Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d99eb465-9cfd-49b1-9346-6d846f862940.roa
File: d99eb465-9cfd-49b1-9346-6d846f862940.roa (raw, json)
Hash identifier: ZDPF2Uhz7OrA82g+rSKOoGtesWE3ar09YFUWBlIYkUQ=
Subject key identifier: 61:C8:C2:E5:5F:E9:E7:EA:7D:2A:42:37:EC:7C:B9:89:26:67:21:B3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 200CE9E205BAC11BC3BC768539664C20B4425430
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d99eb465-9cfd-49b1-9346-6d846f862940.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:0c:e9:e2:05:ba:c1:1b:c3:bc:76:85:39:66:4c:20:b4:42:54:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:4d:e1:fe:e2:ba:35:71:18:a0:59:31:16:68:
55:38:2e:a3:26:9d:64:29:7a:00:14:d9:ed:c3:18:
9a:e1:cf:17:8c:5a:64:05:13:e9:7c:a7:73:7c:00:
a9:f4:fd:20:c6:01:84:81:8f:32:3b:72:43:1d:ec:
4d:50:3d:f0:dd:26:ba:87:01:11:77:dd:eb:f2:ea:
5d:10:12:2a:a8:df:e0:bb:b2:55:d8:2f:e6:e7:1e:
df:48:7b:98:a7:a7:33:1e:d8:83:8d:9a:23:d9:be:
f4:43:8a:15:ad:d3:ae:d9:d4:e1:46:ce:08:02:e2:
b4:80:ab:3c:54:c3:c6:69:67:e7:ff:b0:30:42:41:
40:e5:c4:58:05:d8:4d:d0:fc:4e:77:5a:9e:47:d2:
44:b0:96:c0:09:4f:aa:c4:4b:29:a4:6b:15:37:76:
d9:99:56:ca:7d:4e:c6:83:cb:84:bd:a7:cd:68:c3:
ea:6f:85:05:71:0c:c3:24:c5:87:d0:6b:59:43:f2:
94:8e:60:0c:47:30:0b:e4:db:86:6c:2e:b4:8e:02:
79:79:48:25:4d:11:bd:c5:11:a6:8e:df:c7:e5:cb:
b6:fb:8b:c8:c2:a1:ea:05:f4:01:8d:9a:80:2a:af:
49:65:c3:ef:da:6f:73:9d:0b:e9:b8:cf:7f:12:44:
b2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:C8:C2:E5:5F:E9:E7:EA:7D:2A:42:37:EC:7C:B9:89:26:67:21:B3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d99eb465-9cfd-49b1-9346-6d846f862940.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:4000::/40
Signature Algorithm: sha256WithRSAEncryption
01:57:5f:39:09:6b:d7:37:29:c5:6f:5a:a4:aa:29:5d:d7:7d:
c4:68:72:c5:ff:8a:eb:80:87:5e:33:fb:cc:80:e2:bc:35:78:
5e:49:15:40:f9:65:07:00:c9:f2:c0:77:eb:79:e6:9d:9f:a4:
40:3b:9b:03:d3:74:26:38:99:de:2a:76:37:af:7e:d6:a7:64:
ba:5a:8e:a8:6a:0d:01:4e:53:20:d9:38:f2:7e:be:17:d4:7f:
87:fd:48:a9:8e:2a:e7:c7:ad:e6:98:4b:92:c9:61:cf:8c:0a:
78:cd:ff:68:b7:8a:a4:f4:0c:44:d4:7a:d7:eb:44:fb:9a:81:
6b:ce:20:2c:f9:ee:72:69:81:c2:58:62:c9:f0:97:73:39:62:
b3:ce:e6:93:89:2c:f6:ff:4f:f7:de:f6:33:f5:99:b0:94:35:
06:d9:2f:2a:96:2f:13:ac:54:ad:03:69:96:30:ca:b6:b7:f1:
99:b2:6e:1e:3c:30:5b:a6:61:aa:c5:f3:c4:38:ec:e8:e0:f2:
48:f4:7d:f5:1c:8d:1d:1d:8f:9a:a1:2b:51:38:29:ae:90:57:
10:4a:e8:35:fd:d5:0e:72:19:0e:ab:1d:89:0e:19:f2:b5:5c:
2e:8a:3e:5a:c8:e8:ff:61:10:41:8f:89:9c:54:6f:31:27:4b:
5b:72:ad:8a
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIAzp4gW6wRvDvHaFOWZMILRCVDAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0YjJjMzJiMjk5OTkwNGE3MWU5MWExNTA2MDU2ZmM1ZDRlMzg1OTAxZDU4
OThlYjU4NTQzODk5MzA2ZDdhNTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANFN4f7iujVxGKBZMRZoVTguoyadZCl6ABTZ7cMYmuHPF4xaZAUT6Xync3wA
qfT9IMYBhIGPMjtyQx3sTVA98N0muocBEXfd6/LqXRASKqjf4LuyVdgv5uce30h7
mKenMx7Yg42aI9m+9EOKFa3TrtnU4UbOCALitICrPFTDxmln5/+wMEJBQOXEWAXY
TdD8TndankfSRLCWwAlPqsRLKaRrFTd22ZlWyn1OxoPLhL2nzWjD6m+FBXEMwyTF
h9BrWUPylI5gDEcwC+TbhmwutI4CeXlIJU0RvcURpo7fx+XLtvuLyMKh6gX0AY2a
gCqvSWXD79pvc50L6bjPfxJEsu0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRhyMLl
X+nn6n0qQjfsfLmJJmchszAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDk5ZWI0NjUtOWNmZC00OWIxLTkzNDYtNmQ4NDZmODYyOTQwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DVA
MA0GCSqGSIb3DQEBCwUAA4IBAQABV185CWvXNynFb1qkqild133EaHLF/4rrgIde
M/vMgOK8NXheSRVA+WUHAMnywHfreeadn6RAO5sD03QmOJneKnY3r37Wp2S6Wo6o
ag0BTlMg2Tjyfr4X1H+H/Uipjirnx63mmEuSyWHPjAp4zf9ot4qk9AxE1HrX60T7
moFrziAs+e5yaYHCWGLJ8JdzOWKzzuaTiSz2/0/33vYz9ZmwlDUG2S8qli8TrFSt
A2mWMMq2t/GZsm4ePDBbpmGqxfPEOOzo4PJI9H31HI0dHY+aoStROCmukFcQSug1
/dUOchkOqx2JDhnytVwuij5ayOj/YRBBj4mcVG8xJ0tbcq2K
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:00 2025 by rpki-client