Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc880146-7b38-40c6-b452-8f8d46b57e17.roa
File: fc880146-7b38-40c6-b452-8f8d46b57e17.roa (raw, json)
Hash identifier: u45pbg+8w0Dvb78BWvm/1jfpn+IFjK0jCTBeKP1xgLE=
Subject key identifier: 82:BE:74:A9:B9:9C:E4:6D:F4:BD:23:C0:50:36:4A:0A:78:E6:88:92
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 32223A6B32A9410C08CAE98F82FC3396D8D445C5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc880146-7b38-40c6-b452-8f8d46b57e17.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:22:3a:6b:32:a9:41:0c:08:ca:e9:8f:82:fc:33:96:d8:d4:45:c5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:95:87:1c:9c:29:31:aa:3d:e1:24:c3:ea:cd:
2b:b3:65:e1:06:ea:88:e4:ab:17:f0:5f:67:8a:22:
02:1b:19:0d:f5:9d:26:b0:45:56:cf:5d:91:96:3a:
81:d6:23:63:ea:af:fe:64:68:0e:63:c1:fc:93:9c:
51:e5:5d:f3:98:a3:4d:53:0e:a3:ab:a3:dd:5c:5d:
6c:56:80:f5:93:98:26:b4:e3:d3:be:1e:21:8e:bb:
6a:1a:54:97:00:a8:6a:9b:1b:d9:9d:f4:22:e7:fb:
5e:41:ef:dc:70:07:10:76:50:7e:c7:f4:13:ed:94:
a6:3c:12:3b:a3:f4:31:46:c7:fd:41:2b:c3:02:e1:
ae:04:6a:2f:38:69:3f:73:12:9c:7a:48:85:8a:c9:
14:32:a1:82:c8:6a:54:42:2c:03:79:1d:a8:a2:d8:
52:ed:fd:a3:78:82:11:c0:98:e2:3b:9a:9b:55:0c:
ff:46:82:86:04:ac:40:f3:03:3c:53:dd:f9:13:63:
6c:50:7b:c7:6e:92:15:57:05:ec:06:08:f6:25:c7:
fc:ee:53:24:f5:e8:02:f3:9d:de:d6:ad:20:b2:1c:
1e:68:a7:7e:06:13:d5:5b:23:7e:da:a7:57:97:05:
51:0e:6b:a9:7e:6a:98:ba:45:2a:fa:87:ab:05:b8:
0f:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:BE:74:A9:B9:9C:E4:6D:F4:BD:23:C0:50:36:4A:0A:78:E6:88:92
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fc880146-7b38-40c6-b452-8f8d46b57e17.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:2000::/40
Signature Algorithm: sha256WithRSAEncryption
5e:3e:0c:a3:03:cc:82:a5:63:91:1f:aa:06:ae:df:7c:b8:17:
b4:ef:b5:80:30:61:84:4d:46:5c:97:4a:04:ca:59:64:43:52:
96:71:fc:12:10:d7:35:99:ba:b9:f4:e7:f1:18:c6:95:b3:62:
6d:60:65:fb:3d:38:fc:07:59:ef:8d:81:fb:62:ec:a7:08:54:
a0:4c:f5:5e:d0:ea:d0:35:39:4c:d7:ec:fe:35:cb:b0:53:7b:
6f:9f:16:68:59:44:ee:9f:88:63:a0:33:7a:d8:20:2d:4c:c9:
67:19:a5:ba:32:ce:d3:65:33:71:c5:0f:35:ab:e5:63:b6:fd:
a6:71:5c:e5:cd:ae:1b:46:a8:37:84:75:35:2b:34:aa:9c:e4:
0b:9d:ad:9d:fe:03:00:29:b1:21:05:0c:44:4d:48:07:f2:c5:
70:45:65:9f:27:c1:a6:1b:f3:aa:b4:b8:0a:e2:c9:83:3c:eb:
12:a5:4c:8e:36:9d:1f:ce:dc:32:2c:7b:b6:e9:cd:bc:d6:db:
9a:24:6a:6e:39:15:7c:6d:e8:ae:33:ff:4e:74:3b:44:01:37:
cb:34:bc:1d:08:75:28:b4:67:42:d2:48:70:78:b2:98:cb:15:
c4:67:22:af:64:c8:ec:55:84:97:77:c1:45:fa:ff:4e:13:7f:
07:74:f2:32
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUMiI6azKpQQwIyumPgvwzltjURcUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMTYwMDAwMDBaFw0yNTAxMjAyMzU5NTlaMHoxSTBHBgNV
BAUTQGVlYmMyNmE2NTNlMmQxY2NjZWUzYTE4MTEyNzFiZDMxNDZlZTUwM2VhM2Uy
MDQ2MDNjYzczMzQxNjkyMzFjNjAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMWVhxycKTGqPeEkw+rNK7Nl4QbqiOSrF/BfZ4oiAhsZDfWdJrBFVs9dkZY6
gdYjY+qv/mRoDmPB/JOcUeVd85ijTVMOo6uj3VxdbFaA9ZOYJrTj074eIY67ahpU
lwCoapsb2Z30Iuf7XkHv3HAHEHZQfsf0E+2UpjwSO6P0MUbH/UErwwLhrgRqLzhp
P3MSnHpIhYrJFDKhgshqVEIsA3kdqKLYUu39o3iCEcCY4juam1UM/0aChgSsQPMD
PFPd+RNjbFB7x26SFVcF7AYI9iXH/O5TJPXoAvOd3tatILIcHminfgYT1Vsjftqn
V5cFUQ5rqX5qmLpFKvqHqwW4D1MCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSCvnSp
uZzkbfS9I8BQNkoKeOaIkjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmM4ODAxNDYtN2IzOC00MGM2LWI0NTItOGY4ZDQ2YjU3ZTE3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hwg
MA0GCSqGSIb3DQEBCwUAA4IBAQBePgyjA8yCpWORH6oGrt98uBe077WAMGGETUZc
l0oEyllkQ1KWcfwSENc1mbq59OfxGMaVs2JtYGX7PTj8B1nvjYH7YuynCFSgTPVe
0OrQNTlM1+z+NcuwU3tvnxZoWUTun4hjoDN62CAtTMlnGaW6Ms7TZTNxxQ81q+Vj
tv2mcVzlza4bRqg3hHU1KzSqnOQLna2d/gMAKbEhBQxETUgH8sVwRWWfJ8GmG/Oq
tLgK4smDPOsSpUyONp0fztwyLHu26c281tuaJGpuORV8beiuM/9OdDtEATfLNLwd
CHUotGdC0khweLKYyxXEZyKvZMjsVYSXd8FF+v9OE38HdPIy
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:29:06 2025 by rpki-client