Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad8623fa-dde5-4517-9b7e-52f4b0b1f32c.roa
File: ad8623fa-dde5-4517-9b7e-52f4b0b1f32c.roa (raw, json)
Hash identifier: BhXKcLCYl0dBCsKDLTPH6rl+dd2Z7mBQ0lWBqR72R4A=
Subject key identifier: F7:FF:FB:0D:2A:E3:E7:69:AD:F9:33:39:36:AE:D2:90:A1:F5:32:A4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2F6390BA346646BA5D8048E517BABB855FA48FBF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad8623fa-dde5-4517-9b7e-52f4b0b1f32c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:c000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:63:90:ba:34:66:46:ba:5d:80:48:e5:17:ba:bb:85:5f:a4:8f:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:7f:d3:3a:8e:1f:b2:5f:85:50:bc:b0:b0:bd:
a4:d1:a8:1c:46:14:6a:7f:6b:95:19:cd:b3:3f:2c:
be:00:c2:01:07:2d:75:76:ea:51:f8:b6:fd:c2:ec:
a8:79:7d:c1:11:42:72:f6:38:c6:3b:3f:0b:46:b0:
be:ea:fb:b4:cc:3b:d0:f1:79:a3:93:cc:fa:64:6f:
a0:4c:93:d1:c4:04:a0:b3:72:69:6e:99:a9:62:bf:
7d:5a:cc:3f:18:a7:8a:80:b9:4f:5b:3b:78:b2:b2:
6d:1a:9c:cb:b4:4f:27:e4:1c:ee:c2:c2:77:46:e0:
ef:3d:9b:5c:15:00:cf:12:de:90:b6:9c:15:43:33:
69:9f:66:0e:50:da:b4:3b:84:ee:29:c5:f5:89:60:
9a:2b:bf:99:17:46:0c:a1:14:f7:23:90:8f:3b:14:
1e:be:a5:46:6d:e9:a3:bb:62:f3:fb:ac:d8:1a:01:
d9:0e:38:4b:3e:2e:3c:53:c2:46:80:37:89:92:93:
88:26:86:17:4c:15:fc:ba:1c:39:3b:ae:9c:54:1e:
1d:47:08:de:3f:5b:f6:24:0b:b0:a9:6c:81:c9:ea:
9a:b9:ec:23:6f:1f:3b:41:ed:4f:e2:e8:af:cb:0e:
7e:d7:e4:e0:66:cb:84:b3:79:cd:b3:ca:35:c8:4f:
a1:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:FF:FB:0D:2A:E3:E7:69:AD:F9:33:39:36:AE:D2:90:A1:F5:32:A4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/ad8623fa-dde5-4517-9b7e-52f4b0b1f32c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:c000::/40
Signature Algorithm: sha256WithRSAEncryption
3d:4c:cb:2b:23:ba:e3:70:e4:f1:d5:82:e4:5f:df:37:d5:d1:
7e:7c:4a:f4:1f:aa:93:9c:79:ea:d6:91:2f:c1:d8:44:64:98:
84:d6:7f:d3:48:d6:88:86:1a:c9:ff:59:6e:22:b1:9b:80:13:
e4:92:2e:10:1e:d6:d8:d4:fb:d4:b6:a9:3b:21:cc:74:87:d1:
d1:6d:2c:84:70:8d:52:8e:02:0c:c5:b4:52:94:fb:41:9b:3c:
68:94:c8:6f:d6:61:03:3d:3b:a8:f0:42:9f:d8:21:3a:83:bd:
a7:df:e3:c0:4b:92:a4:df:d6:b7:14:1c:f8:18:a0:25:31:ba:
d5:e1:8c:2f:92:57:c7:b0:2d:4f:8b:a0:0a:65:27:74:89:79:
93:c2:f3:61:ea:f6:a1:cd:a4:e0:f0:2a:fd:df:fc:45:aa:87:
b7:7f:31:71:2f:9f:34:a2:00:a8:a7:ee:4b:65:74:4a:fc:81:
48:e3:ad:40:e4:db:41:9c:a0:31:c4:59:45:1e:fd:ac:06:15:
64:70:86:2c:7e:d9:a0:90:71:e5:f3:5e:ef:69:78:5d:3d:4a:
58:b5:92:78:fd:86:1f:fe:7b:58:56:59:ab:24:5c:b3:ca:ac:
93:e2:55:75:b7:a1:e5:97:0e:ea:e7:aa:09:a2:9a:72:2b:4c:
f5:53:32:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUL2OQujRmRrpdgEjlF7q7hV+kj78wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ1NjExMGFjY2Q2ZTQ5YWU5MzA1NjM4NjNjYjQ5YjMxZDE4OGVkMWUwYzc1
OGVlODBlMTMxMDNjYWI1MjIxYmUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOx/0zqOH7JfhVC8sLC9pNGoHEYUan9rlRnNsz8svgDCAQctdXbqUfi2/cLs
qHl9wRFCcvY4xjs/C0awvur7tMw70PF5o5PM+mRvoEyT0cQEoLNyaW6ZqWK/fVrM
PxinioC5T1s7eLKybRqcy7RPJ+Qc7sLCd0bg7z2bXBUAzxLekLacFUMzaZ9mDlDa
tDuE7inF9Ylgmiu/mRdGDKEU9yOQjzsUHr6lRm3po7ti8/us2BoB2Q44Sz4uPFPC
RoA3iZKTiCaGF0wV/LocOTuunFQeHUcI3j9b9iQLsKlsgcnqmrnsI28fO0HtT+Lo
r8sOftfk4GbLhLN5zbPKNchPoacCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT3//sN
KuPnaa35Mzk2rtKQofUypDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWQ4NjIzZmEtZGRlNS00NTE3LTliN2UtNTJmNGIwYjFmMzJjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HnA
MA0GCSqGSIb3DQEBCwUAA4IBAQA9TMsrI7rjcOTx1YLkX9831dF+fEr0H6qTnHnq
1pEvwdhEZJiE1n/TSNaIhhrJ/1luIrGbgBPkki4QHtbY1PvUtqk7Icx0h9HRbSyE
cI1SjgIMxbRSlPtBmzxolMhv1mEDPTuo8EKf2CE6g72n3+PAS5Kk39a3FBz4GKAl
MbrV4YwvklfHsC1Pi6AKZSd0iXmTwvNh6vahzaTg8Cr93/xFqoe3fzFxL580ogCo
p+5LZXRK/IFI461A5NtBnKAxxFlFHv2sBhVkcIYsftmgkHHl817vaXhdPUpYtZJ4
/YYf/ntYVlmrJFyzyqyT4lV1t6Hllw7q56oJoppyK0z1UzIx
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:59 2025 by rpki-client