Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55747491-79c7-4415-bf2a-87d19100b399.roa
File: 55747491-79c7-4415-bf2a-87d19100b399.roa (raw, json)
Hash identifier: 4+RNnjVZKyFSze/JIS0/OiatYeY3bkpD/aHsNB6SW58=
Subject key identifier: CF:A2:4E:B9:E7:1E:68:BD:71:15:6A:28:0B:7E:18:9D:34:DC:EB:B8
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6A5F7E5ECF33CF3BA3876BBF8A2532E0B77EB026
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55747491-79c7-4415-bf2a-87d19100b399.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d012::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:5f:7e:5e:cf:33:cf:3b:a3:87:6b:bf:8a:25:32:e0:b7:7e:b0:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a0:0c:0e:ba:a6:89:f7:f0:bb:c5:a6:05:f0:
4a:a0:b7:a9:0e:0d:70:c6:d8:a1:07:d1:c2:8b:ce:
86:bd:e5:f8:d0:70:89:b1:98:41:c1:1a:29:a3:b3:
5f:6a:3a:51:e5:f9:41:56:fd:c1:26:ac:88:3a:20:
32:0d:81:04:a8:34:54:07:43:05:42:d4:77:6c:27:
35:5b:b3:e3:a2:9d:9a:3e:3e:f3:ff:a3:9f:76:40:
4f:b2:cb:cc:21:14:ef:d4:f7:40:22:e3:5c:6e:2d:
fe:14:cc:e6:70:25:f7:9a:55:60:15:3b:1c:6e:73:
51:f1:58:66:be:d2:83:09:14:e6:7a:df:a3:43:10:
d2:d5:08:db:28:32:30:08:99:23:f1:14:27:17:d4:
8d:23:92:d7:e3:40:d9:31:92:21:c3:60:a0:99:b5:
f0:64:ac:09:10:27:0f:88:2d:d4:d7:8c:5a:d5:ef:
4d:ea:c2:89:b6:ac:2e:b0:83:e8:e5:5e:77:de:3f:
2f:3f:76:a8:f2:80:12:90:db:6a:35:8e:ec:a0:55:
a0:19:f2:06:10:91:9b:2e:7e:26:8f:a6:00:55:6e:
e6:f7:34:e4:b8:3e:d1:cc:29:b0:c4:1e:5f:23:0b:
1b:fe:03:a6:dc:f0:64:b9:45:f5:07:0d:b3:30:27:
55:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:A2:4E:B9:E7:1E:68:BD:71:15:6A:28:0B:7E:18:9D:34:DC:EB:B8
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/55747491-79c7-4415-bf2a-87d19100b399.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d012::/36
Signature Algorithm: sha256WithRSAEncryption
0d:48:2c:d9:44:ca:69:41:97:e0:59:9c:6c:5d:94:dc:e9:1d:
42:a9:5a:2c:7b:df:66:2d:6c:cc:31:df:a2:db:1a:85:05:b8:
cc:ee:fc:55:24:db:46:97:f0:50:5a:ad:ab:05:ba:2e:5e:2d:
07:86:56:92:22:a1:5e:81:fa:02:9a:44:e2:67:07:38:bf:0b:
c1:1c:40:8e:5a:23:b5:22:f3:64:52:56:97:f5:44:d7:6f:4f:
23:bc:ae:d9:14:10:03:87:29:4a:78:04:01:69:86:d7:df:2e:
c1:d8:96:eb:9a:77:a8:6f:3a:7f:29:58:8b:e8:12:02:3b:bc:
d6:59:4f:be:06:fd:8f:4e:3e:11:82:ac:16:3a:3b:a1:b0:f0:
70:84:d5:17:79:0e:5b:af:b7:01:92:72:13:f6:dc:d4:a3:d1:
d4:13:a2:0c:cc:1d:aa:3d:41:a1:f6:a6:5e:6a:2d:25:a8:21:
ca:a4:03:63:c6:72:09:63:3f:4c:d1:c3:53:1d:3e:fd:d5:9f:
51:be:39:0a:bf:88:f9:ba:7c:8d:91:08:69:98:31:02:ef:54:
a0:41:5c:e3:9e:24:73:4b:a2:70:89:42:28:0b:4b:e8:a2:6f:
43:05:57:18:d3:70:f9:95:1d:43:31:40:cd:67:f7:f9:a6:d7:
3e:a6:65:bd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUal9+Xs8zzzujh2u/iiUy4Ld+sCYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDE2YWJiMzA5NDBkN2IyODJkZDgzMGNjMTY2MjI3MGY0YmE4NDQ2YjljMGE1
OWVlODVlZmQ0ZmEwMTUxOWNkODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWgDA66pon38LvFpgXwSqC3qQ4NcMbYoQfRwovOhr3l+NBwibGYQcEaKaOz
X2o6UeX5QVb9wSasiDogMg2BBKg0VAdDBULUd2wnNVuz46Kdmj4+8/+jn3ZAT7LL
zCEU79T3QCLjXG4t/hTM5nAl95pVYBU7HG5zUfFYZr7SgwkU5nrfo0MQ0tUI2ygy
MAiZI/EUJxfUjSOS1+NA2TGSIcNgoJm18GSsCRAnD4gt1NeMWtXvTerCibasLrCD
6OVed94/Lz92qPKAEpDbajWO7KBVoBnyBhCRmy5+Jo+mAFVu5vc05Lg+0cwpsMQe
XyMLG/4DptzwZLlF9QcNszAnVXUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTPok65
5x5ovXEVaigLfhidNNzruDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTU3NDc0OTEtNzljNy00NDE1LWJmMmEtODdkMTkxMDBiMzk5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BIA
MA0GCSqGSIb3DQEBCwUAA4IBAQANSCzZRMppQZfgWZxsXZTc6R1CqVose99mLWzM
Md+i2xqFBbjM7vxVJNtGl/BQWq2rBbouXi0HhlaSIqFegfoCmkTiZwc4vwvBHECO
WiO1IvNkUlaX9UTXb08jvK7ZFBADhylKeAQBaYbX3y7B2Jbrmneobzp/KViL6BIC
O7zWWU++Bv2PTj4RgqwWOjuhsPBwhNUXeQ5br7cBknIT9tzUo9HUE6IMzB2qPUGh
9qZeai0lqCHKpANjxnIJYz9M0cNTHT791Z9RvjkKv4j5unyNkQhpmDEC71SgQVzj
niRzS6JwiUIoC0voom9DBVcY03D5lR1DMUDNZ/f5ptc+pmW9
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:18:48 2025 by rpki-client