Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ecb3878-2618-4a84-8b0d-b24f8a80bcfe.roa
File: 0ecb3878-2618-4a84-8b0d-b24f8a80bcfe.roa (raw, json)
Hash identifier: A++SWbBp0mygDiVvs7dgj8DUiwxNeBoMrK0JtvgpD38=
Subject key identifier: 27:A1:98:93:44:79:AF:59:A8:62:E1:89:BE:44:22:3F:4B:5A:53:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 384A925704B7AE7B02712BDC446FF7E5B12AE684
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ecb3878-2618-4a84-8b0d-b24f8a80bcfe.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:4a:92:57:04:b7:ae:7b:02:71:2b:dc:44:6f:f7:e5:b1:2a:e6:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:95:5a:68:f8:d6:71:c7:65:15:c3:60:cc:69:
39:7b:e9:34:8f:2c:aa:df:30:65:56:78:18:8c:e9:
35:1c:05:7a:72:47:8e:d3:00:ef:ad:bf:9c:68:81:
d3:16:9e:da:fa:7b:5c:e8:98:e7:67:cc:4f:b8:dc:
de:cc:1c:34:f3:66:59:d4:5a:b2:8c:f0:88:4f:93:
54:68:ab:5f:42:e2:4f:d4:51:8e:9a:a6:e6:96:93:
01:36:ac:91:f0:2c:fb:5a:3b:06:e5:b4:1c:3b:ab:
e0:be:02:08:21:b8:68:de:8d:56:11:3a:2a:58:3a:
37:ee:bd:46:90:eb:be:5a:e8:66:f9:7b:16:1c:52:
53:90:fa:39:64:da:21:fe:90:97:6a:8b:12:50:80:
92:01:94:d7:41:fb:11:79:37:1f:82:43:23:9a:fc:
5c:81:e1:88:f8:50:77:53:73:61:16:50:bb:ab:03:
f1:a8:0d:43:9c:b0:5a:2b:7b:2f:57:d2:24:cf:4d:
a8:a3:a4:1f:b8:42:df:60:a3:3c:06:dc:d7:eb:12:
7f:73:bf:dc:75:af:df:c1:4e:5f:0b:13:2c:4d:5c:
16:b8:3d:8c:15:c0:72:34:e5:af:6b:a8:fb:0e:b0:
ab:66:84:6f:ab:48:de:3c:1c:dd:d5:10:86:45:68:
0c:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:A1:98:93:44:79:AF:59:A8:62:E1:89:BE:44:22:3F:4B:5A:53:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0ecb3878-2618-4a84-8b0d-b24f8a80bcfe.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:2000::/40
Signature Algorithm: sha256WithRSAEncryption
45:04:fd:3c:6e:5c:d4:65:49:59:2b:d9:a9:6b:75:a6:4a:f1:
80:de:ab:b7:9c:ff:05:f9:80:27:23:77:42:9b:ef:b5:9c:09:
1a:98:aa:f8:a4:88:b3:c5:d9:f5:27:0a:5e:0b:28:e7:0b:09:
74:ef:22:b7:62:ef:ab:8c:22:24:a7:71:6a:79:ac:4a:1d:9e:
f6:a9:0e:94:67:4a:d4:32:78:59:9b:fe:8f:a3:fb:1e:b1:dc:
72:be:09:e1:0f:78:71:82:d7:ee:86:74:a4:38:0a:20:29:9c:
a0:cf:a8:e0:b0:8e:8b:b3:3c:f7:09:f9:d7:ac:07:b4:44:98:
60:e3:bb:f8:1c:bb:8a:0d:0b:12:d3:30:37:dc:f7:2f:93:b8:
e5:c0:45:21:9a:cd:39:ff:04:c9:39:f3:ab:41:59:ca:7c:dc:
f2:85:db:3f:29:5b:7a:e9:47:59:27:80:22:eb:08:35:11:70:
ab:58:6b:3a:43:d0:cd:96:73:42:28:c9:bb:e7:c0:7b:26:2c:
9b:6c:02:4f:82:d2:4a:2f:bc:7d:af:ea:9a:26:ad:e4:c9:fe:
4c:02:b2:a4:11:8c:01:ce:d5:e7:af:5b:03:a8:2c:59:6c:2e:
2b:0a:7a:c7:30:d9:70:35:c7:e2:aa:7a:09:35:43:4c:01:61:
d7:f5:5d:3d
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOEqSVwS3rnsCcSvcRG/35bEq5oQwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDliMjUwYzMzYTI1MTBiMjYyZjJkZjFlNjQ3MGQzNjRkZDNlZDU3MzhkM2M3
Yzg0NGQ5YTE1YjlhYmE5NjJlY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGVWmj41nHHZRXDYMxpOXvpNI8sqt8wZVZ4GIzpNRwFenJHjtMA762/nGiB
0xae2vp7XOiY52fMT7jc3swcNPNmWdRasozwiE+TVGirX0LiT9RRjpqm5paTATas
kfAs+1o7BuW0HDur4L4CCCG4aN6NVhE6Klg6N+69RpDrvlroZvl7FhxSU5D6OWTa
If6Ql2qLElCAkgGU10H7EXk3H4JDI5r8XIHhiPhQd1NzYRZQu6sD8agNQ5ywWit7
L1fSJM9NqKOkH7hC32CjPAbc1+sSf3O/3HWv38FOXwsTLE1cFrg9jBXAcjTlr2uo
+w6wq2aEb6tI3jwc3dUQhkVoDN8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQnoZiT
RHmvWahi4Ym+RCI/S1pT2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGVjYjM4NzgtMjYxOC00YTg0LThiMGQtYjI0ZjhhODBiY2ZlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hsg
MA0GCSqGSIb3DQEBCwUAA4IBAQBFBP08blzUZUlZK9mpa3WmSvGA3qu3nP8F+YAn
I3dCm++1nAkamKr4pIizxdn1JwpeCyjnCwl07yK3Yu+rjCIkp3FqeaxKHZ72qQ6U
Z0rUMnhZm/6Po/sesdxyvgnhD3hxgtfuhnSkOAogKZygz6jgsI6Lszz3CfnXrAe0
RJhg47v4HLuKDQsS0zA33Pcvk7jlwEUhms05/wTJOfOrQVnKfNzyhds/KVt66UdZ
J4Ai6wg1EXCrWGs6Q9DNlnNCKMm758B7JiybbAJPgtJKL7x9r+qaJq3kyf5MArKk
EYwBztXnr1sDqCxZbC4rCnrHMNlwNcfiqnoJNUNMAWHX9V09
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:41 2025 by rpki-client