Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa
File: eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa (raw, json)
Hash identifier: 7nn5HtBubPnv0A/3fMLRfggP5U3/kqSlZ4TpPlUBwUY=
Subject key identifier: C7:8C:F8:F3:0E:7A:60:D4:76:B1:FD:77:DD:C5:59:37:5A:49:0D:B1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7DF7F9AF861FB9956D72690DCF4350FDA0E761C8
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:f7:f9:af:86:1f:b9:95:6d:72:69:0d:cf:43:50:fd:a0:e7:61:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=eb22a1046082f7b6f376bd274dae1cbfa1cd40a965aed1cee6b7d83d57f6a855, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f3:a4:14:a4:3a:62:d6:dc:91:db:35:04:bc:
e2:44:22:1e:17:95:23:52:9a:79:74:01:26:b5:90:
e1:f4:c3:b7:f7:66:24:dd:18:6e:2e:df:b4:92:a8:
10:c5:90:e9:37:de:64:e4:46:4e:24:76:15:05:78:
94:36:67:f7:3a:40:8b:95:42:b0:0e:90:25:87:c0:
fc:39:28:0c:a1:d6:15:76:f7:80:48:a4:19:ef:a5:
94:43:ea:34:3c:c5:96:c6:77:6b:46:3a:b1:bb:20:
69:5f:98:d2:78:9f:3f:8e:8e:b7:10:a9:62:71:71:
b3:c5:a6:95:dc:83:93:73:89:94:9a:c2:a3:3a:0b:
18:28:65:ce:4c:f3:8c:bf:8e:02:75:03:1f:bc:c6:
ea:44:cf:2d:9b:d4:3e:c2:a4:26:60:f1:9a:9e:db:
ca:0b:a9:40:72:2d:4c:51:5c:22:ea:46:46:c3:5b:
05:07:4f:5f:c6:b7:36:05:a8:8e:e0:08:4a:b0:41:
86:b6:2c:26:52:96:de:b6:70:43:f4:07:4c:05:ce:
06:09:db:2f:c7:dc:28:88:00:f9:73:a9:8e:3d:80:
29:39:71:94:b9:7a:67:20:c8:61:6d:4f:4f:1a:25:
1e:5a:77:80:08:c9:bc:01:a5:6c:f9:c7:1c:59:3c:
06:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:8C:F8:F3:0E:7A:60:D4:76:B1:FD:77:DD:C5:59:37:5A:49:0D:B1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/eb2bc12c-4c4b-47f5-b021-712a27e69a0f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:2000::/40
Signature Algorithm: sha256WithRSAEncryption
97:a5:b3:fa:89:ae:9a:4a:2c:cd:6f:5e:3a:49:e1:9e:e7:6d:
3a:e2:1b:c1:bf:99:a0:e0:6d:c4:6f:62:50:fb:e1:81:b3:42:
48:10:98:8d:9a:2e:45:b1:3f:25:60:4f:a1:4c:33:3c:33:1e:
b8:c0:b0:06:23:80:6d:ca:e7:26:ae:4b:79:16:6a:51:ab:31:
54:81:71:4b:40:68:c9:3d:36:61:d2:74:27:92:fd:c6:e5:5d:
3b:d8:fb:96:2d:e9:a6:76:26:13:36:9e:0d:c7:c9:4d:8b:f0:
0d:85:14:24:af:2d:e4:f9:a5:a4:61:e2:0e:76:82:80:ce:42:
7b:6b:e9:46:bb:f7:d0:ec:52:da:41:3b:d1:af:fb:1b:61:8d:
44:9b:ad:b5:a9:72:28:ca:90:bf:43:c5:74:56:55:83:45:98:
9e:2e:08:5d:1a:b0:cc:8d:fe:49:12:6b:f4:60:56:df:32:7c:
3b:29:53:90:5c:bf:7f:3f:3e:2c:a3:63:29:20:65:b0:d8:0c:
26:4c:5a:06:b6:26:89:f8:4a:22:a4:35:47:f3:e0:df:c6:37:
2d:d3:ff:24:15:ef:f3:e1:67:2d:d9:55:30:b9:28:f5:54:ba:
b3:a6:42:cc:cb:ee:b5:5c:a4:6e:27:e9:62:60:d0:3e:e1:bb:
b4:72:98:70
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfff5r4YfuZVtcmkNz0NQ/aDnYcgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGViMjJhMTA0NjA4MmY3YjZmMzc2YmQyNzRkYWUxY2JmYTFjZDQwYTk2NWFl
ZDFjZWU2YjdkODNkNTdmNmE4NTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJTzpBSkOmLW3JHbNQS84kQiHheVI1KaeXQBJrWQ4fTDt/dmJN0Ybi7ftJKo
EMWQ6TfeZORGTiR2FQV4lDZn9zpAi5VCsA6QJYfA/DkoDKHWFXb3gEikGe+llEPq
NDzFlsZ3a0Y6sbsgaV+Y0nifP46OtxCpYnFxs8WmldyDk3OJlJrCozoLGChlzkzz
jL+OAnUDH7zG6kTPLZvUPsKkJmDxmp7bygupQHItTFFcIupGRsNbBQdPX8a3NgWo
juAISrBBhrYsJlKW3rZwQ/QHTAXOBgnbL8fcKIgA+XOpjj2AKTlxlLl6ZyDIYW1P
TxolHlp3gAjJvAGlbPnHHFk8BtECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTHjPjz
Dnpg1Hax/XfdxVk3WkkNsTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWIyYmMxMmMtNGM0Yi00N2Y1LWIwMjEtNzEyYTI3ZTY5YTBmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0AAg
MA0GCSqGSIb3DQEBCwUAA4IBAQCXpbP6ia6aSizNb146SeGe52064hvBv5mg4G3E
b2JQ++GBs0JIEJiNmi5FsT8lYE+hTDM8Mx64wLAGI4Btyucmrkt5FmpRqzFUgXFL
QGjJPTZh0nQnkv3G5V072PuWLemmdiYTNp4Nx8lNi/ANhRQkry3k+aWkYeIOdoKA
zkJ7a+lGu/fQ7FLaQTvRr/sbYY1Em621qXIoypC/Q8V0VlWDRZieLghdGrDMjf5J
Emv0YFbfMnw7KVOQXL9/Pz4so2MpIGWw2AwmTFoGtiaJ+EoipDVH8+Dfxjct0/8k
Fe/z4Wct2VUwuSj1VLqzpkLMy+61XKRuJ+liYNA+4bu0cphw
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:23 2025 by rpki-client