Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa
File: c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa (raw, json)
Hash identifier: lZ03gj5N9luXz59Eofs5+SESvSisBV399FEc/ve7Szs=
Subject key identifier: FC:CC:9F:F0:8B:2B:A8:C4:95:D4:A8:D8:FC:07:AE:23:F6:46:0F:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 550EA15E545BFC46CF8D47493BEE680E684D2DBD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.34.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:0e:a1:5e:54:5b:fc:46:cf:8d:47:49:3b:ee:68:0e:68:4d:2d:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=7eb2306e17a5dfc0b1eb662600b5841c993831030895e6d6a778047bc4d88621, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:67:93:eb:ec:c2:0b:43:1c:34:78:80:6d:a6:
74:94:d1:3e:da:5a:fd:af:49:f4:aa:82:ee:97:69:
31:c3:e7:dc:ed:0f:59:03:15:29:71:f7:ff:61:7a:
95:64:a5:84:a3:4f:8d:3f:16:2e:5d:94:d8:a9:2f:
42:67:8d:9a:c5:0c:35:52:3b:50:44:88:83:5b:a9:
80:a9:7d:ce:70:f5:ec:72:e2:d9:1e:5f:93:0d:e6:
5b:66:f9:92:89:6b:a1:cb:e9:2d:c4:af:7e:ab:99:
28:8d:99:4e:12:cf:12:2c:ac:ad:b2:96:5a:ab:25:
ca:72:14:45:78:bb:cc:b0:21:95:18:b9:22:29:44:
c1:f9:10:1b:48:4a:0b:99:b6:60:ad:53:dc:6f:ae:
ce:e4:6e:89:b9:0b:af:a3:e9:36:50:6a:a5:11:a0:
e9:4f:fd:44:80:46:2c:65:db:60:84:cb:32:da:ac:
aa:9e:70:c8:11:41:51:eb:ff:de:5c:49:10:a7:99:
ee:8f:aa:e3:4f:56:2a:8a:43:69:e1:82:14:08:2a:
34:b2:95:c0:00:2e:9a:a9:c4:92:58:2b:55:92:b7:
62:0e:c7:f0:35:49:de:79:fc:f4:4b:fe:0e:3e:b4:
52:1e:59:db:47:a5:33:fe:5e:ee:27:a4:3c:bc:3f:
7e:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:CC:9F:F0:8B:2B:A8:C4:95:D4:A8:D8:FC:07:AE:23:F6:46:0F:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c2f218f6-1edd-4d3d-a03c-7d9a289fe4a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.34.0.0/16
Signature Algorithm: sha256WithRSAEncryption
42:d9:4b:97:8f:4b:bb:ee:1b:a4:18:8a:cb:98:bd:de:9c:8d:
b4:53:5b:58:83:74:5e:49:9a:5b:9a:a6:00:3b:6a:93:07:67:
69:ee:d7:58:bd:84:6e:cb:7f:0b:a2:94:97:1b:7b:b3:14:06:
09:18:0f:4a:4a:6f:9a:63:4b:b0:24:a7:d8:a5:37:79:30:e6:
df:54:93:bf:d7:83:80:aa:88:75:b2:29:28:9d:40:38:fb:5a:
c5:5b:31:68:2c:31:e1:24:d9:f5:01:13:94:c8:51:e8:ac:e4:
40:34:44:6d:e1:5d:b1:10:75:b6:2c:f2:e7:9e:62:c5:74:10:
48:28:45:65:bd:f0:40:a7:52:b5:02:90:da:eb:bd:99:ec:83:
6d:d9:d0:ff:b3:ef:03:64:2e:e2:47:9d:60:19:db:1a:b7:58:
38:95:5c:14:ed:1b:47:fb:7c:75:c6:de:0d:89:04:0a:bf:e4:
a5:56:23:b0:97:17:ca:7b:aa:2b:71:13:53:bf:d6:6e:10:fc:
c5:6f:44:f5:96:e7:71:d7:90:1d:36:f1:d3:8f:0b:74:3d:fe:
de:fb:09:15:3a:c3:85:11:7c:9f:9f:bd:1e:c7:bd:32:b1:c0:
98:02:bf:52:49:34:af:c6:54:67:34:00:e8:b8:75:6b:59:24:
ab:0f:2f:59
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgIUVQ6hXlRb/EbPjUdJO+5oDmhNLb0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlYjIzMDZlMTdhNWRmYzBiMWViNjYyNjAwYjU4NDFjOTkzODMxMDMwODk1
ZTZkNmE3NzgwNDdiYzRkODg2MjExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVnk+vswgtDHDR4gG2mdJTRPtpa/a9J9KqC7pdpMcPn3O0PWQMVKXH3/2F6
lWSlhKNPjT8WLl2U2KkvQmeNmsUMNVI7UESIg1upgKl9znD17HLi2R5fkw3mW2b5
kolrocvpLcSvfquZKI2ZThLPEiysrbKWWqslynIURXi7zLAhlRi5IilEwfkQG0hK
C5m2YK1T3G+uzuRuibkLr6PpNlBqpRGg6U/9RIBGLGXbYITLMtqsqp5wyBFBUev/
3lxJEKeZ7o+q409WKopDaeGCFAgqNLKVwAAumqnEklgrVZK3Yg7H8DVJ3nn89Ev+
Dj60Uh5Z20elM/5e7iekPLw/fgcCAwEAAaOCAiAwggIcMB0GA1UdDgQWBBT8zJ/w
iyuoxJXUqNj8B64j9kYPGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzJmMjE4ZjYtMWVkZC00ZDNkLWEwM2MtN2Q5YTI4OWZlNGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEwBQMDALAiMA0G
CSqGSIb3DQEBCwUAA4IBAQBC2UuXj0u77hukGIrLmL3enI20U1tYg3ReSZpbmqYA
O2qTB2dp7tdYvYRuy38LopSXG3uzFAYJGA9KSm+aY0uwJKfYpTd5MObfVJO/14OA
qoh1sikonUA4+1rFWzFoLDHhJNn1AROUyFHorORANERt4V2xEHW2LPLnnmLFdBBI
KEVlvfBAp1K1ApDa672Z7INt2dD/s+8DZC7iR51gGdsat1g4lVwU7RtH+3x1xt4N
iQQKv+SlViOwlxfKe6orcRNTv9ZuEPzFb0T1ludx15AdNvHTjwt0Pf7e+wkVOsOF
EXyfn70ex70yscCYAr9SSTSvxlRnNADouHVrWSSrDy9Z
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:22 2025 by rpki-client