Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c70048ab-227b-4f94-a795-0e7749291f1b.roa
File: c70048ab-227b-4f94-a795-0e7749291f1b.roa (raw, json)
Hash identifier: FMaJBOwu9VsEKIgyMOyiSG39jeLUhi2P+yT0zF1k1YQ=
Subject key identifier: 7B:C8:8E:EA:58:4F:FA:E7:17:87:6E:F7:64:2B:E0:F9:6F:68:70:1A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 37DD8D328F033923E40739FBBDF55554E5F4066E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c70048ab-227b-4f94-a795-0e7749291f1b.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
37:dd:8d:32:8f:03:39:23:e4:07:39:fb:bd:f5:55:54:e5:f4:06:6e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:47:bd:aa:a0:02:1d:29:be:b2:87:10:5a:b1:
b3:54:55:b9:88:0d:58:54:ae:ac:c3:00:e4:a4:51:
da:ae:d0:da:39:3f:8b:67:f1:c6:0d:4f:14:c3:d8:
a9:f9:6f:76:24:57:32:6e:b0:e7:a0:8e:d1:25:50:
c7:ac:ba:b6:36:74:67:f8:b3:8f:ab:c0:eb:24:53:
a1:c0:ee:eb:c9:19:00:1f:1f:54:a6:7c:b1:11:42:
c6:94:fe:10:a9:2d:6f:29:ca:73:bb:9a:ab:6d:c1:
1d:fe:60:ec:0d:73:fb:dd:55:26:8c:cb:6b:28:a8:
64:1a:8e:69:85:09:04:4c:91:74:f3:83:30:4f:ed:
4b:78:b9:21:f1:22:52:ed:32:e4:38:8a:69:6f:9e:
c8:61:35:45:97:ff:e7:a7:d4:d1:10:35:76:c4:be:
13:d2:2c:e8:b0:11:9e:13:39:60:a1:1c:7f:88:3a:
62:20:60:d8:a9:64:04:eb:a7:62:02:2c:85:e8:8d:
ba:09:58:33:1f:1f:61:e1:b2:5b:7c:c3:96:4c:91:
ca:8f:af:02:ac:6e:87:19:26:7a:73:3f:53:49:e1:
29:4e:e3:38:fa:2a:ad:18:70:b0:ff:79:c5:13:87:
f4:69:1a:0c:bf:f7:02:f1:4a:37:29:32:87:a5:f6:
65:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:C8:8E:EA:58:4F:FA:E7:17:87:6E:F7:64:2B:E0:F9:6F:68:70:1A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c70048ab-227b-4f94-a795-0e7749291f1b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:8000::/40
Signature Algorithm: sha256WithRSAEncryption
61:8a:22:53:1b:bd:a8:48:ee:62:ff:7d:59:08:9a:73:04:6d:
4f:f6:fe:4a:24:b5:a8:ed:b0:fb:95:14:58:9d:12:5d:b6:64:
8c:8a:72:37:d5:8e:55:fa:d2:81:2e:30:32:4b:08:61:1a:af:
64:a3:4e:b2:e5:a0:6a:b4:65:f2:2c:13:90:df:91:f0:ad:30:
fe:4e:d4:2d:65:3b:ef:8e:fd:95:2b:71:4f:9f:d4:bd:e5:44:
15:da:cc:54:bc:47:75:3c:51:d2:bd:13:f9:85:92:28:03:a0:
7c:35:83:5c:eb:68:94:f3:4e:16:54:f9:87:7f:83:63:0e:a5:
71:60:f6:39:71:c6:02:f0:82:3a:c2:51:81:22:bc:b5:24:bc:
14:b1:e3:b3:ae:1b:b5:0e:ee:9b:64:b7:33:17:c6:ae:7c:84:
2e:bc:ee:df:06:fe:26:5f:c7:0f:3a:06:a5:1b:e0:8b:a2:4f:
35:6a:82:41:f5:c0:40:bd:84:63:fd:72:9c:1c:37:0a:e3:9b:
5f:00:2a:c0:d6:a0:57:cc:0b:42:72:b6:4e:d8:a2:72:31:0c:
a8:a8:e9:d5:ce:90:b4:8b:a2:3e:31:58:ae:05:95:e8:7b:7e:
bc:59:1f:3c:1e:4c:7c:d0:9e:0e:72:7f:e0:4a:cd:9c:6f:a8:
44:cc:83:40
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUN92NMo8DOSPkBzn7vfVVVOX0Bm4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhODZkZjZjNTU1YTIyMjM3NjNmYjhkYmUxNzM2NzI3Y2M0NDA5M2UwZTUx
N2RkMGY3YjdkNWY2MjFmY2ZiOTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKlHvaqgAh0pvrKHEFqxs1RVuYgNWFSurMMA5KRR2q7Q2jk/i2fxxg1PFMPY
qflvdiRXMm6w56CO0SVQx6y6tjZ0Z/izj6vA6yRTocDu68kZAB8fVKZ8sRFCxpT+
EKktbynKc7uaq23BHf5g7A1z+91VJozLayioZBqOaYUJBEyRdPODME/tS3i5IfEi
Uu0y5DiKaW+eyGE1RZf/56fU0RA1dsS+E9Is6LARnhM5YKEcf4g6YiBg2KlkBOun
YgIsheiNuglYMx8fYeGyW3zDlkyRyo+vAqxuhxkmenM/U0nhKU7jOPoqrRhwsP95
xROH9GkaDL/3AvFKNykyh6X2ZW8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR7yI7q
WE/65xeHbvdkK+D5b2hwGjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YzcwMDQ4YWItMjI3Yi00Zjk0LWE3OTUtMGU3NzQ5MjkxZjFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HuA
MA0GCSqGSIb3DQEBCwUAA4IBAQBhiiJTG72oSO5i/31ZCJpzBG1P9v5KJLWo7bD7
lRRYnRJdtmSMinI31Y5V+tKBLjAySwhhGq9ko06y5aBqtGXyLBOQ35HwrTD+TtQt
ZTvvjv2VK3FPn9S95UQV2sxUvEd1PFHSvRP5hZIoA6B8NYNc62iU804WVPmHf4Nj
DqVxYPY5ccYC8II6wlGBIry1JLwUseOzrhu1Du6bZLczF8aufIQuvO7fBv4mX8cP
OgalG+CLok81aoJB9cBAvYRj/XKcHDcK45tfACrA1qBXzAtCcrZO2KJyMQyoqOnV
zpC0i6I+MViuBZXoe368WR88Hkx80J4Ocn/gSs2cb6hEzINA
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:37:51 2025 by rpki-client