Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c20fd15-246e-4f49-8549-f06ea0d4c2c4.roa
File: 8c20fd15-246e-4f49-8549-f06ea0d4c2c4.roa (raw, json)
Hash identifier: Bbn/nLWfAYm6GqKRBShiUHWYAGp7Q8tLSwL51IOUU/I=
Subject key identifier: 04:25:9F:BB:33:5C:84:F6:8D:A8:40:2A:75:79:5B:57:F5:BE:1B:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 065C3532091FB542AA90D900BB132FEE69F8A366
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c20fd15-246e-4f49-8549-f06ea0d4c2c4.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:5c:35:32:09:1f:b5:42:aa:90:d9:00:bb:13:2f:ee:69:f8:a3:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:be:94:7c:44:27:a3:63:2e:9e:97:94:2c:12:
04:85:80:42:5e:87:4d:ed:e1:c9:0a:91:7f:0d:29:
c4:03:e6:81:d5:cf:aa:03:33:e7:95:f1:0f:3c:9d:
76:c7:0c:0a:dc:22:aa:4f:97:38:31:f1:4c:84:ab:
37:af:d6:6b:6f:7b:69:d4:e6:e0:87:cd:0d:ce:4e:
54:30:c9:51:5b:5b:03:84:be:85:5e:d7:ff:a5:51:
c0:37:da:ea:a7:cf:43:71:24:30:19:8f:44:db:67:
72:08:9a:e0:c0:4d:08:4f:d8:02:e3:8a:bc:18:6a:
93:b7:e0:9b:d8:ca:04:04:6a:96:cc:d4:1d:06:06:
15:88:ae:08:63:00:49:9f:04:c3:d6:af:bf:d5:28:
ce:58:04:59:26:a2:a0:18:f3:6a:48:ce:6a:d1:3f:
17:aa:40:a1:54:a7:8e:d1:06:c3:2a:82:fa:50:8c:
11:ab:43:43:0d:02:ca:b6:71:2d:39:d7:5e:11:78:
ec:30:96:b4:83:3f:f2:40:14:b0:6c:29:81:9e:3e:
78:39:ba:87:13:21:1a:a6:64:77:5a:44:73:fe:a2:
2b:ab:2e:89:8c:17:1d:8b:83:8d:76:2a:89:94:49:
1d:10:1b:e6:1d:1c:88:9f:c3:89:57:76:0e:30:c6:
0e:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:25:9F:BB:33:5C:84:F6:8D:A8:40:2A:75:79:5B:57:F5:BE:1B:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8c20fd15-246e-4f49-8549-f06ea0d4c2c4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:b000::/40
Signature Algorithm: sha256WithRSAEncryption
92:33:1f:39:29:57:62:e1:df:5a:fc:bf:9a:bb:db:ef:f5:cc:
bb:a4:47:7c:39:30:e7:1c:ab:f4:aa:cd:a1:fa:43:5b:f0:78:
d0:42:bd:b1:f0:9e:5b:cd:7b:ea:18:18:17:0a:5e:fb:13:67:
0a:77:74:4a:e2:87:25:86:e1:7e:f0:51:29:dd:56:d0:5a:9a:
58:35:89:52:15:af:48:b2:26:33:02:5d:54:63:b8:80:e7:be:
dc:0e:f1:b1:5d:ed:1e:e1:41:9e:d1:14:ec:5b:01:d6:99:93:
8c:cc:a4:17:1d:fd:e8:f1:ea:b0:ff:42:3f:d2:54:a4:58:dd:
be:9a:96:1f:64:72:27:ee:f7:46:17:af:fe:d2:db:21:d5:80:
c0:65:14:1e:fe:43:22:2b:48:1f:b8:bb:c2:69:aa:a9:79:ae:
49:64:ab:c4:e4:d4:9d:8b:4d:0c:50:e6:77:12:7e:c9:49:8b:
ba:a5:87:4b:e3:c1:81:82:a4:1e:f4:98:b6:5f:b8:d6:38:08:
50:5d:98:2b:17:17:ca:85:11:cc:d8:e4:07:9b:ff:d7:d9:9f:
63:d3:00:23:f3:7a:2f:2d:26:38:51:ce:54:8f:5c:e0:b5:0b:
ef:d2:2e:7d:0f:db:1b:ce:7b:35:b8:e3:2d:0d:63:a7:fd:c1:
b8:a4:b3:e4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUBlw1MgkftUKqkNkAuxMv7mn4o2YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ2NzEyYTk4MDRlZjBkZDA0MTdjNzQ3YjY4MDFlNjc2OGI2ODMxZDZlZTVm
ODkwOWUxNjAwMmQyNmM4MTM1ODcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANG+lHxEJ6NjLp6XlCwSBIWAQl6HTe3hyQqRfw0pxAPmgdXPqgMz55XxDzyd
dscMCtwiqk+XODHxTISrN6/Wa297adTm4IfNDc5OVDDJUVtbA4S+hV7X/6VRwDfa
6qfPQ3EkMBmPRNtncgia4MBNCE/YAuOKvBhqk7fgm9jKBARqlszUHQYGFYiuCGMA
SZ8Ew9avv9UozlgEWSaioBjzakjOatE/F6pAoVSnjtEGwyqC+lCMEatDQw0CyrZx
LTnXXhF47DCWtIM/8kAUsGwpgZ4+eDm6hxMhGqZkd1pEc/6iK6suiYwXHYuDjXYq
iZRJHRAb5h0ciJ/DiVd2DjDGDmMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQEJZ+7
M1yE9o2oQCp1eVtX9b4buzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OGMyMGZkMTUtMjQ2ZS00ZjQ5LTg1NDktZjA2ZWEwZDRjMmM0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H+w
MA0GCSqGSIb3DQEBCwUAA4IBAQCSMx85KVdi4d9a/L+au9vv9cy7pEd8OTDnHKv0
qs2h+kNb8HjQQr2x8J5bzXvqGBgXCl77E2cKd3RK4oclhuF+8FEp3VbQWppYNYlS
Fa9IsiYzAl1UY7iA577cDvGxXe0e4UGe0RTsWwHWmZOMzKQXHf3o8eqw/0I/0lSk
WN2+mpYfZHIn7vdGF6/+0tsh1YDAZRQe/kMiK0gfuLvCaaqpea5JZKvE5NSdi00M
UOZ3En7JSYu6pYdL48GBgqQe9Ji2X7jWOAhQXZgrFxfKhRHM2OQHm//X2Z9j0wAj
83ovLSY4Uc5Uj1zgtQvv0i59D9sbzns1uOMtDWOn/cG4pLPk
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:48 2025 by rpki-client