Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c559ef3f-698b-48d6-a53a-197ff64f1d48.roa
File: c559ef3f-698b-48d6-a53a-197ff64f1d48.roa (raw, json)
Hash identifier: sJ4Kl76j2KjIH4QBoDiX4d3PgF/i7bJu+uCNL0ExH30=
Subject key identifier: 1F:42:B6:65:E1:F9:4D:2D:4F:08:37:71:CA:C5:3B:A5:BA:A6:A8:9A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3F5B80CE197966E433040DC6676B8CBD50FB5B40
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c559ef3f-698b-48d6-a53a-197ff64f1d48.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d040:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:5b:80:ce:19:79:66:e4:33:04:0d:c6:67:6b:8c:bd:50:fb:5b:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:e8:2f:f4:b2:12:ac:a7:8c:be:0b:19:12:48:
3c:d8:00:18:c2:99:59:5f:0d:3a:e0:d2:1f:27:c9:
40:9c:17:16:a3:29:4c:7e:5f:92:c8:4c:9a:75:2c:
ef:c5:00:dc:a0:cc:ec:cf:a2:ea:c9:79:e5:dd:82:
5a:f3:3b:e9:92:64:9b:e7:25:b3:d6:62:40:52:71:
a4:bc:04:f3:b7:02:d3:4c:aa:96:b3:a5:b0:ad:49:
7c:df:39:eb:7e:e4:f5:de:8d:5f:8c:37:e1:09:20:
4d:3e:ed:fa:fd:1c:de:7b:96:2d:eb:b6:92:1b:24:
bb:e9:60:0e:48:13:7f:d4:01:f4:2c:66:f5:ea:16:
cb:a4:e7:aa:5c:d0:2a:1b:81:d7:64:3a:b6:24:9d:
71:58:e5:8a:69:24:42:58:a9:0e:5a:8a:2a:cc:35:
84:5d:64:8d:0d:a8:d3:55:02:7e:0a:0f:76:de:e3:
20:d7:3b:e4:cf:98:76:3f:ba:b7:64:d5:a5:a4:40:
c3:c6:2a:d5:c9:89:5f:70:8a:ec:cd:93:99:e0:af:
70:92:da:f8:56:13:5e:61:77:93:57:c8:ce:1e:1b:
f5:03:90:99:71:7b:01:02:f3:7a:8b:7a:0f:e4:d2:
b4:cd:e7:af:71:2b:10:8b:f3:3d:c5:66:48:5b:d9:
b5:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:42:B6:65:E1:F9:4D:2D:4F:08:37:71:CA:C5:3B:A5:BA:A6:A8:9A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c559ef3f-698b-48d6-a53a-197ff64f1d48.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d040:b000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:8d:8f:bc:e9:75:63:e7:84:58:f1:ca:b1:6a:02:fb:25:6e:
c3:a6:ac:99:db:05:4e:31:7e:13:8c:d6:2b:16:52:8c:8c:d6:
8c:01:d1:a6:bb:2e:6c:13:fe:cc:84:20:40:2a:c1:8b:ac:7d:
5d:22:a0:f7:17:9c:73:11:4a:b0:d5:d3:98:85:fa:ab:85:b2:
64:0a:a1:e9:38:04:cd:d5:1d:e5:4a:5f:45:db:4c:14:58:c9:
91:a6:d2:92:92:ab:7e:15:22:22:04:2a:d5:40:ed:59:a9:54:
4d:67:8d:2f:94:97:6b:90:6d:53:04:5b:5e:c2:5a:77:f4:75:
58:2d:a8:e0:70:ec:f6:2f:79:26:a6:5e:0f:da:df:1d:48:98:
c6:1d:d2:5d:33:21:fa:3d:b3:ae:fb:26:90:ba:af:02:8b:6b:
d4:78:48:48:99:ee:56:36:14:cd:65:da:ef:90:bc:9e:47:28:
f3:a9:3a:1f:c6:50:6c:63:89:b7:a4:b1:b0:c7:6e:94:f3:9c:
93:46:bb:82:bd:24:d1:bf:54:f3:bc:e3:03:fb:04:a6:43:c4:
f5:ce:40:3d:a8:57:be:91:d0:1b:1c:bd:b1:73:34:48:87:82:
cd:ce:be:74:2e:56:23:91:50:f7:41:a2:2f:25:2a:43:51:0e:
6d:86:b1:99
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUP1uAzhl5ZuQzBA3GZ2uMvVD7W0AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGU1YzY2YjVhYTVmMjViN2Y1NjFiMmJmODI3ZmI3NzRkNTc5NGEyMzg3MTU1
NjY1MDI1M2FhMjNhMTVhMjI3ZjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJXoL/SyEqynjL4LGRJIPNgAGMKZWV8NOuDSHyfJQJwXFqMpTH5fkshMmnUs
78UA3KDM7M+i6sl55d2CWvM76ZJkm+cls9ZiQFJxpLwE87cC00yqlrOlsK1JfN85
637k9d6NX4w34QkgTT7t+v0c3nuWLeu2khsku+lgDkgTf9QB9Cxm9eoWy6TnqlzQ
KhuB12Q6tiSdcVjlimkkQlipDlqKKsw1hF1kjQ2o01UCfgoPdt7jINc75M+Ydj+6
t2TVpaRAw8Yq1cmJX3CK7M2TmeCvcJLa+FYTXmF3k1fIzh4b9QOQmXF7AQLzeot6
D+TStM3nr3ErEIvzPcVmSFvZtb0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQfQrZl
4flNLU8IN3HKxTuluqaomjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzU1OWVmM2YtNjk4Yi00OGQ2LWE1M2EtMTk3ZmY2NGYxZDQ4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0ECw
MA0GCSqGSIb3DQEBCwUAA4IBAQCnjY+86XVj54RY8cqxagL7JW7DpqyZ2wVOMX4T
jNYrFlKMjNaMAdGmuy5sE/7MhCBAKsGLrH1dIqD3F5xzEUqw1dOYhfqrhbJkCqHp
OATN1R3lSl9F20wUWMmRptKSkqt+FSIiBCrVQO1ZqVRNZ40vlJdrkG1TBFtewlp3
9HVYLajgcOz2L3kmpl4P2t8dSJjGHdJdMyH6PbOu+yaQuq8Ci2vUeEhIme5WNhTN
ZdrvkLyeRyjzqTofxlBsY4m3pLGwx26U85yTRruCvSTRv1TzvOMD+wSmQ8T1zkA9
qFe+kdAbHL2xczRIh4LNzr50LlYjkVD3QaIvJSpDUQ5thrGZ
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:28:27 2025 by rpki-client