Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c029c8-f6f6-4807-9160-3de52083e319.roa
File: 36c029c8-f6f6-4807-9160-3de52083e319.roa (raw, json)
Hash identifier: TSkDdtxJKWOU5VT+c3L3utD+sc6KIvTD0Mz8EoD4HvU=
Subject key identifier: 7D:3B:85:1A:91:93:02:89:0B:95:06:1C:45:D9:2F:E2:AC:0F:F8:72
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 698683C95A1508DFDD7BB67B6DA4F7BC5785D69E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c029c8-f6f6-4807-9160-3de52083e319.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d018::/35 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:86:83:c9:5a:15:08:df:dd:7b:b6:7b:6d:a4:f7:bc:57:85:d6:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:9b:5d:e1:56:7e:05:71:8c:eb:a3:00:64:5e:
0a:21:34:5d:2e:83:f7:6c:97:7c:41:3c:d0:90:09:
f2:6f:d6:af:cf:8e:4a:c3:39:4d:f1:61:8b:2e:d3:
1d:86:cd:54:f8:ff:01:0e:b9:89:80:d2:f2:ea:0e:
f7:22:af:bd:d7:4d:54:97:1f:b7:72:1c:c0:86:84:
94:0f:9b:57:14:ca:38:f1:f3:99:97:fe:59:50:37:
1d:99:cb:3a:3c:b8:3a:73:92:1a:a8:6c:1c:35:3d:
1c:97:df:af:05:5e:cf:cf:e7:a2:dc:a3:b8:c8:cc:
86:58:80:ac:99:90:1e:3a:16:76:ef:3a:0c:b4:2d:
7f:e0:e0:12:dc:f1:e1:07:80:0b:04:82:f9:6c:66:
e4:1f:fe:af:30:e9:fb:15:0c:37:36:d5:22:62:fb:
f0:ad:59:e1:dd:96:2b:c4:25:92:b3:1d:fd:65:17:
b8:fb:d0:51:1c:20:e6:33:9b:3c:bb:d1:5c:e4:a2:
22:e1:09:5c:7c:05:46:cf:ed:d2:6c:cd:7a:ba:dc:
3d:28:9e:0a:79:75:f3:5c:b3:a5:cc:91:f4:3a:da:
93:cc:c3:0a:4a:99:bd:3f:3c:01:9d:a8:63:ce:08:
b3:64:91:ef:54:5d:7b:c2:f3:39:d3:77:8b:4f:6b:
fe:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:3B:85:1A:91:93:02:89:0B:95:06:1C:45:D9:2F:E2:AC:0F:F8:72
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/36c029c8-f6f6-4807-9160-3de52083e319.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d018::/35
Signature Algorithm: sha256WithRSAEncryption
67:9b:0d:e1:a0:a2:8f:f1:80:e4:da:5f:a9:35:05:71:13:c6:
0e:7e:68:02:62:4c:2e:88:ba:db:75:0a:21:b2:de:34:e3:4f:
89:42:cd:ae:35:78:69:e2:1a:b5:d3:06:f0:c4:c8:65:b1:5a:
cc:d2:32:d7:1e:9e:e2:9d:0e:b0:3b:01:5f:a9:bb:88:74:40:
ca:ea:b2:c7:75:32:9a:c0:45:02:71:8e:08:ab:bd:3d:27:54:
1b:12:f8:47:06:aa:8f:ba:68:d5:73:c9:22:61:5e:02:2c:97:
e9:d4:c6:dc:5f:99:d6:6d:9f:8b:6c:40:fe:6c:88:05:43:4b:
9c:e1:9c:b3:33:fc:12:85:ea:06:62:1f:25:de:10:e0:d3:18:
fe:23:a8:b8:ed:a0:1b:86:03:59:0f:7b:bf:94:f2:61:04:99:
37:2c:4a:6b:5a:f4:1d:86:d9:6c:b2:24:83:cd:25:57:ed:ab:
94:f5:38:7e:29:9b:dd:96:eb:eb:75:0d:0b:cf:3b:0e:39:8a:
eb:7c:52:17:3f:10:a6:a9:fd:50:f0:10:8c:da:d3:fb:b2:bc:
d5:45:1b:33:ca:61:04:c5:0a:b8:8a:e0:8a:84:c3:87:87:04:
86:94:70:57:98:bf:d5:67:41:25:14:95:53:ff:2b:4e:ba:03:
3f:64:e8:b9
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaYaDyVoVCN/de7Z7baT3vFeF1p4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDk3OTJmYzIyMjgyYjQzYjM4M2UzYTcwMjA3YTBhZDRmMzI5NTFkZDM2M2E4
YjRmMGUwNzdkNGRmNWQxMTY5YzYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALebXeFWfgVxjOujAGReCiE0XS6D92yXfEE80JAJ8m/Wr8+OSsM5TfFhiy7T
HYbNVPj/AQ65iYDS8uoO9yKvvddNVJcft3IcwIaElA+bVxTKOPHzmZf+WVA3HZnL
Ojy4OnOSGqhsHDU9HJffrwVez8/notyjuMjMhliArJmQHjoWdu86DLQtf+DgEtzx
4QeACwSC+Wxm5B/+rzDp+xUMNzbVImL78K1Z4d2WK8QlkrMd/WUXuPvQURwg5jOb
PLvRXOSiIuEJXHwFRs/t0mzNerrcPSieCnl181yzpcyR9Drak8zDCkqZvT88AZ2o
Y84Is2SR71Rde8LzOdN3i09r/tUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR9O4Ua
kZMCiQuVBhxF2S/irA/4cjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MzZjMDI5YzgtZjZmNi00ODA3LTkxNjAtM2RlNTIwODNlMzE5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBSoF0BgA
MA0GCSqGSIb3DQEBCwUAA4IBAQBnmw3hoKKP8YDk2l+pNQVxE8YOfmgCYkwuiLrb
dQohst4040+JQs2uNXhp4hq10wbwxMhlsVrM0jLXHp7inQ6wOwFfqbuIdEDK6rLH
dTKawEUCcY4Iq709J1QbEvhHBqqPumjVc8kiYV4CLJfp1MbcX5nWbZ+LbED+bIgF
Q0uc4ZyzM/wSheoGYh8l3hDg0xj+I6i47aAbhgNZD3u/lPJhBJk3LEprWvQdhtls
siSDzSVX7auU9Th+KZvdluvrdQ0LzzsOOYrrfFIXPxCmqf1Q8BCM2tP7srzVRRsz
ymEExQq4iuCKhMOHhwSGlHBXmL/VZ0ElFJVT/ytOugM/ZOi5
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:00 2025 by rpki-client