Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd4f2a8d-bc24-433b-8b8f-218da9419673.roa
File: dd4f2a8d-bc24-433b-8b8f-218da9419673.roa (raw, json)
Hash identifier: pfI/0QejXhKYfSfeg7R+1R8YoMhR8BdF48DTsjODxHY=
Subject key identifier: 91:46:E5:11:1B:F0:32:34:71:20:8E:37:C0:F1:32:E2:84:95:7B:28
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39FCD7F40590668A667B40CA4E819B4FDB6D9CF7
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd4f2a8d-bc24-433b-8b8f-218da9419673.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:a000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:fc:d7:f4:05:90:66:8a:66:7b:40:ca:4e:81:9b:4f:db:6d:9c:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=0338822183907a6a8155c1db8fc220f64b7df0e7dac9f51e58e3283e7f7324a9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:f0:93:2e:6e:8e:1a:60:7a:65:54:c2:be:43:
66:62:28:62:36:56:45:71:21:40:a8:20:a6:0a:15:
9b:12:bb:56:18:01:24:9c:2c:69:e0:e5:9d:73:4d:
80:a6:63:4f:b0:1d:7a:6f:0d:07:37:b0:0c:7c:a1:
86:6a:14:93:ee:d3:c5:3c:36:04:5b:5e:88:ee:07:
86:a4:82:bb:0c:71:a0:e4:42:de:f4:6e:75:c2:6e:
be:cb:9a:0e:05:49:6c:7c:3b:e3:9a:bf:f8:8a:8e:
01:e2:c7:00:48:7e:39:b2:ee:e3:95:72:00:76:76:
7a:c6:2b:ae:f8:2e:75:a6:81:0e:7f:f8:4c:ba:61:
55:1d:1b:7d:62:9f:b5:a5:e6:7a:13:af:c6:33:4c:
74:4c:ca:45:de:0d:08:a0:3b:cf:ff:ea:bc:61:f4:
f6:12:79:04:0d:cd:5c:d8:21:47:72:bd:6e:0b:ee:
5b:4a:e6:96:d0:d2:63:bd:11:5f:e7:6d:23:8b:50:
c8:88:31:f0:fa:1d:1e:4a:53:d8:df:7e:a6:b7:bc:
47:a8:1f:e9:c3:e0:bc:4e:25:eb:1a:f8:4f:fa:35:
e4:e6:f0:7a:a8:17:76:2f:57:ad:af:8d:37:85:c7:
48:cb:a1:77:0a:ec:6d:9d:87:d7:9d:0d:cb:96:83:
af:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:46:E5:11:1B:F0:32:34:71:20:8E:37:C0:F1:32:E2:84:95:7B:28
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/dd4f2a8d-bc24-433b-8b8f-218da9419673.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:a000::/40
Signature Algorithm: sha256WithRSAEncryption
2b:34:58:f1:d3:98:4b:41:72:ff:33:e5:2c:c6:9c:a5:af:58:
26:a8:fb:25:a2:b1:8b:15:2e:1d:9a:76:44:6a:f5:18:11:b3:
b8:69:c1:9d:8e:68:01:ac:67:6c:ad:67:43:12:ec:d3:56:39:
7e:60:74:46:fc:e9:7a:f7:53:ef:f8:8d:85:09:b2:c2:be:21:
c6:ed:37:c7:cc:d7:76:fe:68:18:d2:ad:53:ff:21:f0:e0:0b:
28:fe:4d:a1:0e:30:ef:09:fa:eb:58:e4:01:fd:89:bf:79:08:
e0:1a:12:31:d6:0c:5e:4c:a9:ea:84:c1:f2:29:84:e1:e5:48:
61:19:72:b7:02:73:37:be:30:5f:f4:5a:aa:9d:06:1d:e2:ca:
82:42:e6:86:aa:d9:93:8d:c9:65:cc:8f:21:ae:99:5a:4c:ea:
d3:5c:7c:c3:90:b4:66:5e:f4:f9:66:7f:30:02:14:bf:bc:5d:
60:da:88:3a:8e:53:a6:00:a7:f4:18:cf:8a:56:06:c1:83:30:
ad:0e:59:07:4d:fe:f2:95:01:56:0a:90:34:e3:69:cf:6f:8c:
23:df:5c:fb:2b:83:45:d6:c4:9a:3a:8c:f6:61:dc:ab:40:e0:
a8:f7:9a:79:46:65:06:1a:ea:24:d3:04:ea:7a:21:88:5a:4a:
a1:29:f9:bc
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOfzX9AWQZopme0DKToGbT9ttnPcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTcwMDAwMDBaFw0yNTAxMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQDAzMzg4MjIxODM5MDdhNmE4MTU1YzFkYjhmYzIyMGY2NGI3ZGYwZTdkYWM5
ZjUxZTU4ZTMyODNlN2Y3MzI0YTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN7wky5ujhpgemVUwr5DZmIoYjZWRXEhQKggpgoVmxK7VhgBJJwsaeDlnXNN
gKZjT7Adem8NBzewDHyhhmoUk+7TxTw2BFteiO4HhqSCuwxxoORC3vRudcJuvsua
DgVJbHw745q/+IqOAeLHAEh+ObLu45VyAHZ2esYrrvgudaaBDn/4TLphVR0bfWKf
taXmehOvxjNMdEzKRd4NCKA7z//qvGH09hJ5BA3NXNghR3K9bgvuW0rmltDSY70R
X+dtI4tQyIgx8PodHkpT2N9+pre8R6gf6cPgvE4l6xr4T/o15ObweqgXdi9Xra+N
N4XHSMuhdwrsbZ2H150Ny5aDr9MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSRRuUR
G/AyNHEgjjfA8TLihJV7KDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGQ0ZjJhOGQtYmMyNC00MzNiLThiOGYtMjE4ZGE5NDE5NjczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HSg
MA0GCSqGSIb3DQEBCwUAA4IBAQArNFjx05hLQXL/M+Usxpylr1gmqPslorGLFS4d
mnZEavUYEbO4acGdjmgBrGdsrWdDEuzTVjl+YHRG/Ol691Pv+I2FCbLCviHG7TfH
zNd2/mgY0q1T/yHw4Aso/k2hDjDvCfrrWOQB/Ym/eQjgGhIx1gxeTKnqhMHyKYTh
5UhhGXK3AnM3vjBf9FqqnQYd4sqCQuaGqtmTjcllzI8hrplaTOrTXHzDkLRmXvT5
Zn8wAhS/vF1g2og6jlOmAKf0GM+KVgbBgzCtDlkHTf7ylQFWCpA042nPb4wj31z7
K4NF1sSaOoz2YdyrQOCo95p5RmUGGuok0wTqeiGIWkqhKfm8
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:24 2025 by rpki-client