Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f0d0a35-c437-47b1-a865-6412032f2f2b.roa
File: 1f0d0a35-c437-47b1-a865-6412032f2f2b.roa (raw, json)
Hash identifier: cTnvR/mj9qCA0l/ndvtrhPCxSPBuAymH4wzqO9l4ON8=
Subject key identifier: EF:E1:B4:4B:7D:45:23:18:6C:9B:5E:2D:45:E0:96:03:BB:3C:DA:67
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 39C54D6AAB0481830604A47E86059D516370D209
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f0d0a35-c437-47b1-a865-6412032f2f2b.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:c5:4d:6a:ab:04:81:83:06:04:a4:7e:86:05:9d:51:63:70:d2:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:c5:83:3f:1c:f3:ac:5a:45:78:6c:99:03:08:
ae:f8:39:b5:6a:66:ca:e1:bb:c9:c9:bf:5d:c1:d8:
25:c6:9a:23:2e:87:b4:31:29:19:d3:1d:04:02:dd:
16:47:4c:58:d6:aa:69:54:53:2c:3b:59:56:5c:f6:
0a:75:2b:6e:6e:cd:6b:76:ff:0b:2e:5b:5a:50:72:
1b:c8:f0:f2:9a:83:5d:3d:3e:38:a5:37:fd:34:dc:
f1:11:32:83:e0:b8:a7:c0:db:5f:02:cf:52:52:9d:
78:d7:b2:e3:24:98:e0:e0:aa:34:3a:47:38:db:91:
d9:ab:5c:18:26:04:bf:ba:79:2b:41:7f:b0:c5:dd:
55:21:46:d6:63:4f:b3:d1:4f:cc:9b:20:05:5a:e4:
91:53:16:fa:40:09:c4:75:96:8e:f1:b0:61:3f:b6:
ea:5a:d1:a2:d3:80:14:f6:48:f9:69:bd:41:33:cb:
18:ff:bc:57:16:9b:a6:fb:52:68:0b:cc:f5:1f:09:
ac:9f:df:32:e4:b5:00:4c:7f:87:4a:ec:10:b2:eb:
fe:3d:6e:6d:07:1d:8b:51:52:4c:2e:57:37:97:27:
f8:49:27:d9:39:6f:6c:70:c1:6d:a3:31:b6:1b:87:
fc:8a:5e:54:83:9f:d3:52:14:5a:17:f6:5e:dd:02:
61:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:E1:B4:4B:7D:45:23:18:6C:9B:5E:2D:45:E0:96:03:BB:3C:DA:67
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f0d0a35-c437-47b1-a865-6412032f2f2b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:8000::/40
Signature Algorithm: sha256WithRSAEncryption
17:3a:39:60:70:7b:96:72:76:c7:19:83:83:50:20:38:15:3e:
01:eb:11:c8:37:ef:6b:96:31:89:76:2a:7a:79:6f:21:02:57:
78:3d:a0:1d:11:d5:02:63:ca:93:05:ad:0a:04:a6:ae:76:a1:
ba:ba:15:3b:b4:a9:d3:ee:c8:5f:1d:88:d3:bd:3a:26:5e:59:
39:d2:22:fd:32:1f:ec:5f:aa:98:13:bb:ae:16:ef:4a:9f:34:
3d:b6:b5:e9:b7:99:35:45:32:47:4c:bc:62:1c:19:65:c2:dc:
25:da:78:fc:79:78:b9:71:2e:5c:46:9f:56:ae:db:28:75:bf:
d6:95:7b:d9:05:09:4c:ec:6c:4f:47:85:dd:c6:3f:75:b8:ab:
17:4d:d5:84:fe:13:b2:e4:d1:eb:4f:55:1e:a5:79:16:9f:72:
76:f7:9d:95:46:33:bf:f6:4a:12:b8:05:f3:f0:bd:23:94:f3:
83:87:d9:ad:0b:75:45:c2:50:e9:ca:e6:39:89:ca:31:7e:91:
a7:e4:d0:1f:ec:c0:d3:31:e1:a2:09:a0:03:05:53:7c:20:ba:
39:b8:aa:0b:00:32:f4:2e:43:05:86:5c:cf:38:c8:43:2d:ea:
ca:f5:85:e8:6e:98:af:9d:9f:f9:2f:c8:ad:e3:2b:b5:d1:63:
43:23:97:e8
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOcVNaqsEgYMGBKR+hgWdUWNw0gkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM4YjY4ODM2MjZhMTg2NjQ0ZmJjZDNiMzRiNTYzZmMwNmEyZjc2YjgyNDRk
N2NkNzRjNTU5MmZmNzhkZmYyMWYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMTFgz8c86xaRXhsmQMIrvg5tWpmyuG7ycm/XcHYJcaaIy6HtDEpGdMdBALd
FkdMWNaqaVRTLDtZVlz2CnUrbm7Na3b/Cy5bWlByG8jw8pqDXT0+OKU3/TTc8REy
g+C4p8DbXwLPUlKdeNey4ySY4OCqNDpHONuR2atcGCYEv7p5K0F/sMXdVSFG1mNP
s9FPzJsgBVrkkVMW+kAJxHWWjvGwYT+26lrRotOAFPZI+Wm9QTPLGP+8VxabpvtS
aAvM9R8JrJ/fMuS1AEx/h0rsELLr/j1ubQcdi1FSTC5XN5cn+Ekn2TlvbHDBbaMx
thuH/IpeVIOf01IUWhf2Xt0CYTkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTv4bRL
fUUjGGybXi1F4JYDuzzaZzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWYwZDBhMzUtYzQzNy00N2IxLWE4NjUtNjQxMjAzMmYyZjJiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DaA
MA0GCSqGSIb3DQEBCwUAA4IBAQAXOjlgcHuWcnbHGYODUCA4FT4B6xHIN+9rljGJ
dip6eW8hAld4PaAdEdUCY8qTBa0KBKaudqG6uhU7tKnT7shfHYjTvTomXlk50iL9
Mh/sX6qYE7uuFu9KnzQ9trXpt5k1RTJHTLxiHBllwtwl2nj8eXi5cS5cRp9Wrtso
db/WlXvZBQlM7GxPR4Xdxj91uKsXTdWE/hOy5NHrT1UepXkWn3J2952VRjO/9koS
uAXz8L0jlPODh9mtC3VFwlDpyuY5icoxfpGn5NAf7MDTMeGiCaADBVN8ILo5uKoL
ADL0LkMFhlzPOMhDLerK9YXobpivnZ/5L8it4yu10WNDI5fo
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:15 2025 by rpki-client