Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d0fec325-7c8e-4af1-bf98-70b567f223e8.roa
File: d0fec325-7c8e-4af1-bf98-70b567f223e8.roa (raw, json)
Hash identifier: cQD5EJYN1a5RzMdo+bF51bC4Ble8lxNbTE8Q7BqtDIg=
Subject key identifier: 74:CA:96:00:AA:81:9E:BF:80:0E:48:D4:C8:4E:B0:EC:D2:36:32:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4DBCFCDA22BC1C74BFCD9081944BF467FEA7074E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d0fec325-7c8e-4af1-bf98-70b567f223e8.roa
Signing time: Tue 14 Jan 2025 00:00:00 +0000
ROA not before: Tue 14 Jan 2025 00:00:00 +0000
ROA not after: Tue 18 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:bc:fc:da:22:bc:1c:74:bf:cd:90:81:94:4b:f4:67:fe:a7:07:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 14 00:00:00 2025 GMT
Not After : Feb 18 23:59:59 2025 GMT
Subject: serialNumber=db1cf26e3edb2306f9c2b05eb273e6b8dd9fb13b047340343f40bd625dd80c99, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:8f:8e:62:3d:5e:13:2f:32:0f:65:aa:d4:ef:
bb:8e:72:ca:1a:ca:3e:e8:b1:f9:89:96:8b:bc:c9:
94:23:17:21:5d:61:d6:06:e3:1f:80:93:f9:ad:a6:
3e:f2:27:ac:f9:5c:6c:71:9a:4a:66:7e:47:c0:0f:
f2:76:f5:79:27:ec:e5:8a:11:3f:ff:b7:ab:fa:62:
0a:89:52:b7:bc:35:6d:8a:65:86:db:ad:50:56:5d:
31:94:4f:ae:4f:cd:99:7b:7d:8a:b2:b1:12:fd:e9:
43:9c:b2:3b:ce:c4:e1:a2:86:59:e6:3a:0e:a4:d1:
48:e7:6d:21:81:d8:73:26:43:80:67:31:84:03:a5:
ea:cb:1b:d2:91:66:0d:b2:fb:a5:f8:00:d8:15:5d:
f1:ac:71:4f:c5:64:9c:8c:68:64:0b:ca:59:6e:ae:
0d:b9:74:77:ab:5d:8b:e1:6e:a7:f1:66:06:b5:1c:
a2:cc:c9:0c:c7:3d:b1:8d:48:b3:9e:59:5c:95:41:
76:35:50:17:f2:11:8d:89:8c:13:2f:93:60:3d:41:
b6:11:7e:b8:05:65:8f:d1:40:2e:c5:a6:58:1c:73:
9f:8f:28:ee:f2:d8:8d:8d:87:33:69:3a:70:9e:fe:
f9:29:7a:01:b9:92:7f:1e:0a:33:47:88:35:e6:3d:
fa:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:CA:96:00:AA:81:9E:BF:80:0E:48:D4:C8:4E:B0:EC:D2:36:32:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d0fec325-7c8e-4af1-bf98-70b567f223e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040:8000::/40
Signature Algorithm: sha256WithRSAEncryption
89:e4:d2:0e:df:50:05:c1:28:27:a2:10:1a:30:dd:03:47:da:
c8:f7:bf:be:ee:8d:26:e8:37:16:96:3d:c8:8a:82:1d:58:ba:
b5:4e:af:2a:0b:3a:a5:7c:f4:55:44:cf:cf:20:3c:a8:de:1b:
d2:e2:b9:67:7e:02:e9:f9:bb:24:38:39:d0:26:70:80:c5:d6:
ee:85:07:50:08:10:6e:04:1b:30:85:7e:31:55:aa:71:bb:27:
a2:f1:39:e0:93:a8:ac:df:93:eb:d0:c1:26:85:f9:0e:58:5f:
22:9f:85:bc:c7:8b:16:d0:70:c2:a3:ec:f0:04:1b:1a:66:ee:
55:09:75:70:3d:1d:af:93:2f:83:ed:2c:99:d2:38:99:d7:18:
22:29:54:6b:c1:e4:cc:ed:9f:e0:1c:da:5a:94:26:31:0f:f3:
dd:69:22:d5:7b:a1:fe:88:3e:dd:92:1d:27:ec:c4:24:5e:5f:
3e:32:14:ae:d3:0d:13:e2:7b:da:50:8b:44:91:6d:71:84:0f:
c3:41:c8:3f:1c:d7:80:44:eb:2a:2c:6b:3d:07:95:4f:e5:b9:
05:33:2c:c4:eb:1b:d6:40:1e:f7:0d:39:af:33:85:0e:ba:a7:
b8:14:af:5c:f6:64:d6:e1:0d:69:97:bc:c2:d2:09:08:bb:c2:
43:b7:b5:3c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUTbz82iK8HHS/zZCBlEv0Z/6nB04wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMTQwMDAwMDBaFw0yNTAyMTgyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiMWNmMjZlM2VkYjIzMDZmOWMyYjA1ZWIyNzNlNmI4ZGQ5ZmIxM2IwNDcz
NDAzNDNmNDBiZDYyNWRkODBjOTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL6PjmI9XhMvMg9lqtTvu45yyhrKPuix+YmWi7zJlCMXIV1h1gbjH4CT+a2m
PvInrPlcbHGaSmZ+R8AP8nb1eSfs5YoRP/+3q/piColSt7w1bYplhtutUFZdMZRP
rk/NmXt9irKxEv3pQ5yyO87E4aKGWeY6DqTRSOdtIYHYcyZDgGcxhAOl6ssb0pFm
DbL7pfgA2BVd8axxT8VknIxoZAvKWW6uDbl0d6tdi+Fup/FmBrUcoszJDMc9sY1I
s55ZXJVBdjVQF/IRjYmMEy+TYD1BthF+uAVlj9FALsWmWBxzn48o7vLYjY2HM2k6
cJ7++Sl6AbmSfx4KM0eINeY9+kECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR0ypYA
qoGev4AOSNTITrDs0jYyhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDBmZWMzMjUtN2M4ZS00YWYxLWJmOTgtNzBiNTY3ZjIyM2U4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ECA
MA0GCSqGSIb3DQEBCwUAA4IBAQCJ5NIO31AFwSgnohAaMN0DR9rI97++7o0m6DcW
lj3IioIdWLq1Tq8qCzqlfPRVRM/PIDyo3hvS4rlnfgLp+bskODnQJnCAxdbuhQdQ
CBBuBBswhX4xVapxuyei8Tngk6is35Pr0MEmhfkOWF8in4W8x4sW0HDCo+zwBBsa
Zu5VCXVwPR2vky+D7SyZ0jiZ1xgiKVRrweTM7Z/gHNpalCYxD/PdaSLVe6H+iD7d
kh0n7MQkXl8+MhSu0w0T4nvaUItEkW1xhA/DQcg/HNeAROsqLGs9B5VP5bkFMyzE
6xvWQB73DTmvM4UOuqe4FK9c9mTW4Q1pl7zC0gkIu8JDt7U8
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:10:06 2025 by rpki-client