Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/247ad9fa-bec9-4b2a-bf50-46f08250e756.roa
File: 247ad9fa-bec9-4b2a-bf50-46f08250e756.roa (raw, json)
Hash identifier: T3fCne65KbyTpYuf2/vekTYZvXvMmQEfCn9iqC0Qoz4=
Subject key identifier: EB:75:B2:59:59:1A:56:C1:3C:5D:75:6D:01:21:9F:17:E3:D2:0D:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7B8D1F17E8A88368B8A83CEB1D751EC46175BE30
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/247ad9fa-bec9-4b2a-bf50-46f08250e756.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:5000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:8d:1f:17:e8:a8:83:68:b8:a8:3c:eb:1d:75:1e:c4:61:75:be:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:ea:a0:82:14:68:33:ce:59:72:20:11:f8:99:
46:0c:4c:b1:18:83:a5:4a:fb:52:a6:d6:c5:22:39:
eb:50:91:8e:12:13:60:bc:86:03:3b:aa:25:bb:03:
4c:7c:62:ea:9f:ce:98:43:30:57:8b:a5:43:54:d7:
cf:e8:97:84:1c:39:8b:0c:34:15:18:94:f9:55:a7:
f1:7e:a4:54:f4:5e:35:09:05:17:68:8e:45:5a:69:
47:7b:1a:6d:ca:50:9a:60:1b:a8:19:69:ab:84:2f:
04:97:be:a2:fd:00:01:55:ce:c2:a0:b2:72:66:23:
ea:e6:ff:70:42:f1:32:ac:83:00:e8:79:e8:fd:0e:
74:68:04:a3:e4:b5:6c:9f:b2:3f:72:77:a5:91:8c:
fe:b9:6e:a3:43:cc:3c:0c:bf:37:fb:cf:1d:b4:4d:
3c:4c:a3:3f:82:b1:66:e6:68:28:3b:10:19:8b:0a:
47:a1:08:27:84:0b:af:67:fd:fe:de:fb:c8:73:b4:
da:c8:b3:4e:d2:87:6d:0c:f1:2e:ea:78:fe:42:d3:
4b:64:67:be:68:93:14:01:eb:ef:79:3e:91:9c:c4:
d9:c2:4f:e9:6b:e8:64:ef:37:30:8e:00:3d:49:c1:
b5:30:30:f2:32:68:d5:5f:7a:eb:83:27:a9:54:4d:
df:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:75:B2:59:59:1A:56:C1:3C:5D:75:6D:01:21:9F:17:E3:D2:0D:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/247ad9fa-bec9-4b2a-bf50-46f08250e756.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:5000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:98:e2:73:3f:d8:09:84:82:01:1d:fa:73:aa:81:7a:44:07:
4c:7a:89:5f:5b:57:9c:f4:1d:fa:d4:39:11:be:69:84:3f:37:
48:a6:84:77:3f:6d:5a:68:a4:d7:99:83:19:81:9b:79:c8:0c:
bc:85:40:d5:4c:2c:6a:42:00:b3:82:d1:10:25:82:71:78:41:
f7:01:05:23:5e:34:17:ba:a9:8c:97:c1:ce:cc:20:ce:14:42:
68:49:ae:42:cf:73:c5:e4:ba:62:c7:f1:9a:2b:23:30:dd:ff:
db:61:22:b7:49:51:6f:0d:f5:fe:84:6a:aa:27:28:20:48:1a:
7f:9e:8f:4b:e7:e8:f7:51:c4:2c:6d:f3:5d:7d:cb:6a:f7:01:
07:0d:f7:f9:3d:68:4e:ac:c5:31:05:7a:d0:7f:2e:ce:75:fc:
84:c1:63:13:a5:90:89:18:f7:00:61:b3:a1:34:b1:fb:55:85:
a4:17:4a:01:1e:16:77:30:ef:57:c8:b4:71:1c:50:5b:7b:ab:
05:0d:d0:d7:e4:99:c6:29:3d:6e:7f:a4:02:c4:c6:c8:b6:79:
97:72:84:79:9f:41:d4:b6:d9:e3:05:df:1d:61:6f:08:dd:15:
cf:45:aa:c2:40:f5:85:67:58:a7:82:99:cd:4a:e1:d0:12:cd:
1c:fd:87:49
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUe40fF+iog2i4qDzrHXUexGF1vjAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIyNThkODc2YmYxNTc5ZWZhZGQyNWQ3MjM3NGU4MTkxY2M2ODY2ZTAwNGY0
YzNlODg0NWFlZWNmMzQzOThmMDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJvqoIIUaDPOWXIgEfiZRgxMsRiDpUr7UqbWxSI561CRjhITYLyGAzuqJbsD
THxi6p/OmEMwV4ulQ1TXz+iXhBw5iww0FRiU+VWn8X6kVPReNQkFF2iORVppR3sa
bcpQmmAbqBlpq4QvBJe+ov0AAVXOwqCycmYj6ub/cELxMqyDAOh56P0OdGgEo+S1
bJ+yP3J3pZGM/rluo0PMPAy/N/vPHbRNPEyjP4KxZuZoKDsQGYsKR6EIJ4QLr2f9
/t77yHO02sizTtKHbQzxLup4/kLTS2RnvmiTFAHr73k+kZzE2cJP6WvoZO83MI4A
PUnBtTAw8jJo1V9664MnqVRN36sCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTrdbJZ
WRpWwTxddW0BIZ8X49INdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjQ3YWQ5ZmEtYmVjOS00YjJhLWJmNTAtNDZmMDgyNTBlNzU2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DpQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAsmOJzP9gJhIIBHfpzqoF6RAdMeolfW1ec9B36
1DkRvmmEPzdIpoR3P21aaKTXmYMZgZt5yAy8hUDVTCxqQgCzgtEQJYJxeEH3AQUj
XjQXuqmMl8HOzCDOFEJoSa5Cz3PF5Lpix/GaKyMw3f/bYSK3SVFvDfX+hGqqJygg
SBp/no9L5+j3UcQsbfNdfctq9wEHDff5PWhOrMUxBXrQfy7OdfyEwWMTpZCJGPcA
YbOhNLH7VYWkF0oBHhZ3MO9XyLRxHFBbe6sFDdDX5JnGKT1uf6QCxMbItnmXcoR5
n0HUttnjBd8dYW8I3RXPRarCQPWFZ1ingpnNSuHQEs0c/YdJ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:32 2025 by rpki-client