Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b4179d9-6f47-4699-ac59-d57ba5ebbe0b.roa
File: 9b4179d9-6f47-4699-ac59-d57ba5ebbe0b.roa (raw, json)
Hash identifier: OR0BG8F+YLrbsJxt3qQg6k+H8N7UBKKIIhAbI1YkVQs=
Subject key identifier: 5B:31:C0:C1:B2:4D:CA:89:AF:74:E8:CC:F1:D0:22:6D:28:FA:9F:DF
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 70F594A4601CCDD423E6DF0799D35C6BD5BAD667
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b4179d9-6f47-4699-ac59-d57ba5ebbe0b.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d031:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:f5:94:a4:60:1c:cd:d4:23:e6:df:07:99:d3:5c:6b:d5:ba:d6:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:af:d3:b8:43:38:c2:4a:6c:19:f4:f4:95:8f:
fd:69:e4:42:ca:4e:ab:05:7b:94:a3:b5:f8:39:e0:
99:c6:02:2d:c3:b9:fb:c3:ca:dc:58:35:f0:8c:6b:
d0:85:84:01:d3:63:fa:84:08:95:89:07:dc:d9:4c:
80:0a:45:24:27:6f:45:73:52:51:ea:07:77:ef:5a:
22:f5:c8:bb:30:7e:89:08:d2:74:43:0b:d2:d7:e9:
e9:6e:8b:f9:45:aa:14:3f:1c:32:10:eb:8b:87:78:
02:5c:68:a1:fc:3c:62:a9:f6:64:14:45:40:46:f9:
1f:e0:09:75:d9:22:ca:55:20:cf:20:e6:47:26:2f:
14:ef:91:be:1a:bb:12:61:6f:4f:13:8e:3c:ff:5b:
2f:d4:3c:2e:c9:c3:71:e9:f7:b2:c6:df:4f:e1:ca:
7e:08:a2:d8:2e:49:8c:a1:c0:83:94:73:a7:15:9b:
ab:96:40:10:30:2d:43:cc:df:12:7d:be:e3:22:29:
b0:a9:39:f4:5c:c1:04:65:8b:a7:46:6e:6f:bf:4e:
f5:6d:9f:ec:16:61:38:a7:c0:83:52:83:85:c7:bb:
87:e7:3e:f5:69:5a:7a:69:59:74:52:bc:f2:ba:1c:
c9:01:a9:a4:24:ce:5f:64:f8:a1:21:4f:e7:bd:05:
1e:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:31:C0:C1:B2:4D:CA:89:AF:74:E8:CC:F1:D0:22:6D:28:FA:9F:DF
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9b4179d9-6f47-4699-ac59-d57ba5ebbe0b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d031:2000::/40
Signature Algorithm: sha256WithRSAEncryption
67:5c:21:82:17:47:e4:38:e7:55:64:49:f8:e3:8e:b3:f5:c9:
47:4a:fc:b1:9a:58:43:84:dd:5a:a6:0b:0d:84:34:dc:c2:4b:
c5:29:06:6c:3d:78:cd:6e:ff:24:a4:67:87:0e:d0:75:4c:f4:
db:6e:44:f2:24:a8:e5:ba:41:8b:e3:b4:83:0c:74:b1:20:30:
7e:94:bc:89:54:f9:08:03:fe:26:78:cf:86:ff:4d:78:90:df:
56:6b:bb:e3:8c:bd:dc:1d:60:64:1b:7b:4f:c9:10:e3:1e:35:
4f:68:4e:79:e5:a4:5e:6b:36:90:56:de:ed:92:79:5b:b8:75:
48:4b:e7:fd:d8:35:de:b4:24:1b:1c:97:a3:fe:73:ae:45:ba:
b7:33:30:12:13:c9:6d:c6:e5:4e:dd:61:73:33:05:59:59:42:
2b:15:66:1d:8d:56:17:6b:15:a8:bd:78:0e:49:31:ad:3d:8f:
8e:ca:39:d7:31:36:81:47:38:05:ff:11:46:d8:f1:fa:b6:fc:
cd:ee:ed:12:d8:30:6c:ea:f7:6a:c6:9d:5d:08:24:f7:51:b9:
0a:d6:bf:a5:61:8e:3b:7d:32:6b:b4:43:2c:d9:b6:81:e0:57:
09:be:a9:7e:44:e1:f9:81:7b:b1:40:ff:6e:54:ed:3d:86:59:
dd:62:5c:d3
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUcPWUpGAczdQj5t8HmdNca9W61mcwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDIzODQ2N2E0NzQ5ZDY0ODM3MjFjZTA5Y2VjNDRmZmUyNTNhZWI2NWNjNjEy
NDlkYmFmNThmODgyMjlkYTYzYjQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPmv07hDOMJKbBn09JWP/WnkQspOqwV7lKO1+DngmcYCLcO5+8PK3Fg18Ixr
0IWEAdNj+oQIlYkH3NlMgApFJCdvRXNSUeoHd+9aIvXIuzB+iQjSdEML0tfp6W6L
+UWqFD8cMhDri4d4Alxoofw8Yqn2ZBRFQEb5H+AJddkiylUgzyDmRyYvFO+Rvhq7
EmFvTxOOPP9bL9Q8LsnDcen3ssbfT+HKfgii2C5JjKHAg5RzpxWbq5ZAEDAtQ8zf
En2+4yIpsKk59FzBBGWLp0Zub79O9W2f7BZhOKfAg1KDhce7h+c+9WlaemlZdFK8
8rocyQGppCTOX2T4oSFP570FHtMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRbMcDB
sk3Kia906Mzx0CJtKPqf3zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWI0MTc5ZDktNmY0Ny00Njk5LWFjNTktZDU3YmE1ZWJiZTBiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DEg
MA0GCSqGSIb3DQEBCwUAA4IBAQBnXCGCF0fkOOdVZEn4446z9clHSvyxmlhDhN1a
pgsNhDTcwkvFKQZsPXjNbv8kpGeHDtB1TPTbbkTyJKjlukGL47SDDHSxIDB+lLyJ
VPkIA/4meM+G/014kN9Wa7vjjL3cHWBkG3tPyRDjHjVPaE555aReazaQVt7tknlb
uHVIS+f92DXetCQbHJej/nOuRbq3MzASE8ltxuVO3WFzMwVZWUIrFWYdjVYXaxWo
vXgOSTGtPY+OyjnXMTaBRzgF/xFG2PH6tvzN7u0S2DBs6vdqxp1dCCT3UbkK1r+l
YY47fTJrtEMs2baB4FcJvql+ROH5gXuxQP9uVO09hlndYlzT
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:07:31 2025 by rpki-client