Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5616cf9-78f7-4329-90b1-90a383fd5890.roa
File: b5616cf9-78f7-4329-90b1-90a383fd5890.roa (raw, json)
Hash identifier: cqVkMklCMjVdrAlLVtQLIYukYY/W+rBXNvljPFsqs/o=
Subject key identifier: 80:00:0F:7B:D3:22:FC:CD:8C:9E:20:F8:F0:D9:F6:5D:D6:E3:FD:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1EBAC73A29643E053A820F668F66423F703FFF2A
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5616cf9-78f7-4329-90b1-90a383fd5890.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07f:e000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:ba:c7:3a:29:64:3e:05:3a:82:0f:66:8f:66:42:3f:70:3f:ff:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e2:2f:37:00:e5:31:90:23:19:6b:03:76:95:
cd:f6:e2:e8:26:ec:64:8f:36:b5:d2:c5:45:f8:57:
be:b4:ce:46:2c:d8:29:0c:df:e1:9e:f0:0d:69:da:
e8:c7:b6:da:07:99:49:31:69:43:4e:7d:5d:f9:2b:
ce:c7:6e:08:de:6d:01:c3:0d:c0:bb:b2:9c:c6:80:
0a:95:6f:7a:eb:b1:a1:00:4a:72:af:0d:70:51:fe:
35:3c:43:18:6e:08:f8:8f:29:12:da:71:dc:91:c2:
02:3a:39:92:32:1d:f5:ff:15:89:ab:9a:55:10:81:
8b:aa:05:3b:bf:bc:31:d8:8a:96:ba:35:7d:3d:e4:
e1:9d:63:4d:0d:1b:23:01:8d:57:ca:4f:64:b0:9b:
8c:94:5c:2c:65:e3:d9:e5:5f:d3:0f:27:fa:24:70:
97:b5:7d:a4:60:35:5f:e4:d1:c4:91:57:e7:a0:8e:
2e:cf:7b:a6:48:19:f1:ed:56:4f:c4:0d:d1:2c:ae:
57:a1:6c:e6:15:a6:38:76:2d:94:15:9a:6c:e8:8b:
9d:4c:4e:c7:ff:93:ae:8a:09:da:2c:dc:93:ec:3d:
b7:a9:d4:83:c4:12:c8:af:b0:e9:42:8b:ac:3d:73:
08:98:8e:c6:80:c6:5a:10:89:67:2c:c6:6b:b1:5f:
05:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:00:0F:7B:D3:22:FC:CD:8C:9E:20:F8:F0:D9:F6:5D:D6:E3:FD:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/b5616cf9-78f7-4329-90b1-90a383fd5890.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07f:e000::/40
Signature Algorithm: sha256WithRSAEncryption
61:2c:95:5c:0e:b3:22:95:34:28:00:25:e1:17:b1:a3:aa:33:
53:9b:66:ff:a7:83:4f:88:a5:7c:e2:1f:30:c9:f8:e2:a9:18:
01:92:9a:85:c1:0e:e7:0a:af:0d:55:4a:83:8f:56:94:e4:38:
db:94:19:f2:99:1b:d9:ab:f4:3e:d3:31:9f:39:a4:ca:f7:51:
28:b3:6d:d4:9d:0a:43:45:96:5c:74:b4:04:c4:a8:4d:dc:d7:
16:46:12:bc:63:46:db:7a:7d:2f:68:e6:ba:e1:cf:8c:f1:e7:
bd:f1:84:35:ae:e7:6e:9b:53:80:c8:ff:35:12:2b:6b:fb:f0:
99:d2:81:88:fe:36:09:5b:5e:68:3c:a4:16:aa:ba:88:de:6a:
2a:0d:bd:33:fa:d8:79:99:59:47:df:cc:4b:5d:ee:e9:10:40:
32:d1:23:31:ca:fd:04:d9:ba:be:f1:2c:87:4e:93:73:14:bd:
ac:22:28:48:f5:fe:4a:2f:57:d2:d8:1c:90:64:a5:ef:77:c0:
25:dd:65:ea:b6:61:40:53:10:8a:f0:6c:90:5f:98:8e:5f:d6:
46:5e:ee:5a:5c:6d:c3:54:6e:ad:1e:e7:18:ac:4a:a3:84:7e:
e9:81:d8:e8:79:08:59:51:77:d2:8e:f9:cf:9e:ff:5c:1c:ad:
b5:89:f3:6b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHrrHOilkPgU6gg9mj2ZCP3A//yowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDdmMzk3YTRmOTg0YmYwNDNjMDg4ZTZlODFmMDQ0ZGRkNzNlYmJhOGM5NzE3
MTFjNGY2YjBkYTY1ZmFlNGZmNDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALjiLzcA5TGQIxlrA3aVzfbi6CbsZI82tdLFRfhXvrTORizYKQzf4Z7wDWna
6Me22geZSTFpQ059XfkrzsduCN5tAcMNwLuynMaACpVveuuxoQBKcq8NcFH+NTxD
GG4I+I8pEtpx3JHCAjo5kjId9f8ViauaVRCBi6oFO7+8MdiKlro1fT3k4Z1jTQ0b
IwGNV8pPZLCbjJRcLGXj2eVf0w8n+iRwl7V9pGA1X+TRxJFX56COLs97pkgZ8e1W
T8QN0SyuV6Fs5hWmOHYtlBWabOiLnUxOx/+TrooJ2izck+w9t6nUg8QSyK+w6UKL
rD1zCJiOxoDGWhCJZyzGa7FfBW8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSAAA97
0yL8zYyeIPjw2fZd1uP9VTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YjU2MTZjZjktNzhmNy00MzI5LTkwYjEtOTBhMzgzZmQ1ODkwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0H/g
MA0GCSqGSIb3DQEBCwUAA4IBAQBhLJVcDrMilTQoACXhF7GjqjNTm2b/p4NPiKV8
4h8wyfjiqRgBkpqFwQ7nCq8NVUqDj1aU5DjblBnymRvZq/Q+0zGfOaTK91Eos23U
nQpDRZZcdLQExKhN3NcWRhK8Y0bben0vaOa64c+M8ee98YQ1rudum1OAyP81Eitr
+/CZ0oGI/jYJW15oPKQWqrqI3moqDb0z+th5mVlH38xLXe7pEEAy0SMxyv0E2bq+
8SyHTpNzFL2sIihI9f5KL1fS2ByQZKXvd8Al3WXqtmFAUxCK8GyQX5iOX9ZGXu5a
XG3DVG6tHucYrEqjhH7pgdjoeQhZUXfSjvnPnv9cHK21ifNr
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:26:50 2025 by rpki-client