Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/526189e2-ebfe-4a60-bf04-fb0c279c1c14.roa
File: 526189e2-ebfe-4a60-bf04-fb0c279c1c14.roa (raw, json)
Hash identifier: TWoYiMFZ3qc5C8M3SZmqyNZH+M7SVInZyyBtrq6aenQ=
Subject key identifier: DB:BB:58:AD:6B:BA:6B:18:21:14:1C:65:2C:66:FC:7F:13:FD:97:E3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 727FB67712C3B30ADC741120481263EABA2A557D
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/526189e2-ebfe-4a60-bf04-fb0c279c1c14.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:5000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
72:7f:b6:77:12:c3:b3:0a:dc:74:11:20:48:12:63:ea:ba:2a:55:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b1:54:aa:3d:db:5c:c0:b7:87:f4:45:c4:43:
d0:83:6e:08:1f:c1:3f:ac:23:eb:dd:59:1d:7a:69:
0d:b6:6f:88:f4:ff:1b:8f:eb:2b:25:b4:8a:21:52:
84:77:04:99:6b:bb:c5:02:21:d2:07:ff:f6:98:1b:
f7:c0:0a:fb:d1:68:38:86:1b:d8:8d:0a:bd:27:cb:
28:e4:c1:2c:a7:36:a4:76:13:0b:c6:56:58:94:4c:
3f:e5:66:ed:92:80:c9:69:a2:61:25:5e:35:4a:47:
2f:b6:e6:1c:fd:03:bc:f5:70:63:9d:f0:b1:c8:23:
a5:8e:37:6e:78:b4:91:bf:e9:3f:83:3f:34:cc:00:
c2:45:66:de:1b:06:a0:d3:db:6e:f5:a0:fd:79:59:
ef:90:5d:ef:0d:07:05:62:47:f0:c6:c6:c3:5d:1a:
6c:f6:f5:56:93:3f:df:88:4a:6b:2b:44:95:63:df:
31:69:3f:60:42:a4:c5:a0:de:66:09:90:62:51:9d:
0f:ee:67:c9:e2:b0:38:29:2f:e5:b3:82:28:6d:a0:
3f:ed:41:be:ea:64:31:c5:23:98:ec:9a:4e:53:23:
e4:73:08:15:ca:96:31:41:fa:8e:66:62:8d:e0:44:
8c:09:4d:68:3f:d2:ce:3b:3f:0e:90:d6:2d:e3:c7:
3e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:BB:58:AD:6B:BA:6B:18:21:14:1C:65:2C:66:FC:7F:13:FD:97:E3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/526189e2-ebfe-4a60-bf04-fb0c279c1c14.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:5000::/40
Signature Algorithm: sha256WithRSAEncryption
4e:6a:99:a8:70:8c:27:1c:dc:c9:71:3d:d0:58:68:f1:8d:ad:
5f:d2:fc:c8:95:ac:43:e0:32:33:cc:e6:df:84:97:d3:13:c9:
af:c3:0b:30:85:8a:7a:12:4f:10:c1:c5:62:05:17:3d:ca:03:
9f:84:5c:e7:d4:ae:84:7d:6c:e3:f5:b2:f7:60:03:c8:21:fa:
7a:03:01:b5:b8:b6:59:9f:8d:ee:ff:bc:53:fe:29:75:b3:b1:
44:fa:bf:1c:90:2c:83:a6:d1:d4:f4:87:89:a3:3e:93:1c:f7:
ab:4d:e7:82:1d:eb:44:e3:05:bd:12:9e:20:ad:1e:b8:62:82:
a2:45:c9:db:43:f2:52:43:4d:93:6c:6a:e3:72:87:2c:46:c6:
4e:3f:b8:7d:b4:c5:48:f0:46:da:37:73:d4:cf:42:45:ba:ab:
9a:b3:56:c1:b3:74:5d:30:e1:8b:ab:40:ee:13:2c:05:65:9b:
00:54:b8:6b:c6:db:f8:1e:b2:59:a1:d5:8c:37:02:21:6f:08:
66:b6:0a:a2:a7:26:22:99:94:d7:09:fe:c4:b9:ce:a5:63:a7:
82:a7:db:87:25:c7:bd:40:8f:5e:43:4b:3a:07:34:fd:13:54:
bb:6d:40:fe:9e:e8:b7:c3:3e:7e:67:89:92:98:6c:52:32:d7:
b7:41:e5:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcn+2dxLDswrcdBEgSBJj6roqVX0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhZjA1ZTFmMzRmYzk4NzVjZDRkYmJjNzc0YWY1ZGUyM2MwNDgyOTkwYzNi
YjU0NjI5YWQ1Njk5NjRlYmZjOGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANGxVKo921zAt4f0RcRD0INuCB/BP6wj691ZHXppDbZviPT/G4/rKyW0iiFS
hHcEmWu7xQIh0gf/9pgb98AK+9FoOIYb2I0KvSfLKOTBLKc2pHYTC8ZWWJRMP+Vm
7ZKAyWmiYSVeNUpHL7bmHP0DvPVwY53wscgjpY43bni0kb/pP4M/NMwAwkVm3hsG
oNPbbvWg/XlZ75Bd7w0HBWJH8MbGw10abPb1VpM/34hKaytElWPfMWk/YEKkxaDe
ZgmQYlGdD+5nyeKwOCkv5bOCKG2gP+1BvupkMcUjmOyaTlMj5HMIFcqWMUH6jmZi
jeBEjAlNaD/Szjs/DpDWLePHPssCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTbu1it
a7prGCEUHGUsZvx/E/2X4zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTI2MTg5ZTItZWJmZS00YTYwLWJmMDQtZmIwYzI3OWMxYzE0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HxQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBOapmocIwnHNzJcT3QWGjxja1f0vzIlaxD4DIz
zObfhJfTE8mvwwswhYp6Ek8QwcViBRc9ygOfhFzn1K6EfWzj9bL3YAPIIfp6AwG1
uLZZn43u/7xT/il1s7FE+r8ckCyDptHU9IeJoz6THPerTeeCHetE4wW9Ep4grR64
YoKiRcnbQ/JSQ02TbGrjcocsRsZOP7h9tMVI8EbaN3PUz0JFuquas1bBs3RdMOGL
q0DuEywFZZsAVLhrxtv4HrJZodWMNwIhbwhmtgqipyYimZTXCf7Euc6lY6eCp9uH
Jce9QI9eQ0s6BzT9E1S7bUD+nui3wz5+Z4mSmGxSMte3QeWZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:40 2025 by rpki-client