Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef44119-0cae-4a43-ad5a-98103c19e39b.roa
File: 1ef44119-0cae-4a43-ad5a-98103c19e39b.roa (raw, json)
Hash identifier: N6W5khti1rEljtGQirLujF/l1DkFii34M8QkzbSWTwg=
Subject key identifier: E4:8B:60:47:F7:78:64:F4:87:5D:62:E0:77:21:B4:03:11:55:BB:1C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B1DCAD7B9ED3A6B44F85E56DC63E03952557E58
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef44119-0cae-4a43-ad5a-98103c19e39b.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:e000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:1d:ca:d7:b9:ed:3a:6b:44:f8:5e:56:dc:63:e0:39:52:55:7e:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:81:79:19:dc:2a:ec:1d:64:36:60:25:50:29:
c1:37:64:4c:ae:c0:5e:04:e5:fd:d6:42:33:a4:e8:
80:6a:86:64:c4:bd:fe:a9:76:b0:04:d1:27:45:24:
4f:89:c8:27:2c:32:af:4b:db:d1:c8:a7:8e:4f:95:
1f:67:95:94:85:54:6f:a6:48:76:b5:5b:f3:af:3f:
22:e3:b7:df:c1:3d:2a:e2:b1:a9:0d:57:4b:df:bb:
4e:54:6d:86:54:7a:e3:1a:3e:63:71:31:dd:8d:82:
34:64:de:9e:75:96:91:68:a6:f2:f8:19:e6:f3:02:
e3:65:b9:8a:ff:9d:1e:58:7c:dc:46:e8:e2:7a:1a:
c6:0f:ff:58:d9:23:73:98:85:48:74:a7:f6:a6:4b:
f4:6f:aa:47:17:f6:59:ef:d8:da:67:ca:88:a1:c0:
bb:62:d8:71:a5:c8:50:f6:ab:14:44:e1:55:74:40:
0f:86:d1:06:99:12:03:a9:38:9c:96:79:fd:86:60:
40:51:47:ca:58:cc:9d:83:47:c4:b7:68:4b:f2:11:
15:55:b3:5b:5c:2d:3a:20:ef:7d:80:eb:4f:fb:9a:
17:de:4c:8a:1d:d4:b2:7d:3b:84:5c:d6:32:74:de:
62:75:af:1d:0b:75:c5:70:d0:4d:5f:81:77:d2:f7:
93:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:8B:60:47:F7:78:64:F4:87:5D:62:E0:77:21:B4:03:11:55:BB:1C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1ef44119-0cae-4a43-ad5a-98103c19e39b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:e000::/40
Signature Algorithm: sha256WithRSAEncryption
53:28:45:6e:8b:4d:0d:d5:ef:e4:00:df:5d:f5:ad:19:d2:40:
39:c1:45:82:f3:15:3a:6e:45:2c:47:1e:ee:e1:f9:7d:d2:8b:
73:8c:a2:b7:27:1d:c4:4a:b4:28:bc:a4:4e:f6:52:ee:63:87:
0e:56:8f:94:52:18:b8:c6:b9:4e:44:fe:6a:94:ff:37:d4:00:
45:61:5d:7e:ec:27:93:eb:74:1a:03:ac:3b:72:91:77:19:aa:
38:69:a5:90:27:8b:51:4a:2f:d6:ab:27:a6:c6:c7:35:75:df:
40:90:8f:dc:6d:36:b3:b2:ab:28:80:e0:a7:2e:4f:72:e5:07:
63:cc:c1:2e:c8:a8:3d:d7:73:e9:d1:8c:a7:4f:07:77:a9:f6:
76:64:b4:72:5b:2d:65:f2:a9:1d:cb:fd:5c:da:3a:9f:7b:4a:
81:d6:57:32:d8:60:28:67:b5:dd:1e:0d:ef:48:58:0d:03:a1:
d3:1c:a0:7e:3a:26:52:6e:6d:cc:09:8a:88:70:61:ea:20:85:
6e:d5:dd:00:a9:cd:48:7e:a3:02:0f:59:6e:46:3f:92:5e:f0:
57:b0:a6:39:22:33:b8:f7:f1:99:83:50:62:6e:02:7e:8a:b0:
b9:19:c6:77:b1:c1:83:94:7d:2b:c9:4c:29:85:f8:99:c7:19:
16:cd:f6:d9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUex3K17ntOmtE+F5W3GPgOVJVflgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4OTE2ZDU3MTc1ZWU2ZDVhYzBlZTJiNjg4OTQzYTgxOGVhODdkMDYwOGVj
NWMxOWI4NDc1YTY3ZGI2NTM0MmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+BeRncKuwdZDZgJVApwTdkTK7AXgTl/dZCM6TogGqGZMS9/ql2sATRJ0Uk
T4nIJywyr0vb0cinjk+VH2eVlIVUb6ZIdrVb868/IuO338E9KuKxqQ1XS9+7TlRt
hlR64xo+Y3Ex3Y2CNGTennWWkWim8vgZ5vMC42W5iv+dHlh83Ebo4noaxg//WNkj
c5iFSHSn9qZL9G+qRxf2We/Y2mfKiKHAu2LYcaXIUParFEThVXRAD4bRBpkSA6k4
nJZ5/YZgQFFHyljMnYNHxLdoS/IRFVWzW1wtOiDvfYDrT/uaF95Mih3Usn07hFzW
MnTeYnWvHQt1xXDQTV+Bd9L3k2MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTki2BH
93hk9IddYuB3IbQDEVW7HDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWVmNDQxMTktMGNhZS00YTQzLWFkNWEtOTgxMDNjMTllMzliLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HLg
MA0GCSqGSIb3DQEBCwUAA4IBAQBTKEVui00N1e/kAN9d9a0Z0kA5wUWC8xU6bkUs
Rx7u4fl90otzjKK3Jx3ESrQovKRO9lLuY4cOVo+UUhi4xrlORP5qlP831ABFYV1+
7CeT63QaA6w7cpF3Gao4aaWQJ4tRSi/Wqyemxsc1dd9AkI/cbTazsqsogOCnLk9y
5QdjzMEuyKg913Pp0YynTwd3qfZ2ZLRyWy1l8qkdy/1c2jqfe0qB1lcy2GAoZ7Xd
Hg3vSFgNA6HTHKB+OiZSbm3MCYqIcGHqIIVu1d0Aqc1IfqMCD1luRj+SXvBXsKY5
IjO49/GZg1BibgJ+irC5GcZ3scGDlH0ryUwphfiZxxkWzfbZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:45:30 2025 by rpki-client