Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c176d4fe-de46-4300-a277-59c0c15d8d82.roa
File: c176d4fe-de46-4300-a277-59c0c15d8d82.roa (raw, json)
Hash identifier: EQN7fVHaSteFTEcjy1uNw3AJRWmiHslGHYk1a5c6Ets=
Subject key identifier: 72:50:68:46:66:C0:1B:AD:DE:0D:21:92:89:3A:AF:5D:7F:10:93:DA
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 797121D46583EC9E611C71A71A2F974A9A961785
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c176d4fe-de46-4300-a277-59c0c15d8d82.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:71:21:d4:65:83:ec:9e:61:1c:71:a7:1a:2f:97:4a:9a:96:17:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d7:1b:bc:fc:16:01:13:1f:02:17:98:b7:ce:
34:fb:f1:99:bd:03:c8:bd:63:9d:f5:dd:51:ad:68:
19:04:b4:33:45:a6:28:34:7d:89:de:45:5a:31:42:
0b:fa:d7:d6:f1:5e:9f:a9:0f:4f:cd:bf:64:26:e8:
4e:fd:a1:b8:62:98:93:cf:3f:6d:6a:4d:e0:0d:71:
2f:db:a6:6c:e2:00:6c:bc:76:a3:6b:61:77:34:be:
87:92:05:a8:65:5b:b4:0c:26:7e:aa:9d:7a:97:9e:
78:0e:89:21:42:26:1b:8b:84:7e:38:29:b8:75:4c:
94:2b:af:19:2e:ab:60:48:8c:9d:1b:15:a3:02:32:
76:74:94:cf:54:29:44:bc:e2:ad:d7:4e:8c:71:f7:
6a:a8:91:92:e2:3e:b1:ba:db:ec:d2:93:49:d3:ce:
09:6d:31:49:bd:d1:46:a0:47:3c:85:c5:2c:ea:cd:
c2:26:b9:2c:2d:1b:66:72:8e:10:d6:94:7d:b4:03:
70:73:ad:4e:50:6d:66:ee:08:56:9f:ed:91:7a:81:
79:c6:5d:3f:f9:fe:e9:a2:7f:09:ff:c4:57:ef:5a:
85:9d:05:94:19:f0:7a:08:a4:2e:63:54:91:ca:f9:
6b:b9:54:8f:a6:31:a7:97:e4:2d:5a:61:a3:f1:0e:
1c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:50:68:46:66:C0:1B:AD:DE:0D:21:92:89:3A:AF:5D:7F:10:93:DA
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c176d4fe-de46-4300-a277-59c0c15d8d82.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2000::/40
Signature Algorithm: sha256WithRSAEncryption
15:fe:19:6b:74:74:bd:dc:24:fc:92:cc:f5:16:1a:ae:c7:14:
f9:ac:af:e9:b5:8b:0a:56:d5:23:1e:36:4b:10:25:77:90:b8:
c5:63:4d:0c:6a:37:60:98:d1:64:49:95:cd:95:d9:e7:4c:c5:
bb:6d:e9:a2:22:ec:52:15:18:8e:93:d3:57:ec:fb:45:eb:a9:
49:e1:8d:17:32:aa:4f:12:81:66:2f:99:99:49:55:d8:05:d0:
6b:9d:18:82:62:dc:67:6e:55:5b:ae:c6:1b:c6:6e:71:1d:3a:
1b:c5:b1:35:ac:24:b3:14:01:7a:75:e4:cc:a9:d7:00:3b:11:
8e:4d:ec:72:2f:5a:69:02:4a:d1:b5:3a:7b:08:f0:b7:e5:23:
d7:96:b6:0f:61:72:fc:10:39:45:e5:21:b2:2e:54:33:c5:6c:
5d:67:e5:04:13:b3:82:60:be:a9:28:7f:77:f8:65:2c:14:2e:
bf:70:b8:02:60:a2:12:22:0f:7e:22:06:c4:1d:60:fe:04:8a:
9c:56:eb:d2:1d:25:21:2f:f8:37:4a:08:96:3e:9a:2a:10:27:
78:53:fc:c9:5d:07:67:8c:5d:4e:6f:7f:64:bc:ea:ff:6c:87:
d8:a9:71:15:c5:68:c2:ae:b2:6b:ac:cd:08:98:00:91:f9:69:
99:ee:4e:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUeXEh1GWD7J5hHHGnGi+XSpqWF4UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDgyNzgzOTdhODE2MmNhNGQ2OTZhYmU1MzM2Njk0NTkwNDhiZWMyYzJhYTY0
ZDNlNTM0N2JiNzhkOTU2ZGNkZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfXG7z8FgETHwIXmLfONPvxmb0DyL1jnfXdUa1oGQS0M0WmKDR9id5FWjFC
C/rX1vFen6kPT82/ZCboTv2huGKYk88/bWpN4A1xL9umbOIAbLx2o2thdzS+h5IF
qGVbtAwmfqqdepeeeA6JIUImG4uEfjgpuHVMlCuvGS6rYEiMnRsVowIydnSUz1Qp
RLzirddOjHH3aqiRkuI+sbrb7NKTSdPOCW0xSb3RRqBHPIXFLOrNwia5LC0bZnKO
ENaUfbQDcHOtTlBtZu4IVp/tkXqBecZdP/n+6aJ/Cf/EV+9ahZ0FlBnwegikLmNU
kcr5a7lUj6Yxp5fkLVpho/EOHCECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRyUGhG
ZsAbrd4NIZKJOq9dfxCT2jAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzE3NmQ0ZmUtZGU0Ni00MzAwLWEyNzctNTljMGMxNWQ4ZDgyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAg
MA0GCSqGSIb3DQEBCwUAA4IBAQAV/hlrdHS93CT8ksz1FhquxxT5rK/ptYsKVtUj
HjZLECV3kLjFY00MajdgmNFkSZXNldnnTMW7bemiIuxSFRiOk9NX7PtF66lJ4Y0X
MqpPEoFmL5mZSVXYBdBrnRiCYtxnblVbrsYbxm5xHTobxbE1rCSzFAF6deTMqdcA
OxGOTexyL1ppAkrRtTp7CPC35SPXlrYPYXL8EDlF5SGyLlQzxWxdZ+UEE7OCYL6p
KH93+GUsFC6/cLgCYKISIg9+IgbEHWD+BIqcVuvSHSUhL/g3SgiWPpoqECd4U/zJ
XQdnjF1Ob39kvOr/bIfYqXEVxWjCrrJrrM0ImACR+WmZ7k6Z
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:15:05 2025 by rpki-client