Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65937dce-286a-4015-b35e-dd342f7a3ff7.roa
File: 65937dce-286a-4015-b35e-dd342f7a3ff7.roa (raw, json)
Hash identifier: wkvLhe+iYMvUxq6w6ADCgKIDT2Znyv5uSnNifMJpnMo=
Subject key identifier: 3D:53:FA:16:AB:85:4C:75:75:39:FE:1B:13:1C:23:06:75:F1:C8:C5
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F02ACEC64D03E7B37FB06219AD26900703BCB60
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65937dce-286a-4015-b35e-dd342f7a3ff7.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:1000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:02:ac:ec:64:d0:3e:7b:37:fb:06:21:9a:d2:69:00:70:3b:cb:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:73:6b:5a:24:08:56:f6:ba:8e:8e:d8:99:db:
db:49:93:54:29:18:85:60:2d:5c:5a:5b:8f:91:79:
e2:81:d3:8f:c6:d2:97:f4:ac:e4:5d:3e:dc:43:e6:
38:33:2f:4c:f3:45:7e:dd:93:08:75:9d:5e:4c:e1:
04:42:44:d5:08:0d:19:0f:f3:bf:80:8b:f4:f3:fd:
22:80:39:ed:f9:a3:22:08:b4:14:47:d7:bf:42:14:
58:cd:e0:21:43:58:16:09:b3:7a:61:71:96:88:05:
20:a1:a5:38:06:45:90:63:81:af:ad:9f:dc:f1:40:
3e:d8:e9:7e:62:10:34:23:cf:22:1f:65:29:f6:65:
d5:c8:a1:0d:bf:04:60:c7:a4:e2:fb:67:2f:f4:08:
71:b4:2c:5d:45:c6:26:f3:6c:af:cf:69:12:45:bb:
96:46:3a:30:2f:78:1e:c8:f0:60:5f:dc:8d:fc:fb:
10:8c:b9:9a:fd:29:92:b1:0c:08:1a:64:6a:bf:39:
d7:7b:d0:c5:82:88:ec:8c:a9:f6:f7:83:9f:89:6b:
a8:45:bf:e9:87:2e:93:6c:5e:a8:3b:af:0c:16:92:
02:03:cb:30:5a:75:d8:ad:cc:de:d4:90:19:44:e9:
44:4a:8a:06:27:1a:1a:26:20:11:44:d6:60:ae:ac:
21:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:53:FA:16:AB:85:4C:75:75:39:FE:1B:13:1C:23:06:75:F1:C8:C5
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65937dce-286a-4015-b35e-dd342f7a3ff7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:1000::/40
Signature Algorithm: sha256WithRSAEncryption
63:da:85:85:4b:db:3d:81:b6:d4:b1:87:b0:8f:9f:f3:34:f1:
d4:cb:26:7d:28:11:e3:3d:f6:56:0b:6f:df:4a:1f:63:56:08:
19:3b:04:90:07:d9:ad:9f:11:b2:4c:45:57:48:12:7a:69:57:
25:8b:66:68:16:63:74:89:bd:5c:c3:15:2d:80:c1:fd:c8:93:
75:35:88:65:5e:d9:b8:37:be:e5:af:c6:5a:66:cc:05:a8:50:
46:3c:b3:39:1e:15:f0:8d:94:10:bd:e3:17:99:68:bc:a0:54:
05:41:d8:37:fb:40:93:22:de:12:4b:c6:c9:48:e6:c6:29:0b:
99:4d:2d:0e:59:30:2d:c1:e9:94:6b:9c:b3:05:56:81:45:2c:
c6:31:72:a2:6a:3d:3a:6a:3a:c2:4c:f3:3d:21:e9:0e:19:da:
c9:f6:69:c0:6f:4c:87:e6:15:fd:f7:fc:fc:05:ca:c2:3c:72:
a2:d6:86:a0:68:7c:d6:fc:79:37:c0:4e:61:c7:70:6e:bc:d7:
7d:f6:d0:21:f5:af:ed:e0:e1:36:c7:47:55:f6:71:54:22:24:
0b:d4:41:18:47:09:99:4c:5b:f7:54:b1:0d:b0:ef:5d:69:36:
c2:97:bb:62:e5:88:05:9c:06:bf:63:3b:d6:db:f8:75:2f:5c:
45:c3:74:e4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPwKs7GTQPns3+wYhmtJpAHA7y2AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJkZmI4MmZiOGJjMzVmNDZkOTYzNjA4YzVlOTNhMTgxMzg5MTJlMzI3ZGJj
ZDFlYjI0ODE1NjQxYTk0YWFlZGUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK5za1okCFb2uo6O2Jnb20mTVCkYhWAtXFpbj5F54oHTj8bSl/Ss5F0+3EPm
ODMvTPNFft2TCHWdXkzhBEJE1QgNGQ/zv4CL9PP9IoA57fmjIgi0FEfXv0IUWM3g
IUNYFgmzemFxlogFIKGlOAZFkGOBr62f3PFAPtjpfmIQNCPPIh9lKfZl1cihDb8E
YMek4vtnL/QIcbQsXUXGJvNsr89pEkW7lkY6MC94HsjwYF/cjfz7EIy5mv0pkrEM
CBpkar8513vQxYKI7Iyp9veDn4lrqEW/6Ycuk2xeqDuvDBaSAgPLMFp12K3M3tSQ
GUTpREqKBicaGiYgEUTWYK6sIZUCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ9U/oW
q4VMdXU5/hsTHCMGdfHIxTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjU5MzdkY2UtMjg2YS00MDE1LWIzNWUtZGQzNDJmN2EzZmY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBj2oWFS9s9gbbUsYewj5/zNPHUyyZ9KBHjPfZW
C2/fSh9jVggZOwSQB9mtnxGyTEVXSBJ6aVcli2ZoFmN0ib1cwxUtgMH9yJN1NYhl
Xtm4N77lr8ZaZswFqFBGPLM5HhXwjZQQveMXmWi8oFQFQdg3+0CTIt4SS8bJSObG
KQuZTS0OWTAtwemUa5yzBVaBRSzGMXKiaj06ajrCTPM9IekOGdrJ9mnAb0yH5hX9
9/z8BcrCPHKi1oagaHzW/Hk3wE5hx3BuvNd99tAh9a/t4OE2x0dV9nFUIiQL1EEY
RwmZTFv3VLENsO9daTbCl7ti5YgFnAa/YzvW2/h1L1xFw3Tk
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:56:21 2025 by rpki-client