Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f25924f8-f3da-4eb4-b047-fdbfbc8e41e9.roa
File: f25924f8-f3da-4eb4-b047-fdbfbc8e41e9.roa (raw, json)
Hash identifier: u7pMx+MjVh/EPFzeVS1nMHjsHuR65TNDqghrDqBAgoc=
Subject key identifier: 6C:6C:C2:54:AE:83:26:1E:D8:2E:E9:BF:45:8A:E0:AA:AC:68:68:C2
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 794EDE6115892E88636B43987F26740E6D33386C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f25924f8-f3da-4eb4-b047-fdbfbc8e41e9.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:4e:de:61:15:89:2e:88:63:6b:43:98:7f:26:74:0e:6d:33:38:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=0e00e213ab7b78e4c46756c36087bcb5097a9da1efc6d3ba31c331bde2b73ec1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:71:69:0f:d3:6c:51:a7:08:73:61:88:92:e9:
f8:e9:f9:4c:4a:b9:d5:a5:ed:8f:25:41:8c:f9:d8:
8a:e7:a4:9b:a5:8c:4b:4a:16:47:58:cf:30:76:30:
a7:91:57:28:3f:5a:9b:7c:b5:f4:4b:e5:8e:b4:e0:
24:cc:16:25:7b:52:96:21:a8:0a:03:eb:8b:9c:70:
5c:dd:f8:d7:32:cc:25:0e:67:5f:41:94:a1:1d:c3:
e9:d4:ea:50:c5:77:6d:4e:01:7d:db:9a:56:b7:82:
d7:d5:f8:29:70:00:6d:8a:25:c4:37:e5:36:c9:4c:
c2:67:11:80:3a:7e:39:ae:16:7b:28:41:80:60:73:
78:d8:f0:df:db:2d:02:d2:71:14:7d:97:68:3c:98:
18:71:b0:a4:12:1b:18:99:62:10:6b:b2:46:ee:4d:
df:ec:a4:76:92:7d:d7:37:2b:c8:57:9c:48:f2:47:
2a:25:c1:a2:66:c9:c7:90:fe:f5:e7:28:0c:00:83:
a4:40:08:a0:b1:22:30:5c:29:d2:9b:eb:57:de:e6:
b3:ac:bc:29:4c:8f:ea:6c:4d:98:e7:5b:81:f4:59:
3c:73:c9:26:8b:48:77:bd:b4:79:40:57:36:3a:df:
79:1e:e8:f4:9d:ed:68:02:c0:5f:ad:ad:9a:49:45:
bf:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:6C:C2:54:AE:83:26:1E:D8:2E:E9:BF:45:8A:E0:AA:AC:68:68:C2
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f25924f8-f3da-4eb4-b047-fdbfbc8e41e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:4000::/40
Signature Algorithm: sha256WithRSAEncryption
20:0e:2a:3c:18:20:4f:72:d9:08:b5:68:9a:31:52:0e:f0:76:
b9:ae:6c:b9:48:fb:28:ba:ea:f8:6b:2f:95:28:71:e3:65:ac:
ef:cb:98:80:ad:9e:39:31:87:fc:1c:06:70:d1:56:a7:a9:57:
a2:52:79:8c:d9:2e:f9:92:d5:97:7e:71:6f:db:05:ef:c0:06:
49:38:d9:74:e3:fd:9b:80:45:9b:57:0c:58:2c:32:8a:6c:ae:
b8:2f:a5:6c:54:c5:6f:69:b1:06:3e:0d:fd:e5:b3:90:32:9f:
ac:01:6f:ac:7c:b7:23:e7:5f:d0:ac:5f:99:55:e8:b0:24:fd:
ad:65:b5:cd:55:9b:61:7a:bf:b0:8a:ca:f2:93:dc:b8:3b:a0:
19:7f:7b:be:49:9d:8c:f6:95:b6:0f:21:ca:b8:1d:82:3b:42:
47:5f:56:c5:69:19:09:44:d1:f8:ee:b5:ba:f1:53:51:15:c1:
d2:d7:c8:2e:58:bc:5c:4e:e4:4c:f1:ab:74:57:a5:f5:59:a6:
e4:f2:59:de:8a:a8:2d:a8:7d:ea:c2:48:58:1e:be:a2:ea:3c:
84:4a:a0:3d:6c:1c:87:2f:7f:f7:f3:80:f2:39:22:74:4a:02:
0b:06:f8:d4:8c:50:b0:1f:5c:53:bd:62:a2:20:a3:35:0a:c4:
a3:69:66:27
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeU7eYRWJLohja0OYfyZ0Dm0zOGwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDBlMDBlMjEzYWI3Yjc4ZTRjNDY3NTZjMzYwODdiY2I1MDk3YTlkYTFlZmM2
ZDNiYTMxYzMzMWJkZTJiNzNlYzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMpxaQ/TbFGnCHNhiJLp+On5TEq51aXtjyVBjPnYiuekm6WMS0oWR1jPMHYw
p5FXKD9am3y19EvljrTgJMwWJXtSliGoCgPri5xwXN341zLMJQ5nX0GUoR3D6dTq
UMV3bU4BfduaVreC19X4KXAAbYolxDflNslMwmcRgDp+Oa4WeyhBgGBzeNjw39st
AtJxFH2XaDyYGHGwpBIbGJliEGuyRu5N3+ykdpJ91zcryFecSPJHKiXBombJx5D+
9ecoDACDpEAIoLEiMFwp0pvrV97ms6y8KUyP6mxNmOdbgfRZPHPJJotId720eUBX
NjrfeR7o9J3taALAX62tmklFvwcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRsbMJU
roMmHtgu6b9FiuCqrGhowjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjI1OTI0ZjgtZjNkYS00ZWI0LWIwNDctZmRiZmJjOGU0MWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HdA
MA0GCSqGSIb3DQEBCwUAA4IBAQAgDio8GCBPctkItWiaMVIO8Ha5rmy5SPsouur4
ay+VKHHjZazvy5iArZ45MYf8HAZw0VanqVeiUnmM2S75ktWXfnFv2wXvwAZJONl0
4/2bgEWbVwxYLDKKbK64L6VsVMVvabEGPg395bOQMp+sAW+sfLcj51/QrF+ZVeiw
JP2tZbXNVZther+wisryk9y4O6AZf3u+SZ2M9pW2DyHKuB2CO0JHX1bFaRkJRNH4
7rW68VNRFcHS18guWLxcTuRM8at0V6X1Wabk8lneiqgtqH3qwkhYHr6i6jyESqA9
bByHL3/384DyOSJ0SgILBvjUjFCwH1xTvWKiIKM1CsSjaWYn
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:18 2025 by rpki-client