Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa
File: 4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa (raw, json)
Hash identifier: B3AjyYCZrAFrLMompJcN2EncqoUuScIcx7NKmvJYvvo=
Subject key identifier: 07:32:75:99:85:09:58:A5:FB:BC:D6:0F:2B:CE:C8:C6:78:39:CD:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 68FBD3CA1736797751994D65D51E805F4AF3A467
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:1000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:fb:d3:ca:17:36:79:77:51:99:4d:65:d5:1e:80:5f:4a:f3:a4:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:01:0e:57:14:a2:d5:7e:8f:67:a0:ed:f2:58:
12:f2:4e:cd:1a:b9:70:e0:ef:a7:52:74:c4:61:31:
88:3e:ff:0d:d5:6c:16:b4:73:0f:52:a8:f8:d5:24:
e0:91:64:bf:3e:85:3f:b9:fd:c6:31:03:cc:c9:f4:
03:6f:1d:eb:9c:75:9f:57:4d:e3:11:b6:1c:00:f4:
be:52:47:7d:c5:83:7f:5c:ba:10:7b:e1:3f:53:3d:
82:69:e1:24:fd:6e:c2:35:fd:66:73:c7:27:fb:9e:
93:fa:08:44:40:79:c3:07:aa:7c:81:39:c8:22:43:
6d:b4:c4:15:93:76:07:af:13:dd:c8:74:e9:16:1a:
df:9b:20:41:ef:17:4e:2b:f7:b4:e4:45:56:e2:30:
b6:48:a5:6b:f0:b1:c3:87:b0:fc:22:4f:51:ff:af:
46:a6:f1:d5:2e:6f:fc:a5:f1:37:04:65:6c:b5:10:
5c:2f:18:a0:f9:6c:9e:d9:b1:d3:f4:20:88:53:91:
b3:9e:ec:4e:3d:9e:2e:e9:2e:00:2a:9d:91:93:12:
7b:38:95:d6:cd:fb:00:d0:3b:86:13:66:c3:de:33:
ba:51:42:d7:fa:7a:4a:3f:e2:ef:2a:45:1b:88:3c:
4a:64:59:2e:1b:7c:eb:32:9a:33:63:be:66:98:86:
9b:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:32:75:99:85:09:58:A5:FB:BC:D6:0F:2B:CE:C8:C6:78:39:CD:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c53a4e7-7203-4aac-8e2f-110819ae4ce3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:1000::/40
Signature Algorithm: sha256WithRSAEncryption
35:32:02:df:72:88:e4:3a:88:b7:23:2e:81:c9:41:87:7a:99:
31:2d:f4:19:d4:df:18:73:db:e5:2a:b2:0e:31:f2:c9:03:9c:
59:28:3f:48:bd:96:cb:68:aa:58:c7:bc:c4:0e:c8:1e:8b:fe:
47:ce:7a:b3:5b:15:19:f2:11:cc:91:d9:4d:e0:3d:ce:c7:bc:
55:98:8c:cf:d8:3f:71:de:06:94:b0:8e:70:d6:6e:12:a8:fc:
9e:40:2c:0d:b1:75:50:9e:3f:4e:f1:b9:0c:14:a3:7a:8d:d2:
2f:40:f6:e6:aa:8a:66:3d:2b:b9:bc:08:b8:d8:5c:f8:3a:ce:
0f:19:c7:cf:70:84:66:6e:a9:4d:75:82:14:37:2b:c0:94:18:
4b:a5:2b:55:3d:8f:f0:e0:55:98:ed:bd:5f:86:d3:cc:6b:67:
fa:87:12:3d:b9:ca:f6:15:cb:b1:b9:1e:b4:36:0a:ae:6e:9a:
13:a0:e9:ad:87:29:ac:17:b8:70:6c:41:5e:aa:0c:06:4b:19:
7a:8f:dd:76:0b:04:0b:b0:63:11:04:7d:8b:5b:5f:53:7f:29:
ff:db:9d:9b:be:44:8d:ab:9b:da:d6:5c:bb:ea:16:00:d1:9c:
9a:f0:7f:e8:41:3d:06:10:35:1e:a0:54:26:f9:5b:89:d0:1d:
5e:ea:3c:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUaPvTyhc2eXdRmU1l1R6AX0rzpGcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGEwM2Q5MDczOTg3MjhmMzhiNmNkMzE5ZjI0MDBmY2E4NWQ5OGU0ZGY4MDRi
N2QzZjAyYjkwMzQ0YzhmNjdiODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMoBDlcUotV+j2eg7fJYEvJOzRq5cODvp1J0xGExiD7/DdVsFrRzD1Ko+NUk
4JFkvz6FP7n9xjEDzMn0A28d65x1n1dN4xG2HAD0vlJHfcWDf1y6EHvhP1M9gmnh
JP1uwjX9ZnPHJ/uek/oIREB5wweqfIE5yCJDbbTEFZN2B68T3ch06RYa35sgQe8X
Tiv3tORFVuIwtkila/Cxw4ew/CJPUf+vRqbx1S5v/KXxNwRlbLUQXC8YoPlsntmx
0/QgiFORs57sTj2eLukuACqdkZMSeziV1s37ANA7hhNmw94zulFC1/p6Sj/i7ypF
G4g8SmRZLht86zKaM2O+ZpiGm4MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQHMnWZ
hQlYpfu81g8rzsjGeDnNtjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGM1M2E0ZTctNzIwMy00YWFjLThlMmYtMTEwODE5YWU0Y2UzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HwQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA1MgLfcojkOoi3Iy6ByUGHepkxLfQZ1N8Yc9vl
KrIOMfLJA5xZKD9IvZbLaKpYx7zEDsgei/5HznqzWxUZ8hHMkdlN4D3Ox7xVmIzP
2D9x3gaUsI5w1m4SqPyeQCwNsXVQnj9O8bkMFKN6jdIvQPbmqopmPSu5vAi42Fz4
Os4PGcfPcIRmbqlNdYIUNyvAlBhLpStVPY/w4FWY7b1fhtPMa2f6hxI9ucr2Fcux
uR60NgqubpoToOmthymsF7hwbEFeqgwGSxl6j912CwQLsGMRBH2LW19Tfyn/252b
vkSNq5va1ly76hYA0Zya8H/oQT0GEDUeoFQm+VuJ0B1e6jx8
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:48 2025 by rpki-client