Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcb67d7c-7aab-4a02-ad70-18aaf3211bb4.roa
File: fcb67d7c-7aab-4a02-ad70-18aaf3211bb4.roa (raw, json)
Hash identifier: QdKeaJQOVKu/ciTeGjYlfuq/w81zSUTCIXPszhTL4FY=
Subject key identifier: FB:AB:B2:3F:18:C3:0A:4C:3A:74:43:44:EC:A9:6D:9F:D8:FC:0A:98
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32C210ECAAA9B5FC9DCD29B2FD75C6865FE563C4
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcb67d7c-7aab-4a02-ad70-18aaf3211bb4.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 176.32.64.0/19 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:c2:10:ec:aa:a9:b5:fc:9d:cd:29:b2:fd:75:c6:86:5f:e5:63:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=bc630081e73b4e540cead1ed89a104a58cbf5bcf0e1f5988c4112a56638e7d9f, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:27:8a:90:e2:92:4c:dd:4c:56:23:21:25:eb:
ad:00:8a:92:3f:4b:ab:d6:e0:0d:fd:51:74:cf:9d:
79:5f:cc:1a:13:7a:b1:bf:0c:7c:9e:ba:26:27:d5:
03:39:f3:40:cc:53:ef:94:ca:4f:84:c0:62:67:e1:
2b:4f:99:24:d6:a7:b3:ed:25:db:d5:ce:b4:d9:01:
99:5f:bf:90:94:d2:6f:fa:b2:77:18:c3:7d:a1:52:
3d:d1:12:d3:47:2f:df:20:1c:48:73:fa:1e:86:50:
46:5a:d5:ba:84:d4:ac:9d:53:37:ec:de:4b:44:c0:
76:ac:42:4c:3d:3d:a9:ef:74:94:61:7f:9e:08:9b:
e3:c9:0a:69:0c:aa:65:08:38:83:a4:ee:ed:10:6b:
60:29:d4:b6:7c:1a:6e:c4:94:df:fa:ec:b9:e5:52:
96:08:d9:36:4d:38:07:8c:c8:60:ed:05:d5:d5:97:
84:c1:21:b8:dd:86:4d:78:21:9e:99:9d:6a:c6:69:
cb:88:cc:06:45:d2:92:5f:17:1e:f6:6a:0b:07:40:
00:f1:6d:f4:fe:4a:39:90:4e:72:ac:07:ed:5c:3f:
5c:87:42:13:ec:b3:47:b6:95:92:13:38:b5:38:f5:
3f:48:16:28:63:55:a1:54:12:84:29:52:69:cd:52:
2d:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:AB:B2:3F:18:C3:0A:4C:3A:74:43:44:EC:A9:6D:9F:D8:FC:0A:98
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fcb67d7c-7aab-4a02-ad70-18aaf3211bb4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.32.64.0/19
Signature Algorithm: sha256WithRSAEncryption
17:0e:b9:bc:ff:cc:09:24:2f:a8:59:72:82:b3:9c:fa:bd:c6:
ae:76:07:6e:33:5c:21:d3:3c:22:38:a6:f7:cd:aa:91:47:57:
76:f2:ff:cb:94:c8:2d:64:32:2e:26:30:64:eb:37:dd:1f:15:
b4:35:e3:59:ff:a2:c0:ed:a2:e0:92:e1:c8:49:53:99:fd:6c:
48:54:10:79:33:af:b2:b8:9b:cb:c0:e2:91:57:84:91:4c:4c:
41:54:a9:0c:a1:fd:dc:1b:b3:79:8b:a4:d6:d8:8d:6b:0b:b6:
a7:df:79:56:56:91:7d:cb:d4:86:b3:9e:57:39:7f:2f:e9:7a:
0b:4e:c0:4d:9e:c9:15:54:ac:58:3d:41:15:73:dc:cb:66:d1:
ff:d3:c3:93:85:fa:07:6e:b7:39:71:86:2e:bb:9d:4a:99:eb:
81:80:9b:83:2c:59:da:5b:53:17:94:c7:26:f9:d6:4d:ce:77:
3e:9f:e6:7a:0a:8b:cc:03:51:70:1b:98:a8:28:c5:65:01:fb:
60:b6:b4:e5:2e:77:c2:01:17:d5:8f:96:e6:11:e4:91:2a:6a:
7d:e2:83:35:c6:42:15:06:30:ec:c4:c6:5c:9d:98:b9:11:5d:
c6:6d:d1:20:25:0e:0e:45:36:09:20:f6:f9:34:6d:da:28:3a:
7b:c4:75:fe
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUMsIQ7KqptfydzSmy/XXGhl/lY8QwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGJjNjMwMDgxZTczYjRlNTQwY2VhZDFlZDg5YTEwNGE1OGNiZjViY2YwZTFm
NTk4OGM0MTEyYTU2NjM4ZTdkOWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOonipDikkzdTFYjISXrrQCKkj9Lq9bgDf1RdM+deV/MGhN6sb8MfJ66JifV
AznzQMxT75TKT4TAYmfhK0+ZJNans+0l29XOtNkBmV+/kJTSb/qydxjDfaFSPdES
00cv3yAcSHP6HoZQRlrVuoTUrJ1TN+zeS0TAdqxCTD09qe90lGF/ngib48kKaQyq
ZQg4g6Tu7RBrYCnUtnwabsSU3/rsueVSlgjZNk04B4zIYO0F1dWXhMEhuN2GTXgh
npmdasZpy4jMBkXSkl8XHvZqCwdAAPFt9P5KOZBOcqwH7Vw/XIdCE+yzR7aVkhM4
tTj1P0gWKGNVoVQShClSac1SLb8CAwEAAaOCAiEwggIdMB0GA1UdDgQWBBT7q7I/
GMMKTDp0Q0TsqW2f2PwKmDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmNiNjdkN2MtN2FhYi00YTAyLWFkNzAtMThhYWYzMjExYmI0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBbAgQDAN
BgkqhkiG9w0BAQsFAAOCAQEAFw65vP/MCSQvqFlygrOc+r3GrnYHbjNcIdM8Ijim
982qkUdXdvL/y5TILWQyLiYwZOs33R8VtDXjWf+iwO2i4JLhyElTmf1sSFQQeTOv
sriby8DikVeEkUxMQVSpDKH93BuzeYuk1tiNawu2p995VlaRfcvUhrOeVzl/L+l6
C07ATZ7JFVSsWD1BFXPcy2bR/9PDk4X6B263OXGGLrudSpnrgYCbgyxZ2ltTF5TH
JvnWTc53Pp/megqLzANRcBuYqCjFZQH7YLa05S53wgEX1Y+W5hHkkSpqfeKDNcZC
FQYw7MTGXJ2YuRFdxm3RICUODkU2CSD2+TRt2ig6e8R1/g==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:23 2025 by rpki-client