Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4549ee72-2f54-4788-bc73-787b3ff37ba8.roa
File: 4549ee72-2f54-4788-bc73-787b3ff37ba8.roa (raw, json)
Hash identifier: lxJLCgOfY4Y7TmNYA/YQhG18hDdZ7Xk9XdSCda/Vm1Y=
Subject key identifier: ED:11:2A:FC:00:87:FE:88:1B:99:A3:9E:86:32:77:CF:2E:1C:9E:2E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 05DF85F5A1AF84C302C884EE1723D94E313C1695
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4549ee72-2f54-4788-bc73-787b3ff37ba8.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d076:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:df:85:f5:a1:af:84:c3:02:c8:84:ee:17:23:d9:4e:31:3c:16:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:25:1e:63:29:97:34:fa:17:8c:cc:65:44:70:
8c:37:10:b1:80:db:ce:2d:94:cd:99:49:22:6f:67:
ba:92:3f:cf:56:42:cd:4d:60:f9:56:e0:6b:e3:56:
d6:d8:41:f6:c4:7f:46:12:8d:ed:97:ac:73:89:ab:
8a:ec:0a:d4:9f:2d:06:36:41:e8:31:32:a0:5e:2b:
f6:aa:bc:36:aa:61:d5:75:a2:3c:84:30:df:c0:22:
57:cd:b9:32:0e:28:7b:f1:d1:f5:c8:4d:c2:c5:98:
2c:12:15:c3:ca:21:18:9a:c7:b2:ae:6e:cc:6d:f6:
63:a5:d8:5e:fc:c9:a8:8a:22:b2:22:55:78:0e:85:
f7:83:0b:01:20:cc:2e:f3:42:45:10:c0:08:e6:40:
0e:71:ee:17:80:6c:b3:86:c2:a5:ac:f1:38:5c:9d:
6d:ad:d2:ce:f6:a2:f4:16:11:20:88:0e:fe:d2:b7:
40:a4:b6:76:97:91:7b:9b:87:44:a6:8f:3d:25:d0:
ab:82:12:ea:b8:5f:b4:9b:c7:ed:5f:ff:45:0e:9c:
11:66:c1:03:a3:c4:fc:a6:a8:f1:64:d7:67:72:28:
1d:ed:4c:6c:76:a4:11:88:b6:fc:85:b5:d4:b1:80:
d6:53:be:38:ae:e5:78:76:41:41:7f:f8:1c:9b:42:
18:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:11:2A:FC:00:87:FE:88:1B:99:A3:9E:86:32:77:CF:2E:1C:9E:2E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4549ee72-2f54-4788-bc73-787b3ff37ba8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d076:b000::/40
Signature Algorithm: sha256WithRSAEncryption
c6:98:55:a5:de:12:42:5b:20:02:89:8a:6e:d1:1d:20:26:e8:
77:46:b8:da:7a:8a:a6:f2:82:c7:de:6d:4e:64:79:90:ab:09:
65:4f:45:7a:ff:f7:9a:53:53:79:6b:e7:a1:91:b5:f8:c5:ab:
4c:d2:2f:c0:1d:7c:7b:c5:23:c9:e6:a0:57:9d:ad:c1:ec:75:
40:e4:86:d1:a0:f1:42:8e:91:46:83:25:76:fe:ab:9d:c7:2b:
d4:e9:6d:4b:99:76:34:0a:17:17:da:74:42:d2:29:64:94:54:
e1:e0:3e:12:3e:61:a3:71:33:80:0e:2f:3a:a8:ff:00:22:dd:
10:a4:a6:bd:d0:c3:c5:1b:b6:3c:f9:6a:ba:d2:25:38:b9:ab:
10:a5:42:b6:8e:7a:2f:b0:56:67:14:3c:f0:32:f1:74:2d:a1:
35:e8:46:2a:53:06:93:4b:ff:db:67:9d:cc:f5:c3:23:ff:9f:
13:c4:fd:27:c8:81:f6:bf:d4:d3:18:b7:69:83:b2:cd:a1:82:
09:06:ea:ce:34:6c:a3:4f:b4:45:d4:0f:e4:a0:a5:eb:db:81:
3f:ad:4d:82:f8:36:1d:c5:5e:8a:d7:73:39:8d:d1:f9:55:dd:
88:71:85:38:ea:9d:2d:69:2e:e4:ce:54:da:74:f1:c2:16:8e:
61:b8:8f:dd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBd+F9aGvhMMCyITuFyPZTjE8FpUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhY2Q2YTY2MmU3ZjE3YzIyNGE0MGI3YjE5Zjc4OWRhM2E4MzZiNjU1ZmNm
MWQ3YzRjM2UwNGY3YjQ0M2VkMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMIlHmMplzT6F4zMZURwjDcQsYDbzi2UzZlJIm9nupI/z1ZCzU1g+Vbga+NW
1thB9sR/RhKN7Zesc4mriuwK1J8tBjZB6DEyoF4r9qq8Nqph1XWiPIQw38AiV825
Mg4oe/HR9chNwsWYLBIVw8ohGJrHsq5uzG32Y6XYXvzJqIoisiJVeA6F94MLASDM
LvNCRRDACOZADnHuF4Bss4bCpazxOFydba3Szvai9BYRIIgO/tK3QKS2dpeRe5uH
RKaPPSXQq4IS6rhftJvH7V//RQ6cEWbBA6PE/Kao8WTXZ3IoHe1MbHakEYi2/IW1
1LGA1lO+OK7leHZBQX/4HJtCGPMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTtESr8
AIf+iBuZo56GMnfPLhyeLjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU0OWVlNzItMmY1NC00Nzg4LWJjNzMtNzg3YjNmZjM3YmE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Haw
MA0GCSqGSIb3DQEBCwUAA4IBAQDGmFWl3hJCWyACiYpu0R0gJuh3Rrjaeoqm8oLH
3m1OZHmQqwllT0V6//eaU1N5a+ehkbX4xatM0i/AHXx7xSPJ5qBXna3B7HVA5IbR
oPFCjpFGgyV2/qudxyvU6W1LmXY0ChcX2nRC0ilklFTh4D4SPmGjcTOADi86qP8A
It0QpKa90MPFG7Y8+Wq60iU4uasQpUK2jnovsFZnFDzwMvF0LaE16EYqUwaTS//b
Z53M9cMj/58TxP0nyIH2v9TTGLdpg7LNoYIJBurONGyjT7RF1A/koKXr24E/rU2C
+DYdxV6K13M5jdH5Vd2IcYU46p0taS7kzlTadPHCFo5huI/d
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:13 2025 by rpki-client