Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8ff46f-71d1-4144-ae66-7a9b70606834.roa
File: 2e8ff46f-71d1-4144-ae66-7a9b70606834.roa (raw, json)
Hash identifier: t8W+34BFa9FS65kyJQCHCHjykBWDYo3LVm4pKTJeJ4I=
Subject key identifier: A8:6C:05:E6:71:6A:11:F5:18:1D:46:C2:8A:DB:45:53:81:7D:83:D8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C8F5EC7CD85FC00C57D61D37C37FDB83A26B0D9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8ff46f-71d1-4144-ae66-7a9b70606834.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d000:9000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:8f:5e:c7:cd:85:fc:00:c5:7d:61:d3:7c:37:fd:b8:3a:26:b0:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:83:0c:17:87:f9:0c:d8:67:40:a3:ba:3e:7e:
31:ce:0c:7e:dd:2a:9f:f9:ce:ad:72:2e:4a:d7:77:
e1:44:50:4b:46:64:91:6d:71:a9:a9:82:af:07:15:
af:d9:ab:25:ab:88:2f:05:82:9d:9c:71:9d:70:4a:
d6:cc:7b:2b:ef:4f:cf:6e:d7:18:6a:fb:ee:d0:cf:
5a:72:5f:50:94:48:ee:ee:26:70:a1:f7:64:20:32:
21:18:99:cc:f7:d5:e2:fd:04:33:eb:6b:f1:73:e1:
67:10:77:07:16:4f:33:77:45:9d:52:7a:11:fa:54:
5b:44:f4:77:28:5b:ca:75:98:24:30:08:0c:ad:08:
b6:5b:46:dd:ab:aa:9e:e7:a0:67:04:66:3c:63:4e:
a5:d4:6b:49:38:c9:6b:b1:fe:97:ba:4f:88:81:ed:
13:07:87:53:c8:3a:31:a7:0d:ed:2a:3b:ab:0a:ee:
94:9c:5a:f7:48:dc:c9:3e:a1:a3:1e:76:dc:86:96:
3b:a4:53:65:e6:14:e2:f1:b9:f4:4b:0e:08:31:5e:
c7:b6:50:3f:8d:40:5a:be:df:c4:79:c9:62:ae:27:
7e:96:5b:91:3c:fb:22:09:fd:0c:77:79:e6:09:1c:
01:d6:99:32:a4:67:db:7c:94:eb:90:2c:7e:12:fc:
b9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:6C:05:E6:71:6A:11:F5:18:1D:46:C2:8A:DB:45:53:81:7D:83:D8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2e8ff46f-71d1-4144-ae66-7a9b70606834.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d000:9000::/40
Signature Algorithm: sha256WithRSAEncryption
11:c6:4e:f8:ae:83:05:30:44:b7:5a:a6:bb:21:ae:91:15:83:
1e:8d:dd:9c:60:c2:af:dd:c4:00:04:2e:46:04:c0:88:aa:e8:
b6:b8:34:84:3e:a1:e7:a0:e2:4f:9f:91:be:f8:fd:69:8b:31:
b0:4f:6f:63:26:9d:01:2a:b9:69:6c:cc:4a:68:bf:8e:ed:45:
a0:42:e9:a2:07:d5:ea:50:de:ed:06:3e:7d:75:7c:83:8d:7d:
bb:7a:8e:61:f6:95:c5:af:ac:29:cc:97:32:2f:a3:e7:03:13:
f2:2e:eb:27:19:be:c1:37:90:cf:b5:71:49:b8:9b:fe:df:7e:
61:b8:89:3b:3a:23:f5:85:7d:82:c5:d9:6f:b7:14:3a:a8:cd:
52:21:c2:62:0e:55:89:2c:ff:0b:5f:34:fc:66:25:62:f1:dc:
96:e3:31:59:2e:23:4a:69:3b:05:41:5f:ed:67:95:f2:13:b0:
e1:07:e3:45:e6:b5:ed:f3:54:1f:8c:d2:a6:7f:aa:51:4e:1f:
9c:23:45:24:e3:e9:27:d4:82:d3:3f:d8:0a:b6:11:c8:55:49:
1a:ce:c5:cd:8e:32:fb:dc:86:8b:92:c2:e2:9e:0e:b4:78:a0:
41:c7:57:1d:9c:9d:a5:10:46:b7:ef:0b:5d:6e:57:ba:de:5c:
92:54:0f:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHI9ex82F/ADFfWHTfDf9uDomsNkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDczYjkwN2ExZDZmMmQ2NzRmNmViMzJhNDliZGM2MzhhMDMxNTJiODA0ZWQ2
M2QxYmEzNzViMjk3ZDM5ZDIwOTgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALaDDBeH+QzYZ0Cjuj5+Mc4Mft0qn/nOrXIuStd34URQS0ZkkW1xqamCrwcV
r9mrJauILwWCnZxxnXBK1sx7K+9Pz27XGGr77tDPWnJfUJRI7u4mcKH3ZCAyIRiZ
zPfV4v0EM+tr8XPhZxB3BxZPM3dFnVJ6EfpUW0T0dyhbynWYJDAIDK0ItltG3auq
nuegZwRmPGNOpdRrSTjJa7H+l7pPiIHtEweHU8g6MacN7So7qwrulJxa90jcyT6h
ox523IaWO6RTZeYU4vG59EsOCDFex7ZQP41AWr7fxHnJYq4nfpZbkTz7Ign9DHd5
5gkcAdaZMqRn23yU65AsfhL8uZECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSobAXm
cWoR9RgdRsKK20VTgX2D2DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmU4ZmY0NmYtNzFkMS00MTQ0LWFlNjYtN2E5YjcwNjA2ODM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ACQ
MA0GCSqGSIb3DQEBCwUAA4IBAQARxk74roMFMES3Wqa7Ia6RFYMejd2cYMKv3cQA
BC5GBMCIqui2uDSEPqHnoOJPn5G++P1pizGwT29jJp0BKrlpbMxKaL+O7UWgQumi
B9XqUN7tBj59dXyDjX27eo5h9pXFr6wpzJcyL6PnAxPyLusnGb7BN5DPtXFJuJv+
335huIk7OiP1hX2CxdlvtxQ6qM1SIcJiDlWJLP8LXzT8ZiVi8dyW4zFZLiNKaTsF
QV/tZ5XyE7DhB+NF5rXt81QfjNKmf6pRTh+cI0Uk4+kn1ILTP9gKthHIVUkazsXN
jjL73IaLksLing60eKBBx1cdnJ2lEEa37wtdble63lySVA+5
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:29:34 2025 by rpki-client