Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f464258-0474-440d-a470-1340ccbaf796.roa
File: 1f464258-0474-440d-a470-1340ccbaf796.roa (raw, json)
Hash identifier: 98NTVhJ++jjqXk7dEX7wlF4LG8RsnJFsCn4dEqtMhMU=
Subject key identifier: 9A:54:19:74:F0:4B:3F:76:FC:EE:44:20:D7:1E:A7:C3:74:EC:98:88
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 375EC165D51FD47D615E8DE88428041CB6EDB8C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f464258-0474-440d-a470-1340ccbaf796.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:5e:c1:65:d5:1f:d4:7d:61:5e:8d:e8:84:28:04:1c:b6:ed:b8:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5d:38:69:4c:02:ae:bc:db:c5:b3:44:c8:27:
9e:aa:f6:37:e1:ae:46:58:c0:05:1c:65:b7:98:5d:
49:99:87:02:92:59:b0:e0:e5:5d:ee:13:79:d9:03:
b1:f3:fc:2d:70:7c:bd:7a:c1:db:01:1c:7c:97:f1:
cc:1f:b9:4f:7a:ce:6f:f0:3a:e9:21:e4:6e:9e:a2:
07:52:c9:79:bd:6d:3f:33:25:0d:d3:b4:1f:d2:f9:
be:6c:03:1a:db:99:d1:29:7f:a4:3b:9d:09:a3:27:
b8:3c:11:b6:65:e5:9c:42:b1:1a:47:a0:de:be:3d:
cc:84:9e:81:82:d9:23:a1:b3:aa:f1:b0:80:6b:30:
41:f1:94:c8:d9:68:6b:a0:d5:bb:6f:b8:27:3d:dc:
59:3c:81:a9:a4:ab:b4:ed:f8:58:7e:d5:1e:a8:dd:
ce:6c:28:fa:a7:1e:bd:88:0e:12:d8:19:a2:19:cc:
73:70:b9:75:4f:15:a6:5c:d2:4b:7e:a8:11:7f:58:
26:15:9b:ef:6e:73:a7:79:ca:bb:5c:0c:9e:c9:e1:
82:16:35:dd:0f:09:0b:00:39:16:8f:a5:0e:81:19:
ca:80:d2:61:fc:c2:75:f5:d7:0e:5d:b7:55:b6:ed:
50:03:6a:07:ba:17:c0:39:95:c6:3c:bd:63:4d:03:
70:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:54:19:74:F0:4B:3F:76:FC:EE:44:20:D7:1E:A7:C3:74:EC:98:88
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f464258-0474-440d-a470-1340ccbaf796.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:2000::/40
Signature Algorithm: sha256WithRSAEncryption
29:ad:47:b3:32:0f:a4:2f:ac:ca:68:f7:d2:ba:0c:e1:1d:51:
d8:a6:ba:77:21:97:33:59:c0:18:ab:a5:08:42:be:f6:35:95:
a5:b4:74:5d:ac:82:e5:80:53:ae:18:b8:b0:7c:b5:73:a6:e9:
f4:f5:35:4e:77:50:9d:d5:5d:a3:85:b1:3a:10:c2:64:fc:bf:
0b:73:d5:14:cc:aa:71:75:47:42:40:13:b6:39:1b:f2:bb:2a:
fe:93:74:a3:f3:10:dc:5f:59:b3:c9:c3:78:6f:fc:cf:93:18:
ed:16:89:64:f2:34:5b:29:82:e4:22:c3:11:67:d4:bb:fa:30:
6d:60:46:f4:5d:b2:8e:07:df:f2:33:a7:da:86:36:cf:2e:5f:
ec:35:3f:cd:ae:e0:89:65:ee:30:26:ad:6f:1b:6c:84:13:a6:
6d:11:b3:98:0d:90:23:5a:92:07:07:ec:e7:63:48:e9:77:4f:
86:aa:77:dc:32:2b:c2:4d:91:ec:4b:2a:ec:72:cd:1d:cf:5d:
45:c3:a5:9d:42:6b:da:15:e4:51:b1:1c:25:04:93:eb:12:f5:
a8:a0:bb:ac:3f:22:15:0e:67:3e:41:54:d7:57:1a:fb:a6:6e:
61:5f:ca:35:e1:fb:75:bf:1e:b2:1e:ef:89:c5:51:68:bd:e4:
9a:5b:a4:27
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN17BZdUf1H1hXo3ohCgEHLbtuMAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDM2ODRhZDMwM2E2YjYyMmY4Y2I4MDU5Zjg1MmI0NjE3YWExZjYwYjQzZmUx
ZTkyNDg0MmQwNDVlNDI5ZDYwNTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKZdOGlMAq6828WzRMgnnqr2N+GuRljABRxlt5hdSZmHApJZsODlXe4TedkD
sfP8LXB8vXrB2wEcfJfxzB+5T3rOb/A66SHkbp6iB1LJeb1tPzMlDdO0H9L5vmwD
GtuZ0Sl/pDudCaMnuDwRtmXlnEKxGkeg3r49zISegYLZI6GzqvGwgGswQfGUyNlo
a6DVu2+4Jz3cWTyBqaSrtO34WH7VHqjdzmwo+qcevYgOEtgZohnMc3C5dU8VplzS
S36oEX9YJhWb725zp3nKu1wMnsnhghY13Q8JCwA5Fo+lDoEZyoDSYfzCdfXXDl23
VbbtUANqB7oXwDmVxjy9Y00DcBECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSaVBl0
8Es/dvzuRCDXHqfDdOyYiDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWY0NjQyNTgtMDQ3NC00NDBkLWE0NzAtMTM0MGNjYmFmNzk2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYg
MA0GCSqGSIb3DQEBCwUAA4IBAQAprUezMg+kL6zKaPfSugzhHVHYprp3IZczWcAY
q6UIQr72NZWltHRdrILlgFOuGLiwfLVzpun09TVOd1Cd1V2jhbE6EMJk/L8Lc9UU
zKpxdUdCQBO2ORvyuyr+k3Sj8xDcX1mzycN4b/zPkxjtFolk8jRbKYLkIsMRZ9S7
+jBtYEb0XbKOB9/yM6fahjbPLl/sNT/NruCJZe4wJq1vG2yEE6ZtEbOYDZAjWpIH
B+znY0jpd0+GqnfcMivCTZHsSyrscs0dz11Fw6WdQmvaFeRRsRwlBJPrEvWooLus
PyIVDmc+QVTXVxr7pm5hX8o14ft1vx6yHu+JxVFoveSaW6Qn
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:44 2025 by rpki-client