Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0beb299-e5e8-486a-bd15-27ef2c646a41.roa
File: e0beb299-e5e8-486a-bd15-27ef2c646a41.roa (raw, json)
Hash identifier: fFcCOAM9r6sG+40irOQdmRglOm5lhdrzbE+M8Sp2tyk=
Subject key identifier: 2E:A0:E7:13:F0:6D:90:E3:CF:EC:43:8E:F1:78:36:59:44:DC:6D:34
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 484BB43BBD0ED546314B47D3DEFC2C8474363A2B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0beb299-e5e8-486a-bd15-27ef2c646a41.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:c000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:4b:b4:3b:bd:0e:d5:46:31:4b:47:d3:de:fc:2c:84:74:36:3a:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: serialNumber=c17b5d790491f820fc7cbca2522e724c486f90994ea33cf12d90a58f247b1756, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:52:83:3f:57:86:ef:b2:40:86:aa:57:a8:6c:
3f:a3:53:8f:a7:79:42:b7:52:37:7e:9b:c1:44:67:
d2:9e:3d:86:cc:c9:c6:fb:a6:cf:09:44:a6:6f:5e:
8c:e8:c3:47:66:f0:23:d2:92:a0:49:ef:c6:e6:2e:
b1:b7:4d:7a:e3:b6:da:f9:82:c0:3e:3e:d1:7b:f5:
3c:d9:75:f0:55:5d:ed:6d:48:19:14:f2:8f:04:12:
41:ed:7f:49:3c:0c:29:4e:34:2c:1a:c9:bb:0e:1d:
7f:03:2d:1e:e9:7b:d1:d4:0d:ee:19:9e:77:5d:a8:
9f:b0:6f:83:3f:0c:e5:9e:07:7f:9a:a8:b9:19:c0:
96:9f:e8:71:a3:a6:a2:92:ab:0e:1d:9f:93:13:bc:
10:c9:3c:71:0e:20:f6:85:72:09:21:b1:98:30:32:
5b:07:50:03:7c:36:a1:60:4f:f3:63:93:6c:97:aa:
44:f0:91:8c:6c:0b:d6:f2:e0:3d:d8:13:32:d2:d3:
8f:d0:ea:7a:c6:15:b3:f7:b0:ee:a6:c3:3f:68:b7:
1e:e8:53:cf:63:3f:9f:2a:58:12:2e:b4:64:35:44:
92:d5:04:a0:08:83:e3:5c:c7:02:b2:c9:e4:ae:ef:
16:71:75:0d:75:dc:d3:9b:04:93:95:61:07:fc:05:
10:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:A0:E7:13:F0:6D:90:E3:CF:EC:43:8E:F1:78:36:59:44:DC:6D:34
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e0beb299-e5e8-486a-bd15-27ef2c646a41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:c000::/40
Signature Algorithm: sha256WithRSAEncryption
9c:2e:f3:dc:80:0f:26:7b:30:36:eb:35:ae:52:e0:9c:36:47:
f3:37:71:71:44:e6:c7:0c:4d:14:cf:02:0b:d6:f4:32:a5:d6:
27:f2:21:cc:9e:1b:8a:e8:64:ca:3d:28:dd:c9:15:5d:78:50:
d6:48:3b:13:ec:7d:31:a3:d4:48:9e:f5:89:88:cb:9d:c4:84:
77:e0:59:fd:09:ee:69:0d:23:e3:14:ba:d4:b5:b3:b6:d9:4e:
72:9e:57:9d:4b:69:7d:0b:f9:dc:91:f2:cd:a0:aa:a8:98:82:
35:d1:03:aa:8f:13:52:04:a7:1a:3c:70:cc:8e:d6:e7:e5:6b:
32:85:ff:1f:91:2a:bd:99:eb:d3:42:4f:4d:05:c0:0c:19:90:
f5:ad:7e:23:83:5a:f5:e8:fd:63:0e:35:d7:3b:62:b3:32:69:
58:7b:28:4c:e4:83:ad:16:08:05:56:b7:e4:c8:28:78:77:09:
33:30:a0:b6:f6:c6:ff:ac:31:c8:41:55:33:3e:ea:81:48:08:
3b:8e:f8:1c:90:1a:ea:dd:55:d6:7b:89:1e:81:95:72:85:a8:
83:8c:6b:6b:a8:f0:a5:4f:6a:ae:65:51:d9:52:03:0c:aa:ee:
14:71:22:ac:b1:7a:1f:de:73:86:d7:a6:00:af:9a:98:f0:fb:
4a:2b:87:c2
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSEu0O70O1UYxS0fT3vwshHQ2OiswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTcwMDAwMDBaFw0yNTAxMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMxN2I1ZDc5MDQ5MWY4MjBmYzdjYmNhMjUyMmU3MjRjNDg2ZjkwOTk0ZWEz
M2NmMTJkOTBhNThmMjQ3YjE3NTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALZSgz9Xhu+yQIaqV6hsP6NTj6d5QrdSN36bwURn0p49hszJxvumzwlEpm9e
jOjDR2bwI9KSoEnvxuYusbdNeuO22vmCwD4+0Xv1PNl18FVd7W1IGRTyjwQSQe1/
STwMKU40LBrJuw4dfwMtHul70dQN7hmed12on7Bvgz8M5Z4Hf5qouRnAlp/ocaOm
opKrDh2fkxO8EMk8cQ4g9oVyCSGxmDAyWwdQA3w2oWBP82OTbJeqRPCRjGwL1vLg
PdgTMtLTj9DqesYVs/ew7qbDP2i3HuhTz2M/nypYEi60ZDVEktUEoAiD41zHArLJ
5K7vFnF1DXXc05sEk5VhB/wFENsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQuoOcT
8G2Q48/sQ47xeDZZRNxtNDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZTBiZWIyOTktZTVlOC00ODZhLWJkMTUtMjdlZjJjNjQ2YTQxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DbA
MA0GCSqGSIb3DQEBCwUAA4IBAQCcLvPcgA8mezA26zWuUuCcNkfzN3FxRObHDE0U
zwIL1vQypdYn8iHMnhuK6GTKPSjdyRVdeFDWSDsT7H0xo9RInvWJiMudxIR34Fn9
Ce5pDSPjFLrUtbO22U5ynledS2l9C/nckfLNoKqomII10QOqjxNSBKcaPHDMjtbn
5Wsyhf8fkSq9mevTQk9NBcAMGZD1rX4jg1r16P1jDjXXO2KzMmlYeyhM5IOtFggF
VrfkyCh4dwkzMKC29sb/rDHIQVUzPuqBSAg7jvgckBrq3VXWe4kegZVyhaiDjGtr
qPClT2quZVHZUgMMqu4UcSKssXof3nOG16YAr5qY8PtKK4fC
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:12:09 2025 by rpki-client