Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d55bd886-2285-488d-b8bc-e03afc73f218.roa
File: d55bd886-2285-488d-b8bc-e03afc73f218.roa (raw, json)
Hash identifier: +mTY/v1LAByOSUjdrjw72v4KtqbrIgWejiGy8W0WKmo=
Subject key identifier: F7:2F:25:90:7F:F4:7D:DE:79:A0:F8:17:5D:10:1C:3D:F4:BC:14:27
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 33D86B708F5E82E09F4179491655DEFF0540F4B4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d55bd886-2285-488d-b8bc-e03afc73f218.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:c000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:d8:6b:70:8f:5e:82:e0:9f:41:79:49:16:55:de:ff:05:40:f4:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=ed3618226950b5c2320b94cf78b4d1aeef84610c261c9e9b69f39531fa379095, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:31:23:10:d7:a4:f4:55:2c:b0:46:4f:22:4b:
b0:d3:fb:61:06:f9:68:82:c0:b4:97:f8:d8:52:74:
0c:7e:a0:a3:d8:ab:06:ef:99:92:27:03:0e:90:32:
08:f4:42:ab:19:4f:66:e8:d6:b2:d9:07:4a:7f:27:
4e:32:6f:ff:9e:1a:82:44:ab:8f:b9:1f:51:58:b4:
18:6e:4a:26:1a:d0:e9:77:3b:87:28:c2:ed:3e:ca:
5d:5d:3d:f5:27:00:93:16:3a:f3:eb:2d:65:ec:aa:
97:1f:75:d7:a2:d9:62:a0:7c:58:4e:e7:61:13:75:
f5:3c:fe:06:57:8a:a5:ad:99:5e:d7:fe:a0:d5:a4:
92:a2:dd:c1:fa:c5:e6:c6:b2:89:ee:36:85:94:4a:
79:58:99:9d:52:bf:d1:fb:96:e5:62:5d:1f:ee:5d:
9e:de:95:58:f5:a4:e3:64:f3:20:3f:00:d0:11:43:
3c:8d:0c:99:0b:5c:90:64:a2:6f:c7:9d:f2:93:30:
61:b8:9e:ea:e0:ab:14:a5:eb:3b:ec:31:da:84:d0:
87:2a:d1:dc:7b:d1:81:e9:50:da:fb:37:13:ab:0e:
f3:12:74:da:2c:58:9a:57:2f:17:13:b8:f2:a1:f5:
51:f1:3f:c0:ae:b5:7c:29:74:b3:a6:05:d9:49:54:
f3:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:2F:25:90:7F:F4:7D:DE:79:A0:F8:17:5D:10:1C:3D:F4:BC:14:27
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d55bd886-2285-488d-b8bc-e03afc73f218.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:c000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:7b:d7:44:fe:7f:30:36:41:19:a7:17:07:3e:84:0e:88:15:
7f:96:91:24:b0:d2:c8:99:e8:c8:9a:2d:3e:d3:b4:10:7b:31:
40:e3:fd:79:93:85:f1:58:ef:1a:31:c0:26:22:01:0c:45:f7:
96:98:35:29:db:59:ad:c8:ba:62:4d:fc:de:f2:d0:2d:a3:4b:
95:ca:71:ce:37:37:d0:80:5c:a2:98:e6:59:26:e3:45:db:27:
2c:1b:4b:21:25:32:2e:8f:11:02:e8:9a:a4:df:53:88:32:23:
a2:0c:e3:b7:0d:57:5e:2f:3e:ce:90:93:37:db:d2:b3:9b:04:
5b:d0:65:e7:34:a1:28:53:44:59:c4:b2:e9:ef:41:e6:62:8f:
7b:0c:ec:a8:19:dc:37:76:1f:cd:e0:1d:e6:49:0e:a3:96:0d:
21:bf:5e:b8:c2:51:19:4d:6f:45:cd:49:1e:94:16:38:91:ac:
5e:66:a6:58:d2:14:56:80:f2:4d:5d:d4:27:86:35:25:81:9c:
c0:d8:47:35:96:e0:b4:cb:d7:b6:18:fc:3e:39:77:05:4f:a7:
5f:61:aa:db:cf:41:a9:bc:88:d7:91:00:4d:02:c6:e8:d6:15:
27:32:ff:4b:d2:78:36:0f:63:d0:82:92:fb:1b:8c:73:53:10:
51:42:2f:18
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUM9hrcI9eguCfQXlJFlXe/wVA9LQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkMzYxODIyNjk1MGI1YzIzMjBiOTRjZjc4YjRkMWFlZWY4NDYxMGMyNjFj
OWU5YjY5ZjM5NTMxZmEzNzkwOTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANYxIxDXpPRVLLBGTyJLsNP7YQb5aILAtJf42FJ0DH6go9irBu+ZkicDDpAy
CPRCqxlPZujWstkHSn8nTjJv/54agkSrj7kfUVi0GG5KJhrQ6Xc7hyjC7T7KXV09
9ScAkxY68+stZeyqlx9116LZYqB8WE7nYRN19Tz+BleKpa2ZXtf+oNWkkqLdwfrF
5sayie42hZRKeViZnVK/0fuW5WJdH+5dnt6VWPWk42TzID8A0BFDPI0MmQtckGSi
b8ed8pMwYbie6uCrFKXrO+wx2oTQhyrR3HvRgelQ2vs3E6sO8xJ02ixYmlcvFxO4
8qH1UfE/wK61fCl0s6YF2UlU8xECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT3LyWQ
f/R93nmg+BddEBw99LwUJzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDU1YmQ4ODYtMjI4NS00ODhkLWI4YmMtZTAzYWZjNzNmMjE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HvA
MA0GCSqGSIb3DQEBCwUAA4IBAQCoe9dE/n8wNkEZpxcHPoQOiBV/lpEksNLImejI
mi0+07QQezFA4/15k4XxWO8aMcAmIgEMRfeWmDUp21mtyLpiTfze8tAto0uVynHO
NzfQgFyimOZZJuNF2ycsG0shJTIujxEC6Jqk31OIMiOiDOO3DVdeLz7OkJM329Kz
mwRb0GXnNKEoU0RZxLLp70HmYo97DOyoGdw3dh/N4B3mSQ6jlg0hv164wlEZTW9F
zUkelBY4kaxeZqZY0hRWgPJNXdQnhjUlgZzA2Ec1luC0y9e2GPw+OXcFT6dfYarb
z0GpvIjXkQBNAsbo1hUnMv9L0ng2D2PQgpL7G4xzUxBRQi8Y
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:10:57 2025 by rpki-client