Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7caaf316-225a-49cc-a12f-2d0e1fec97d9.roa
File: 7caaf316-225a-49cc-a12f-2d0e1fec97d9.roa (raw, json)
Hash identifier: qM4YZ/DzJI5ob02DRSXym7gv3x0Hu2HBFoxCykQfWyE=
Subject key identifier: DA:8B:25:54:00:76:42:66:DB:A8:7E:D6:E5:4E:EC:61:5E:94:2A:17
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 380E908A2BD85D292225A13F0C768DB3F134ED2C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7caaf316-225a-49cc-a12f-2d0e1fec97d9.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d070:a000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:0e:90:8a:2b:d8:5d:29:22:25:a1:3f:0c:76:8d:b3:f1:34:ed:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:15:35:27:7d:77:71:98:0b:32:0f:7c:06:7e:
f8:c4:49:6d:64:e6:d3:dd:ea:60:90:7f:da:e4:b2:
a4:31:ac:6d:11:4d:b6:8c:3d:90:61:cb:16:aa:29:
09:0c:18:3c:87:cd:68:bf:62:8e:c9:fb:e6:8c:12:
a8:a9:0d:eb:6c:b1:c8:7e:5a:75:23:90:bf:b8:35:
41:f4:3f:21:40:a9:10:6c:66:78:31:bd:2e:75:1a:
fb:d3:6a:bd:26:09:fe:81:53:f2:39:c5:6e:12:df:
8b:a6:95:b5:80:25:f1:d6:f8:c6:dc:dc:7c:7e:92:
44:71:6d:c4:b8:7a:cf:98:ff:78:86:a3:f1:ee:a1:
bd:d6:e7:53:b5:bf:ab:80:b3:dd:6d:93:5d:6a:99:
ed:ef:d0:0e:b8:c4:38:08:7a:7d:64:1e:dc:67:99:
4d:e4:2b:b1:b0:3b:10:86:93:d2:38:32:cd:a2:de:
7c:7e:ea:a3:08:29:f9:d2:67:02:9b:34:00:a9:bc:
fc:35:0a:b6:8f:a1:b9:28:d0:de:6b:e8:20:18:40:
d7:41:37:07:13:95:41:9e:f1:7d:bd:3a:25:6c:fc:
86:99:64:b1:33:81:29:59:f0:fd:6c:c4:47:be:d3:
28:90:86:fa:88:4f:77:a7:18:dc:52:f9:47:7d:b1:
ed:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DA:8B:25:54:00:76:42:66:DB:A8:7E:D6:E5:4E:EC:61:5E:94:2A:17
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7caaf316-225a-49cc-a12f-2d0e1fec97d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d070:a000::/40
Signature Algorithm: sha256WithRSAEncryption
1c:04:95:f4:cc:d8:71:7c:13:2f:73:a7:3e:ea:86:0a:c2:ca:
e7:47:91:6d:69:2d:08:82:1c:c7:40:f8:96:54:b0:ba:5e:da:
5c:76:73:c5:2f:05:26:4b:53:f9:0f:6b:6d:87:87:f9:96:1c:
c9:cd:49:61:ec:ba:d2:7e:a8:b4:b6:75:d5:b1:ad:ec:02:33:
0c:a7:6e:99:17:ea:e6:9c:d6:10:bf:98:9e:0f:b2:ec:87:73:
34:d6:1f:1e:cd:58:f0:b1:e0:85:aa:e5:c2:9e:5e:ca:24:57:
c3:51:86:f3:c4:02:bf:ef:e4:af:a4:07:f2:4f:73:c2:fb:a8:
ca:52:44:af:02:70:29:02:dc:44:e3:73:10:7a:6e:72:22:92:
6a:b4:a6:35:9c:da:b0:a4:d9:79:45:ed:2f:1a:f6:9d:cf:dd:
7c:98:ea:39:12:8d:5f:22:9e:b8:bb:5a:d3:c8:10:e2:db:57:
1c:ac:34:41:65:d9:50:4e:da:7e:dc:51:27:a5:22:79:c7:30:
73:ae:0a:c9:ed:61:bb:4b:2c:d6:33:14:75:ad:3e:4e:3b:71:
46:b2:e0:c5:47:66:c3:a9:d9:15:5b:13:8f:78:65:22:34:c9:
03:68:87:38:c2:78:38:6a:ac:b5:2f:4a:62:95:9f:c2:2d:95:
48:3f:94:e1
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUOA6QiivYXSkiJaE/DHaNs/E07SwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDVkNWMwYjBjZTdiNzc3NDk1MDE0NzAxYmYwZWMyYWUzYzQ5NTA5YmZkOTVi
ZmZmMTVhMmI2ZjcwNjU3MjU1NzUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK4VNSd9d3GYCzIPfAZ++MRJbWTm093qYJB/2uSypDGsbRFNtow9kGHLFqop
CQwYPIfNaL9ijsn75owSqKkN62yxyH5adSOQv7g1QfQ/IUCpEGxmeDG9LnUa+9Nq
vSYJ/oFT8jnFbhLfi6aVtYAl8db4xtzcfH6SRHFtxLh6z5j/eIaj8e6hvdbnU7W/
q4Cz3W2TXWqZ7e/QDrjEOAh6fWQe3GeZTeQrsbA7EIaT0jgyzaLefH7qowgp+dJn
Aps0AKm8/DUKto+huSjQ3mvoIBhA10E3BxOVQZ7xfb06JWz8hplksTOBKVnw/WzE
R77TKJCG+ohPd6cY3FL5R32x7WECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTaiyVU
AHZCZtuoftblTuxhXpQqFzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
N2NhYWYzMTYtMjI1YS00OWNjLWExMmYtMmQwZTFmZWM5N2Q5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HCg
MA0GCSqGSIb3DQEBCwUAA4IBAQAcBJX0zNhxfBMvc6c+6oYKwsrnR5FtaS0IghzH
QPiWVLC6XtpcdnPFLwUmS1P5D2tth4f5lhzJzUlh7LrSfqi0tnXVsa3sAjMMp26Z
F+rmnNYQv5ieD7Lsh3M01h8ezVjwseCFquXCnl7KJFfDUYbzxAK/7+SvpAfyT3PC
+6jKUkSvAnApAtxE43MQem5yIpJqtKY1nNqwpNl5Re0vGvadz918mOo5Eo1fIp64
u1rTyBDi21ccrDRBZdlQTtp+3FEnpSJ5xzBzrgrJ7WG7SyzWMxR1rT5OO3FGsuDF
R2bDqdkVWxOPeGUiNMkDaIc4wng4aqy1L0pilZ/CLZVIP5Th
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:04:25 2025 by rpki-client