Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23bf04ce-3f25-4dfc-854b-7ab9fceb5046.roa
File: 23bf04ce-3f25-4dfc-854b-7ab9fceb5046.roa (raw, json)
Hash identifier: jBHV7+uwMghIZUvv7wxbXn8ZzEFP9sGCfHBtiCaxIdI=
Subject key identifier: BC:3A:B6:1B:78:AD:F9:05:A1:55:81:FC:FB:4E:0B:51:0A:F4:B0:3F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 134D41228FFA847F7BDFDF7D2107B08CFD966889
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23bf04ce-3f25-4dfc-854b-7ab9fceb5046.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:c000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:4d:41:22:8f:fa:84:7f:7b:df:df:7d:21:07:b0:8c:fd:96:68:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:5e:0e:dd:b1:0e:c9:4d:66:1f:4b:c9:6a:1d:
22:26:56:24:d4:76:d7:c3:5d:49:20:fc:56:88:82:
76:4f:45:02:64:e4:c6:b7:95:42:ef:40:a4:9c:58:
76:24:01:92:16:11:7b:7e:9b:9a:8c:b6:a7:72:48:
bc:07:8f:f3:fc:16:9b:1c:2e:a6:43:db:cc:e3:20:
78:62:42:1b:81:50:72:37:2a:13:b5:f1:89:4b:ef:
e4:51:03:2e:9d:e8:1b:75:f9:bb:dc:d3:c3:2f:e3:
71:ea:a2:a7:fc:28:09:a2:df:e1:dd:5e:6e:73:37:
55:50:29:a3:99:f8:49:19:22:7f:23:3e:98:ef:0f:
9c:95:a7:48:22:1c:18:99:38:fc:7c:7f:2d:0a:54:
87:93:a7:e0:bd:08:e2:4a:b0:08:4a:e5:3d:11:be:
14:35:fd:59:eb:22:1a:0f:73:cd:7f:cb:14:35:8e:
a0:c2:11:1c:00:2c:85:61:c5:eb:98:90:6c:3d:37:
5f:a3:33:2a:3e:c0:82:35:f8:f6:5a:55:fa:65:f9:
59:b3:66:22:7b:43:18:2f:30:92:57:93:f0:2a:40:
06:fe:48:7b:e1:5e:fb:60:f1:a3:45:7c:ce:26:4d:
ff:b2:2c:d7:18:4f:e7:31:c0:40:e7:2a:1f:b3:64:
b4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:3A:B6:1B:78:AD:F9:05:A1:55:81:FC:FB:4E:0B:51:0A:F4:B0:3F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/23bf04ce-3f25-4dfc-854b-7ab9fceb5046.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:c000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:99:c6:ae:80:84:6c:26:ca:76:54:5c:e4:fd:aa:c6:10:a4:
58:e8:08:93:60:4c:f8:cb:e3:bc:2d:94:ba:b0:35:1e:0c:89:
1c:a3:3a:4b:90:d3:3d:aa:27:90:df:19:43:fd:4c:9d:ae:36:
26:13:0c:56:86:66:b6:01:37:eb:18:6f:a2:e8:47:44:1b:73:
2b:98:d7:5a:03:ab:5b:20:e9:b1:d2:78:18:6a:ff:b1:6f:b2:
74:17:c2:a4:27:ad:45:bf:80:64:2f:50:5a:03:ca:4a:3d:00:
c5:53:9a:d9:40:d4:de:f3:4b:b9:63:f0:92:95:20:0a:f3:ac:
bf:6e:24:a9:b7:5d:26:85:b4:fe:29:2f:60:2c:63:28:b3:0a:
4c:e1:c8:88:69:ac:fc:69:b1:28:2e:5a:91:5c:b3:5c:f7:aa:
c6:49:2d:85:da:67:fa:30:1d:74:aa:df:2a:98:18:3f:e4:ca:
ae:ba:1e:fc:cb:24:b5:f2:bf:0c:46:03:80:88:56:18:05:db:
fc:26:cf:a9:e7:73:13:9b:46:6d:5b:a6:b0:49:f8:b8:a4:f2:
72:04:09:a2:03:1d:d5:1d:cc:73:18:13:b6:c6:57:25:7b:9b:
c1:a7:c7:5c:bd:ef:8b:b9:45:59:3b:a4:f1:a8:a0:5e:a4:2f:
32:1c:30:74
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUE01BIo/6hH973999IQewjP2WaIkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUzNmNlOWJkMzIwODQzMGQ3ZjQ0YzZmNDM4ZWYxMTY0OThjNzg5ZDdlNTk3
ODNhYzBhZGM1YzFlN2E1Mjg5NTQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL1eDt2xDslNZh9LyWodIiZWJNR218NdSSD8VoiCdk9FAmTkxreVQu9ApJxY
diQBkhYRe36bmoy2p3JIvAeP8/wWmxwupkPbzOMgeGJCG4FQcjcqE7XxiUvv5FED
Lp3oG3X5u9zTwy/jceqip/woCaLf4d1ebnM3VVApo5n4SRkifyM+mO8PnJWnSCIc
GJk4/Hx/LQpUh5On4L0I4kqwCErlPRG+FDX9WesiGg9zzX/LFDWOoMIRHAAshWHF
65iQbD03X6MzKj7AgjX49lpV+mX5WbNmIntDGC8wkleT8CpABv5Ie+Fe+2Dxo0V8
ziZN/7Is1xhP5zHAQOcqH7NktGECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS8OrYb
eK35BaFVgfz7TgtRCvSwPzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjNiZjA0Y2UtM2YyNS00ZGZjLTg1NGItN2FiOWZjZWI1MDQ2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/A
MA0GCSqGSIb3DQEBCwUAA4IBAQB+mcaugIRsJsp2VFzk/arGEKRY6AiTYEz4y+O8
LZS6sDUeDIkcozpLkNM9qieQ3xlD/UydrjYmEwxWhma2ATfrGG+i6EdEG3MrmNda
A6tbIOmx0ngYav+xb7J0F8KkJ61Fv4BkL1BaA8pKPQDFU5rZQNTe80u5Y/CSlSAK
86y/biSpt10mhbT+KS9gLGMoswpM4ciIaaz8abEoLlqRXLNc96rGSS2F2mf6MB10
qt8qmBg/5Mquuh78yyS18r8MRgOAiFYYBdv8Js+p53MTm0ZtW6awSfi4pPJyBAmi
Ax3VHcxzGBO2xlcle5vBp8dcve+LuUVZO6TxqKBepC8yHDB0
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:34 2025 by rpki-client