Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6c5c713e-8a57-4e2a-8fc2-b9d88b0df53f.roa
File: 6c5c713e-8a57-4e2a-8fc2-b9d88b0df53f.roa (raw, json)
Hash identifier: GLBiCneEWC6PcoBG5OyWeKh7tL+4qiBTlGbbT3iH+d4=
Subject key identifier: 0F:40:2D:A8:76:A0:B6:C3:58:F9:70:E0:C7:86:5C:00:72:F0:79:AA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 4A3A11BBDF4C496E5559637EE8F1B5FCB8B8D392
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6c5c713e-8a57-4e2a-8fc2-b9d88b0df53f.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4a:3a:11:bb:df:4c:49:6e:55:59:63:7e:e8:f1:b5:fc:b8:b8:d3:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:94:d7:3c:85:7f:37:f1:5e:88:1c:f5:28:f8:
24:55:2c:38:56:1e:df:6d:b9:35:6b:65:fa:55:ab:
78:d9:0b:a4:eb:88:6f:69:a1:15:cf:33:3b:1a:c4:
09:92:29:06:50:60:0d:20:b5:79:3f:9e:81:78:b2:
e6:1e:b0:43:1e:6c:c7:7f:0e:76:de:8c:03:51:51:
ed:e9:e3:59:88:3c:87:c5:f6:61:55:b3:82:17:62:
c8:e5:41:3e:84:99:e5:0b:b5:22:70:93:ed:ad:fa:
73:bd:8b:3e:88:a8:b1:14:24:83:43:ee:5f:68:61:
95:b6:d7:03:43:57:39:c1:5c:69:16:4d:b5:3f:0c:
90:40:f0:d4:fa:82:d1:56:2d:87:3d:95:71:f3:7b:
76:52:a9:22:06:5f:88:d0:6e:ba:14:fb:25:4e:8c:
de:6f:cc:38:7a:8f:e9:ec:85:2c:a1:db:51:45:2d:
07:0c:da:fc:db:74:bb:5c:c1:21:d1:e4:58:d8:a1:
31:8d:90:5e:8c:d0:ac:8b:e9:d1:58:77:08:ee:1c:
63:10:3f:4a:8f:0e:de:40:8c:72:b0:89:d9:87:36:
7d:3b:f0:52:19:7e:30:bb:5c:0f:6f:b9:bf:c1:de:
79:ad:8b:cb:c9:74:54:32:89:fa:ae:16:ef:de:4f:
57:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:40:2D:A8:76:A0:B6:C3:58:F9:70:E0:C7:86:5C:00:72:F0:79:AA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/6c5c713e-8a57-4e2a-8fc2-b9d88b0df53f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:8000::/40
Signature Algorithm: sha256WithRSAEncryption
58:a3:b5:6a:0b:9d:9a:ac:a4:8b:85:40:0b:cc:c6:29:b0:2d:
78:1f:8a:fb:7d:b8:fe:d0:af:54:ad:8b:6e:d9:cc:99:e2:e6:
d2:6e:67:b0:7b:e0:5f:89:25:6d:e8:1a:ef:8b:3c:29:61:5a:
54:2d:05:09:52:d4:15:b1:8d:28:24:ac:94:ed:44:a3:df:55:
9e:dc:18:93:91:48:6f:9a:e4:26:21:9b:01:78:e5:78:c6:89:
c8:f8:e6:f6:e1:22:7a:c2:89:26:b4:a8:3b:ee:82:82:74:7f:
00:58:1d:38:44:4e:ae:41:b9:6a:a3:4c:bf:b3:2d:55:88:a3:
0e:59:3d:66:81:61:0b:f9:92:82:71:8d:98:3a:02:e2:ea:08:
07:87:13:8d:f1:3a:d2:01:96:e0:84:f3:18:01:e8:b1:cc:0b:
89:9c:aa:d6:d9:1d:6e:96:64:33:0a:a2:a4:d3:a9:ca:67:52:
2b:13:f7:38:6c:17:45:ff:a5:8c:f0:cb:b4:42:22:32:93:05:
c5:bc:e5:1e:a4:25:f9:35:2c:53:8d:5d:f2:45:75:f6:8c:fb:
7e:ce:dc:dd:82:8b:50:b4:d4:63:4a:e4:5a:ef:53:0a:c0:46:
82:f9:0d:5a:93:75:f5:eb:c8:c0:a3:8f:9e:89:49:88:7e:75:
41:02:ac:a7
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUSjoRu99MSW5VWWN+6PG1/Li405IwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGM3MWU4YzY5MmE1OWJhZGNjOGU5YzE4MmUzYzBkZTM2NzM5MTRjZjMyZjE3
ZGMyYTczZTNlZTU3MzllMzQ3ZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuU1zyFfzfxXogc9Sj4JFUsOFYe3225NWtl+lWreNkLpOuIb2mhFc8zOxrE
CZIpBlBgDSC1eT+egXiy5h6wQx5sx38Odt6MA1FR7enjWYg8h8X2YVWzghdiyOVB
PoSZ5Qu1InCT7a36c72LPoiosRQkg0PuX2hhlbbXA0NXOcFcaRZNtT8MkEDw1PqC
0VYthz2VcfN7dlKpIgZfiNBuuhT7JU6M3m/MOHqP6eyFLKHbUUUtBwza/Nt0u1zB
IdHkWNihMY2QXozQrIvp0Vh3CO4cYxA/So8O3kCMcrCJ2Yc2fTvwUhl+MLtcD2+5
v8Heea2Ly8l0VDKJ+q4W795PV8MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQPQC2o
dqC2w1j5cODHhlwAcvB5qjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NmM1YzcxM2UtOGE1Ny00ZTJhLThmYzItYjlkODhiMGRmNTNmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+A
MA0GCSqGSIb3DQEBCwUAA4IBAQBYo7VqC52arKSLhUALzMYpsC14H4r7fbj+0K9U
rYtu2cyZ4ubSbmewe+BfiSVt6BrvizwpYVpULQUJUtQVsY0oJKyU7USj31We3BiT
kUhvmuQmIZsBeOV4xonI+Ob24SJ6wokmtKg77oKCdH8AWB04RE6uQblqo0y/sy1V
iKMOWT1mgWEL+ZKCcY2YOgLi6ggHhxON8TrSAZbghPMYAeixzAuJnKrW2R1ulmQz
CqKk06nKZ1IrE/c4bBdF/6WM8Mu0QiIykwXFvOUepCX5NSxTjV3yRXX2jPt+ztzd
gotQtNRjSuRa71MKwEaC+Q1ak3X168jAo4+eiUmIfnVBAqyn
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:52:58 2025 by rpki-client