Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d37dfec6-4d5a-4fea-a026-1350fc8af8c3.roa
File: d37dfec6-4d5a-4fea-a026-1350fc8af8c3.roa (raw, json)
Hash identifier: x5HqjabEhdIdcRYjwlkzOXqLgm1rLVeW2R4CWmkZd1o=
Subject key identifier: 31:70:99:38:8B:BA:65:A0:D7:D7:13:F8:C2:58:C9:4F:3E:D4:07:93
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 29F5A55F67EBE0C67A1859E338B711906405D585
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d37dfec6-4d5a-4fea-a026-1350fc8af8c3.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:1000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
29:f5:a5:5f:67:eb:e0:c6:7a:18:59:e3:38:b7:11:90:64:05:d5:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:39:da:d9:39:50:d0:0b:0d:f7:b4:6e:69:a7:
48:9e:d4:aa:8e:4e:ef:da:1d:31:14:11:75:59:bf:
9d:10:a2:6a:1a:3b:7f:c6:db:d3:2d:75:a3:6a:60:
b1:4f:a5:df:ef:b4:b8:78:06:dd:71:69:83:c1:bf:
a5:5c:14:05:8e:e6:5f:55:b3:28:f0:55:dc:0f:f9:
d1:ed:5f:c8:31:42:83:d7:8b:17:0c:2b:5d:40:c3:
27:e3:01:54:d0:b4:92:5f:f5:c9:03:ab:2f:62:bc:
a6:d4:ad:44:3b:1a:4c:41:d4:dd:70:51:98:0a:ff:
56:81:5d:e8:ca:a3:e1:a3:2d:e0:cd:5c:d5:61:88:
c2:4c:29:eb:05:74:d0:6a:9d:31:c6:c8:c5:e1:c0:
b6:b2:dc:8e:6e:43:6a:df:a8:bd:df:1b:24:4d:e7:
c8:3d:89:7d:a0:03:2c:98:b8:8a:e5:05:b2:19:15:
c5:0c:7f:bc:c5:91:ec:bb:7d:3e:f7:fa:5c:59:82:
59:86:e9:07:38:c0:2e:a6:35:07:a6:f5:d1:4f:19:
7e:b4:41:d9:63:06:78:39:aa:fe:67:d6:8c:15:80:
d9:55:c7:9a:53:6b:6a:10:2b:e6:d0:8f:71:70:ef:
7a:03:16:ed:4a:1b:22:ea:37:35:06:a3:ce:9a:c5:
37:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:70:99:38:8B:BA:65:A0:D7:D7:13:F8:C2:58:C9:4F:3E:D4:07:93
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d37dfec6-4d5a-4fea-a026-1350fc8af8c3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:1000::/40
Signature Algorithm: sha256WithRSAEncryption
b8:9d:b9:f8:43:7e:fe:d9:14:d8:44:5a:13:29:cd:38:50:b3:
33:c5:74:26:d0:fb:4c:1c:9b:f9:6f:e9:b3:b7:57:1c:0b:d0:
35:a7:46:de:3c:dd:03:c5:77:b8:f1:31:94:42:bb:3f:7e:68:
71:02:26:92:6e:22:5e:5c:97:c0:30:eb:98:6d:22:f6:3c:c0:
ab:b2:d6:3b:85:84:87:ae:36:d2:28:2d:0d:25:21:da:57:a2:
cb:cc:02:d9:f1:2c:58:ba:f8:46:57:ca:9a:ef:3e:9c:97:d8:
39:82:00:e2:3c:ff:d7:4f:6d:27:57:3d:a9:50:97:01:4f:db:
89:d2:88:b3:a4:24:17:51:4f:87:f6:31:58:51:f7:a4:8e:2a:
c7:1c:05:63:72:0a:21:37:f7:0f:8e:4f:8b:2e:5e:21:49:da:
e4:c1:e8:17:c8:77:23:27:44:05:ca:65:df:43:a7:f7:ea:c7:
01:9e:7b:ec:fe:e9:01:5e:0b:93:11:42:5a:6d:92:d2:a4:c8:
00:3f:b1:cc:16:d3:84:34:93:06:d9:24:0b:4e:1e:a1:75:f8:
04:9b:97:d1:33:14:1b:bf:5d:5d:87:8b:11:3c:34:66:3c:d1:
d3:52:fa:b7:e8:ed:9d:ef:f8:08:ae:74:ff:9a:91:c7:4f:99:
fa:f6:e3:cd
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUKfWlX2fr4MZ6GFnjOLcRkGQF1YUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGVkZjQzOGM4ZWRkMGEwNWZiY2MwYjk4MTE0ZTBmMGMxNzhmYTAzYTA3YjZl
ZjdkZjE1MGQ0ZWYxOWFmZGI0MzExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI052tk5UNALDfe0bmmnSJ7Uqo5O79odMRQRdVm/nRCiaho7f8bb0y11o2pg
sU+l3++0uHgG3XFpg8G/pVwUBY7mX1WzKPBV3A/50e1fyDFCg9eLFwwrXUDDJ+MB
VNC0kl/1yQOrL2K8ptStRDsaTEHU3XBRmAr/VoFd6Mqj4aMt4M1c1WGIwkwp6wV0
0GqdMcbIxeHAtrLcjm5Dat+ovd8bJE3nyD2JfaADLJi4iuUFshkVxQx/vMWR7Lt9
Pvf6XFmCWYbpBzjALqY1B6b10U8ZfrRB2WMGeDmq/mfWjBWA2VXHmlNrahAr5tCP
cXDvegMW7UobIuo3NQajzprFNzkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQxcJk4
i7ploNfXE/jCWMlPPtQHkzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDM3ZGZlYzYtNGQ1YS00ZmVhLWEwMjYtMTM1MGZjOGFmOGMzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DoQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC4nbn4Q37+2RTYRFoTKc04ULMzxXQm0PtMHJv5
b+mzt1ccC9A1p0bePN0DxXe48TGUQrs/fmhxAiaSbiJeXJfAMOuYbSL2PMCrstY7
hYSHrjbSKC0NJSHaV6LLzALZ8SxYuvhGV8qa7z6cl9g5ggDiPP/XT20nVz2pUJcB
T9uJ0oizpCQXUU+H9jFYUfekjirHHAVjcgohN/cPjk+LLl4hSdrkwegXyHcjJ0QF
ymXfQ6f36scBnnvs/ukBXguTEUJabZLSpMgAP7HMFtOENJMG2SQLTh6hdfgEm5fR
MxQbv11dh4sRPDRmPNHTUvq36O2d7/gIrnT/mpHHT5n69uPN
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:37:31 2025 by rpki-client