Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef4f5658-1df5-4b15-b458-c8609229af7f.roa
File: ef4f5658-1df5-4b15-b458-c8609229af7f.roa (raw, json)
Hash identifier: spZl5lljvAc/zT8LP8TMCJdAXLksSJTK8a6ASbqZH7g=
Subject key identifier: 75:32:C2:06:A9:01:76:86:7E:4F:FD:F9:E0:2A:A4:A9:1C:55:73:94
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 0D644839860CB5CD38F3B111D7726EDD43D80473
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef4f5658-1df5-4b15-b458-c8609229af7f.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:5000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0d:64:48:39:86:0c:b5:cd:38:f3:b1:11:d7:72:6e:dd:43:d8:04:73
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=3c06cd5da53012f57a28c64172c404035fda7949d69d79f0fa0770c232f805fd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9e:b4:b5:f7:06:cf:87:a4:f5:f9:37:50:d3:
4c:6b:a1:4e:9a:73:22:65:26:fb:b6:c4:c9:86:f4:
6d:60:56:6f:51:7f:2e:cd:c4:68:3c:e9:72:8e:c0:
55:b7:62:cb:39:00:4c:05:b6:6a:2c:66:7c:c4:1b:
50:f8:b1:0e:9f:5d:fd:3b:68:0f:39:9f:f5:f4:4a:
0c:a1:fc:ee:cf:84:26:97:a9:ee:37:b0:51:0b:36:
e4:e3:5f:4f:3a:0e:18:83:5e:1c:ef:ed:94:3a:9c:
89:8c:6f:da:f2:d8:79:3f:2f:2f:03:a6:83:49:ff:
5a:94:50:b4:0a:cc:72:b6:e5:8f:e5:1f:32:33:94:
f8:88:a5:af:25:0d:87:2f:f8:63:ff:11:0f:04:40:
42:21:1f:9f:c8:58:f7:ad:4a:fe:82:82:20:65:60:
c8:37:d8:3b:59:4b:78:f0:5e:18:46:34:78:83:42:
41:af:97:2e:76:06:28:50:d8:91:b9:da:fc:f7:d7:
c3:f9:fd:64:1e:81:cc:7c:f8:ec:cb:3d:22:d3:82:
6f:c6:09:ae:3c:6b:cf:4b:d0:92:0f:10:25:7a:6e:
05:5e:e4:93:35:1c:76:db:74:2d:a9:c6:82:16:44:
fc:6b:6b:7a:88:62:c0:a6:ec:fd:61:ee:4e:c3:d1:
96:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:32:C2:06:A9:01:76:86:7E:4F:FD:F9:E0:2A:A4:A9:1C:55:73:94
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ef4f5658-1df5-4b15-b458-c8609229af7f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:5000::/40
Signature Algorithm: sha256WithRSAEncryption
a9:ea:7e:5c:74:0c:2f:7e:dd:8a:3b:f6:95:53:6f:c5:ca:78:
64:34:21:ac:a1:83:92:3f:91:67:c4:e1:7a:69:f8:fc:ca:87:
14:f7:18:50:3b:cd:66:48:6a:53:1a:0b:a5:69:73:df:b4:53:
06:31:66:19:03:4c:2f:bd:3d:9a:25:78:71:dd:b8:e7:38:83:
4f:b1:35:11:f1:95:a3:65:1a:63:b6:36:1f:09:9b:75:87:37:
01:2f:dc:81:6f:f4:d2:fe:15:03:65:a3:c8:ef:68:92:01:89:
b2:1e:38:32:a7:01:f5:d0:da:10:7a:1a:70:10:8a:df:83:a5:
3d:9a:eb:9f:0c:01:cc:e1:f8:6a:ef:dd:b1:76:8f:62:e2:e0:
0b:5f:38:c2:99:a1:e8:00:06:89:c3:b8:81:4c:86:b6:c4:6c:
d8:0a:fe:69:93:26:04:91:09:82:da:6f:83:b7:6b:dc:0b:e0:
3b:42:ad:c9:e4:45:5f:56:9c:93:20:97:bf:32:40:bd:2d:05:
08:51:ba:1f:d2:5d:71:37:d7:9f:19:ac:c3:7a:03:19:74:02:
66:04:e7:31:04:2b:0b:9c:0a:d5:0b:fa:89:be:1e:69:41:7d:
bc:fb:68:0f:09:dc:5a:ea:36:26:66:e7:19:8b:6b:e3:65:5c:
56:8f:76:96
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUDWRIOYYMtc0487ER13Ju3UPYBHMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDNjMDZjZDVkYTUzMDEyZjU3YTI4YzY0MTcyYzQwNDAzNWZkYTc5NDlkNjlk
NzlmMGZhMDc3MGMyMzJmODA1ZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALyetLX3Bs+HpPX5N1DTTGuhTppzImUm+7bEyYb0bWBWb1F/Ls3EaDzpco7A
VbdiyzkATAW2aixmfMQbUPixDp9d/TtoDzmf9fRKDKH87s+EJpep7jewUQs25ONf
TzoOGINeHO/tlDqciYxv2vLYeT8vLwOmg0n/WpRQtArMcrblj+UfMjOU+IilryUN
hy/4Y/8RDwRAQiEfn8hY961K/oKCIGVgyDfYO1lLePBeGEY0eINCQa+XLnYGKFDY
kbna/PfXw/n9ZB6BzHz47Ms9ItOCb8YJrjxrz0vQkg8QJXpuBV7kkzUcdtt0LanG
ghZE/GtreohiwKbs/WHuTsPRlt8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR1MsIG
qQF2hn5P/fngKqSpHFVzlDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZWY0ZjU2NTgtMWRmNS00YjE1LWI0NTgtYzg2MDkyMjlhZjdmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCp6n5cdAwvft2KO/aVU2/FynhkNCGsoYOSP5Fn
xOF6afj8yocU9xhQO81mSGpTGgulaXPftFMGMWYZA0wvvT2aJXhx3bjnOINPsTUR
8ZWjZRpjtjYfCZt1hzcBL9yBb/TS/hUDZaPI72iSAYmyHjgypwH10NoQehpwEIrf
g6U9muufDAHM4fhq792xdo9i4uALXzjCmaHoAAaJw7iBTIa2xGzYCv5pkyYEkQmC
2m+Dt2vcC+A7Qq3J5EVfVpyTIJe/MkC9LQUIUbof0l1xN9efGazDegMZdAJmBOcx
BCsLnArVC/qJvh5pQX28+2gPCdxa6jYmZucZi2vjZVxWj3aW
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:21 2025 by rpki-client