Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c44d3640-5b10-4e27-a9a8-e3a689b9244e.roa
File: c44d3640-5b10-4e27-a9a8-e3a689b9244e.roa (raw, json)
Hash identifier: Q44PoIedwKEMzK8vozWgZDNEKS8FcgxmtT5JVjKyqDA=
Subject key identifier: 22:92:5F:5F:47:7D:74:4C:5B:6E:EE:80:C7:6F:F1:BE:FC:63:3A:AE
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0750CE688FB54E8824E7622CDE17F74BDEFF2A6F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c44d3640-5b10-4e27-a9a8-e3a689b9244e.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:50:ce:68:8f:b5:4e:88:24:e7:62:2c:de:17:f7:4b:de:ff:2a:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=f5257267e59eb44abd0ba14ccb66afaa8c90b2bd6200c9ea6f17d3b119d4b7f7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:2d:04:9e:cc:02:8a:d6:11:e0:09:7e:45:d9:
f2:33:8d:b7:d0:7f:a6:da:04:f2:c7:01:e8:53:25:
24:40:a0:11:7a:06:e6:c7:b1:ee:b9:85:9d:e5:be:
bb:de:eb:4c:06:c8:37:2e:e8:1c:82:30:d1:ad:51:
af:f2:0a:31:4a:3f:3e:f3:63:b9:eb:42:f8:8e:27:
87:2c:76:4c:cd:24:a1:65:96:32:73:ab:ae:9a:04:
0b:34:98:75:53:47:20:b7:1a:a2:b4:81:98:0f:c8:
67:ed:26:5c:82:eb:3c:25:d6:b7:ba:ec:56:fd:94:
c0:cc:5a:51:ff:e7:81:03:e6:7f:bc:a4:65:ea:2c:
26:36:52:d7:2f:1d:ec:3f:ba:e2:88:2a:db:c0:bd:
5d:76:de:86:d4:4c:65:6c:f7:8e:9c:2b:70:f0:a1:
cc:df:08:dd:38:fc:65:a3:4b:6f:04:bf:a8:a6:44:
8e:57:24:05:30:4f:3b:ac:c3:4f:42:d9:8e:3e:c0:
51:4b:69:ac:17:1a:7e:79:35:d3:22:f2:2d:5e:34:
c9:58:9a:e3:80:6b:78:5b:31:d6:71:70:9e:be:8e:
f4:eb:cf:2f:67:09:09:e7:d4:f4:9c:69:60:b6:42:
ef:14:93:7d:f6:bf:d2:ba:0b:c8:4d:33:db:bb:00:
7c:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:92:5F:5F:47:7D:74:4C:5B:6E:EE:80:C7:6F:F1:BE:FC:63:3A:AE
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c44d3640-5b10-4e27-a9a8-e3a689b9244e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:8000::/40
Signature Algorithm: sha256WithRSAEncryption
1a:28:00:1f:9d:56:b6:39:02:9f:c2:30:4d:f0:23:b3:14:82:
94:e7:45:25:7b:05:56:33:87:6c:78:15:99:b9:ab:19:b7:fa:
ff:2b:8d:e0:38:62:fc:62:f9:21:ef:71:90:04:42:04:d3:80:
b1:fa:b5:ac:2d:da:90:87:68:88:0a:9b:d0:30:9c:2f:70:69:
d4:aa:32:16:03:b9:c0:52:7b:cc:a5:c1:68:70:ef:9e:a1:a9:
88:01:cd:a1:70:a0:da:13:b5:ef:0d:a6:6d:9b:71:9a:cd:96:
a8:f5:4c:96:c9:06:c2:6a:7c:47:c3:14:3e:24:2c:33:e8:02:
13:41:11:4f:af:fe:89:83:a0:43:1f:20:97:29:4c:92:a4:19:
ed:7c:1d:28:1a:48:df:02:43:94:c4:8d:7f:e9:8d:d8:40:bf:
6b:8a:e6:85:86:f4:5d:29:35:65:bc:6d:1d:80:1f:e5:85:93:
4b:0a:40:b9:c8:23:87:31:44:e1:be:8e:19:f6:5f:29:b1:30:
11:fd:68:06:87:c0:3b:7c:0d:7a:c8:6e:96:62:45:58:36:89:
76:37:9e:b8:1e:7c:dd:af:db:c8:aa:a5:c5:71:27:fe:52:e6:
10:7e:f1:f0:18:65:a8:2e:9a:41:8f:6c:6a:6b:30:9c:f1:c5:
ba:b0:5c:06
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUB1DOaI+1Togk52Is3hf3S97/Km8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY1MjU3MjY3ZTU5ZWI0NGFiZDBiYTE0Y2NiNjZhZmFhOGM5MGIyYmQ2MjAw
YzllYTZmMTdkM2IxMTlkNGI3ZjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALstBJ7MAorWEeAJfkXZ8jONt9B/ptoE8scB6FMlJECgEXoG5sex7rmFneW+
u97rTAbINy7oHIIw0a1Rr/IKMUo/PvNjuetC+I4nhyx2TM0koWWWMnOrrpoECzSY
dVNHILcaorSBmA/IZ+0mXILrPCXWt7rsVv2UwMxaUf/ngQPmf7ykZeosJjZS1y8d
7D+64ogq28C9XXbehtRMZWz3jpwrcPChzN8I3Tj8ZaNLbwS/qKZEjlckBTBPO6zD
T0LZjj7AUUtprBcafnk10yLyLV40yVia44BreFsx1nFwnr6O9OvPL2cJCefU9Jxp
YLZC7xSTffa/0roLyE0z27sAfKcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQikl9f
R310TFtu7oDHb/G+/GM6rjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzQ0ZDM2NDAtNWIxMC00ZTI3LWE5YTgtZTNhNjg5YjkyNDRlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HyA
MA0GCSqGSIb3DQEBCwUAA4IBAQAaKAAfnVa2OQKfwjBN8COzFIKU50UlewVWM4ds
eBWZuasZt/r/K43gOGL8Yvkh73GQBEIE04Cx+rWsLdqQh2iICpvQMJwvcGnUqjIW
A7nAUnvMpcFocO+eoamIAc2hcKDaE7XvDaZtm3GazZao9UyWyQbCanxHwxQ+JCwz
6AITQRFPr/6Jg6BDHyCXKUySpBntfB0oGkjfAkOUxI1/6Y3YQL9riuaFhvRdKTVl
vG0dgB/lhZNLCkC5yCOHMUThvo4Z9l8psTAR/WgGh8A7fA16yG6WYkVYNol2N564
Hnzdr9vIqqXFcSf+UuYQfvHwGGWoLppBj2xqazCc8cW6sFwG
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:21 2025 by rpki-client