Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8fedb09-473e-4b00-a883-7b7a8b1245ba.roa
File: e8fedb09-473e-4b00-a883-7b7a8b1245ba.roa (raw, json)
Hash identifier: 5/HXXeRJSvgqbFDW+e8cjOCPXL0gOAfgh+R3fGhRB3U=
Subject key identifier: 3A:9B:35:2E:9D:3A:85:A3:95:0C:C9:39:F3:DA:6D:AC:BE:91:A8:F4
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 754650F6564097783F4823455C9BEB01BD741E18
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8fedb09-473e-4b00-a883-7b7a8b1245ba.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d01e::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:46:50:f6:56:40:97:78:3f:48:23:45:5c:9b:eb:01:bd:74:1e:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:dd:3d:58:05:9d:55:04:4c:3f:fe:cd:78:d8:
9d:46:f1:b3:cd:01:68:4c:53:2d:d9:1e:6d:ff:cb:
58:d0:8e:0c:92:37:86:d1:be:d1:ee:3b:2c:00:1c:
03:18:83:6a:c3:b8:7e:f9:9a:d6:53:91:9d:f3:dd:
ef:13:44:f0:45:52:90:5c:8d:ae:5c:ce:3b:8c:4d:
e7:67:50:d8:bd:e1:ef:c0:93:c7:8b:98:df:88:14:
af:85:fe:ce:4e:e4:bd:a7:fe:ab:0b:01:13:47:05:
0b:08:36:19:7d:8c:6d:d0:8c:15:79:df:d9:d9:b6:
d3:8a:74:ad:2d:1c:d4:79:a5:aa:9a:e4:35:01:83:
fc:cd:f4:d7:ab:f2:95:2f:1a:d5:50:48:7c:27:d8:
ae:f5:f9:e2:1c:56:f1:94:13:83:7b:f8:e7:30:fa:
7f:92:41:ea:d1:60:81:e5:65:fb:79:9c:2f:fd:fe:
de:d6:6b:d0:c4:22:00:a8:95:9e:c6:0b:42:7b:36:
04:9d:39:89:4a:80:a0:5a:36:08:42:b9:a5:d1:ef:
6a:9a:e4:c9:40:59:9d:c8:a1:b3:6f:a1:d0:5b:1b:
19:07:ed:bb:37:5c:f8:86:07:97:ed:7b:d1:82:cc:
d0:c7:03:cf:e3:b8:c1:aa:89:07:78:b0:46:fa:32:
a2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:9B:35:2E:9D:3A:85:A3:95:0C:C9:39:F3:DA:6D:AC:BE:91:A8:F4
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/e8fedb09-473e-4b00-a883-7b7a8b1245ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01e::/36
Signature Algorithm: sha256WithRSAEncryption
8e:08:0e:46:2a:dc:d5:32:88:fc:9c:c9:f4:e5:68:83:ef:01:
05:d7:6b:e8:09:07:19:f7:20:1e:4a:07:c4:31:92:81:a1:df:
0a:7b:f6:5d:f5:b6:ac:de:2b:f7:06:a8:75:77:d4:45:bf:9b:
16:44:55:db:4d:a8:d2:20:c8:c9:0e:ca:50:15:f1:4a:51:bc:
46:dd:87:1c:7e:0d:5f:fc:6b:68:73:bb:ab:19:09:22:e0:73:
c6:2f:ee:bf:ec:c5:91:11:0d:53:38:18:7b:be:c5:08:73:fb:
38:61:2e:9a:64:f6:c0:4b:ef:ef:d2:6b:10:df:fc:3e:68:58:
0e:cc:9d:8f:8f:49:c2:6e:65:38:fd:03:36:83:cc:9b:67:e7:
88:a4:72:c5:df:18:26:2f:78:12:24:42:f2:fe:1d:df:6c:52:
a4:9c:fc:b1:63:c3:61:2a:86:8e:33:8d:16:d6:a0:54:2e:36:
f2:bc:bd:f0:75:1c:4b:c1:eb:60:c5:04:f1:d3:75:96:06:0d:
22:d7:02:9b:3f:43:b2:99:d3:1b:c0:0d:c4:06:59:13:89:38:
26:e2:76:b1:87:68:c3:da:44:94:88:52:3e:b6:3e:be:29:77:
b6:fb:bf:2e:0e:d2:cd:ae:b2:8d:fa:33:8f:4c:a3:e0:b9:80:
1e:9d:8e:7c
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdUZQ9lZAl3g/SCNFXJvrAb10HhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmOGYzZWRjY2VjZDQ1YjdjM2ViNGQ1NWJjYzZiMWYwY2MzNzg0M2NmZWE4
OTJkYjBhYWFlYzRjOGZjNjY0YWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALzdPVgFnVUETD/+zXjYnUbxs80BaExTLdkebf/LWNCODJI3htG+0e47LAAc
AxiDasO4fvma1lORnfPd7xNE8EVSkFyNrlzOO4xN52dQ2L3h78CTx4uY34gUr4X+
zk7kvaf+qwsBE0cFCwg2GX2MbdCMFXnf2dm204p0rS0c1HmlqprkNQGD/M3016vy
lS8a1VBIfCfYrvX54hxW8ZQTg3v45zD6f5JB6tFggeVl+3mcL/3+3tZr0MQiAKiV
nsYLQns2BJ05iUqAoFo2CEK5pdHvaprkyUBZncihs2+h0FsbGQftuzdc+IYHl+17
0YLM0McDz+O4waqJB3iwRvoyou0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ6mzUu
nTqFo5UMyTnz2m2svpGo9DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZThmZWRiMDktNDczZS00YjAwLWE4ODMtN2I3YThiMTI0NWJhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B4A
MA0GCSqGSIb3DQEBCwUAA4IBAQCOCA5GKtzVMoj8nMn05WiD7wEF12voCQcZ9yAe
SgfEMZKBod8Ke/Zd9bas3iv3Bqh1d9RFv5sWRFXbTajSIMjJDspQFfFKUbxG3Ycc
fg1f/Gtoc7urGQki4HPGL+6/7MWREQ1TOBh7vsUIc/s4YS6aZPbAS+/v0msQ3/w+
aFgOzJ2Pj0nCbmU4/QM2g8ybZ+eIpHLF3xgmL3gSJELy/h3fbFKknPyxY8NhKoaO
M40W1qBULjbyvL3wdRxLwetgxQTx03WWBg0i1wKbP0OymdMbwA3EBlkTiTgm4nax
h2jD2kSUiFI+tj6+KXe2+78uDtLNrrKN+jOPTKPguYAenY58
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:52:21 2025 by rpki-client