Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/161fcf34-55ba-4b5b-863a-e38cd5090da8.roa
File: 161fcf34-55ba-4b5b-863a-e38cd5090da8.roa (raw, json)
Hash identifier: JKwIXhpbGWA89/Zyq+lKf1z8EWpCuhxNavw8zHybjcE=
Subject key identifier: F4:48:2E:FF:DB:BF:9B:6F:DF:5D:BE:97:AD:80:26:FF:99:61:89:02
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 73B165D27B39C7AEB82DDC42C7A7A7C4F1FAB4E2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/161fcf34-55ba-4b5b-863a-e38cd5090da8.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d077:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:b1:65:d2:7b:39:c7:ae:b8:2d:dc:42:c7:a7:a7:c4:f1:fa:b4:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:32:a4:17:4d:fe:f3:61:75:aa:12:43:5a:e3:
5c:14:d2:b0:b8:f0:2b:a6:37:da:52:0c:85:d3:0e:
48:12:ce:2b:0f:71:00:e0:ee:da:29:32:ba:99:87:
b4:44:a6:b5:fe:e0:5b:2d:da:f4:3b:e2:be:5f:ee:
df:44:7f:fd:96:8d:4a:38:af:b6:a0:cf:2b:18:26:
3d:1f:95:26:45:db:03:c8:05:b4:e9:f0:f3:a4:e6:
71:68:06:19:eb:e6:61:66:63:61:10:c0:3b:1a:23:
76:84:02:89:a5:9e:f5:17:79:b6:75:4e:73:fa:e1:
a8:d7:30:ad:58:d2:65:d0:3b:29:8d:0f:ed:7f:3a:
95:ef:fc:0e:3b:6d:15:36:e9:9f:e9:2e:4a:79:ad:
00:89:b1:2d:77:89:5d:6d:79:9e:28:57:22:b9:78:
ea:b5:5d:7d:b1:51:0f:13:29:e0:4f:1d:0a:62:f2:
0e:8b:92:78:94:f7:a8:e5:45:e8:9e:e8:95:15:a7:
f8:d5:17:c8:4b:69:79:e4:10:59:0f:f1:59:71:e5:
42:31:dc:58:01:0e:d7:61:07:97:12:48:3e:a1:97:
99:bc:c8:95:c5:e3:96:0e:21:59:94:94:8e:e3:d0:
c5:d2:34:a7:30:f0:0e:33:be:64:d1:ff:60:33:6b:
c4:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:48:2E:FF:DB:BF:9B:6F:DF:5D:BE:97:AD:80:26:FF:99:61:89:02
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/161fcf34-55ba-4b5b-863a-e38cd5090da8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d077:b000::/40
Signature Algorithm: sha256WithRSAEncryption
0d:46:12:05:09:89:a4:ce:ae:63:30:0b:dc:ed:24:e9:45:11:
c8:29:f5:a9:7d:5c:35:2c:48:cd:f0:4d:c6:56:c0:1f:d1:78:
46:fb:d3:83:2e:62:d5:a7:1c:31:0d:38:ab:1f:d5:69:14:62:
97:92:11:c5:4c:e4:99:35:f4:bc:c4:20:a5:e0:7e:22:55:f3:
84:ef:e7:ad:a8:06:15:ab:a2:a6:75:c6:d0:b2:0f:ce:70:ec:
17:aa:86:c9:5a:6e:84:2f:5d:99:65:fc:db:6f:d2:ab:09:87:
3b:e7:26:7f:f2:09:96:e4:ab:83:35:84:1f:48:e9:40:99:42:
04:dd:b1:d0:be:cd:73:94:a7:82:ec:84:46:3b:87:05:c7:85:
46:44:dc:b3:3c:09:9e:d9:4e:53:30:3b:6b:8c:4a:0c:52:8c:
1d:b8:32:be:d6:e6:6c:c5:d0:6e:06:d9:77:d0:02:57:f2:92:
62:ed:1e:fd:71:51:74:dc:61:df:54:91:42:65:34:66:17:13:
57:17:dc:34:27:3f:13:5e:a6:83:5f:4b:60:ce:1c:b6:85:42:
e6:42:b3:53:5e:64:88:0f:32:4a:bd:31:8e:65:8e:aa:dc:44:
a3:cb:b8:54:f5:9a:2e:15:86:6c:19:49:af:66:26:ff:ce:15:
ed:16:ed:9f
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUc7Fl0ns5x664LdxCx6enxPH6tOIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGMyMGQxNTUzNTFmZjIxNjZlZDZjOGE0NzlkNjExY2NmYmZjMGU4ZmJkNGEz
ZDU4MDI4Y2Q2MzM0YmYzNTAyZTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKkypBdN/vNhdaoSQ1rjXBTSsLjwK6Y32lIMhdMOSBLOKw9xAODu2ikyupmH
tESmtf7gWy3a9Dvivl/u30R//ZaNSjivtqDPKxgmPR+VJkXbA8gFtOnw86TmcWgG
GevmYWZjYRDAOxojdoQCiaWe9Rd5tnVOc/rhqNcwrVjSZdA7KY0P7X86le/8Djtt
FTbpn+kuSnmtAImxLXeJXW15nihXIrl46rVdfbFRDxMp4E8dCmLyDouSeJT3qOVF
6J7olRWn+NUXyEtpeeQQWQ/xWXHlQjHcWAEO12EHlxJIPqGXmbzIlcXjlg4hWZSU
juPQxdI0pzDwDjO+ZNH/YDNrxOUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT0SC7/
27+bb99dvpetgCb/mWGJAjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTYxZmNmMzQtNTViYS00YjViLTg2M2EtZTM4Y2Q1MDkwZGE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hew
MA0GCSqGSIb3DQEBCwUAA4IBAQANRhIFCYmkzq5jMAvc7STpRRHIKfWpfVw1LEjN
8E3GVsAf0XhG+9ODLmLVpxwxDTirH9VpFGKXkhHFTOSZNfS8xCCl4H4iVfOE7+et
qAYVq6KmdcbQsg/OcOwXqobJWm6EL12ZZfzbb9KrCYc75yZ/8gmW5KuDNYQfSOlA
mUIE3bHQvs1zlKeC7IRGO4cFx4VGRNyzPAme2U5TMDtrjEoMUowduDK+1uZsxdBu
Btl30AJX8pJi7R79cVF03GHfVJFCZTRmFxNXF9w0Jz8TXqaDX0tgzhy2hULmQrNT
XmSIDzJKvTGOZY6q3ESjy7hU9ZouFYZsGUmvZib/zhXtFu2f
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:32 2025 by rpki-client