
f5:2a:5a:63:7b:39:e6:b8:75:37:cc:10:f3:1c:6a:6a:6a:dd:
d7:8e:d2:48:1e:22:64:5a:1f:e2:1f:2d:e9:b9:90:ea:a9:e6:
fd:5a:82:f3:09:2e:9b:ba:12:80:cb:ff:74:81:dc:f2:a1:5f:
bb:21:01:20:10:70:5d:b2:85:71:b5:28:41:5f:71:04:6d:74:
fa:c2:63:34:c4:77:35:a4:68:6c:b9:ef:fd:ce:a2:90:03:15:
7f:5d:3a:5c:a8:8d:60:9d:d7:71:a5:0d:a1:5d:6e:cd:7c:36:
3b:86:be:aa
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYWdiYhm35jtM6+ezlR0bp0kETCkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTcwMDAwMDBaFw0yNTAxMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2OTkzNDg0NGRiYWU2MjNjMmNmNjc3ZjY0NDgyZmQ5NzgxOTkzODg1NDVj
NDQ0MmE1ZDg4ZTIzMDRjM2Y0ZTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKWsjiGQ2/KgXVuBXLFhmyEe2Dcx7NUFyY5OMTG4QTnUVGRlNWzjjBAx4LJ7
T5Z5zXYv6L1b9dlPy4TwOU57IMsUk/4UzQ+UQaWC1ju182WaZZdujPUJtCQiyt44
0p3SEnxP++XsjN9gyfH0zK51SGzLniYPYqYRQAVXHwZarUr4xOafc0029ID02zFJ
rteVj4v9ol+Mo6lg3ptMxOTjLstvAKxD7pPPAA9WuupGN4RldvZL1X+MrJIaWZDi
mldzVFD7OxvsxQCQV0WVN0Ro49UJR9c9zHSCZzHZJCV0r5Bl1ZJOdGpZw7WFhyqt
DZCwoJGtrgFfGlD74b7UHs7/wRECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBReNw9z
vwu5q3MnNor18/SIJYamOTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YmNjNTRiMDktYmY1OS00YTJlLWI1NmItZmY1ZWFkOTE1Y2ZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HZA
MA0GCSqGSIb3DQEBCwUAA4IBAQAAFE4WkHYZlyvaw9ndNipSEW+HvZQH+bCK9OLD
q2yBbGFwYkvS4vDMp1N8GpzS2rLBM0HawASqsHhm56lYbOlJn8Y5ib49j/hb2hQ1
HMME0ubeTvIW/Do75Y3mRCvhwDi9oLjHW33CtUmwnXc/XTjWx1nXvAvjowLY8bDy
j7+7h80vbN5g8YAvbtkjzdsYqOD1KlpjeznmuHU3zBDzHGpqat3XjtJIHiJkWh/i
Hy3puZDqqeb9WoLzCS6buhKAy/90gdzyoV+7IQEgEHBdsoVxtShBX3EEbXT6wmM0
xHc1pGhsue/9zqKQAxV/XTpcqI1gnddxpQ2hXW7NfDY7hr6q
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:19 2025 by rpki-client