Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/056ba6e3-7c55-40b5-9c67-9ca2afb3d662.roa
File: 056ba6e3-7c55-40b5-9c67-9ca2afb3d662.roa (raw, json)
Hash identifier: GPf17ZMkS2TACoyX4o+arid2Q7alTNSmCxqXs8HJOgk=
Subject key identifier: EA:AB:76:64:CA:F2:E6:5C:4B:84:C5:F6:49:55:E4:88:E2:98:2C:82
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6908BD632C674AF38EC904196A2AED64A25E1810
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/056ba6e3-7c55-40b5-9c67-9ca2afb3d662.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 7224
IP address blocks: 46.51.128.0/17 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:08:bd:63:2c:67:4a:f3:8e:c9:04:19:6a:2a:ed:64:a2:5e:18:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: serialNumber=096ef9b6e298fdcc3fd775ffb39c4e8ba26b432847f071ea3c5a9fc456d757eb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:f1:80:39:c2:97:a3:0d:da:3f:6d:11:a1:7e:
47:3a:61:1e:98:40:e7:ce:ef:a7:50:7f:e4:d1:f1:
73:66:b8:a0:12:98:44:47:fe:d3:56:09:b6:2b:de:
e4:74:66:33:20:08:3c:a8:80:a9:3d:6f:54:f3:22:
97:72:e4:30:a0:cb:52:da:39:21:8d:8e:7c:ea:62:
ff:11:f8:ed:5c:f3:da:b6:8c:fe:fd:32:fd:0f:d1:
54:25:7d:57:2b:28:ee:92:a3:3a:8b:31:54:d7:b6:
f3:e1:a6:9e:53:6a:b7:74:83:4f:a5:3f:e6:88:32:
4d:f8:e8:6f:be:92:1e:fa:fb:e7:e5:ba:0a:2d:50:
0f:ad:85:c7:f6:b3:b8:a0:cc:b2:5c:97:3f:f8:5c:
d1:6b:e6:c8:0b:76:3c:34:0a:24:b5:3b:70:f7:7b:
0a:2b:a4:4f:82:bc:89:6d:fe:0d:31:50:63:bd:1c:
d1:b9:66:0b:1e:a6:0e:b8:30:68:5c:26:c4:43:09:
80:f5:c6:d7:c6:99:59:20:9f:8b:03:e8:8c:11:bf:
f0:0f:21:1e:16:7e:6f:e2:3a:33:f5:04:80:e0:66:
9a:77:17:06:20:8f:ae:a1:96:2f:53:25:6f:4e:05:
74:a0:8b:e8:75:a6:e1:15:67:0a:98:bc:6d:c4:6b:
51:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:AB:76:64:CA:F2:E6:5C:4B:84:C5:F6:49:55:E4:88:E2:98:2C:82
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/056ba6e3-7c55-40b5-9c67-9ca2afb3d662.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.51.128.0/17
Signature Algorithm: sha256WithRSAEncryption
b0:25:20:a4:dc:24:0e:6d:ed:94:02:b1:86:ed:fd:22:d9:1e:
8d:5e:a4:3b:96:29:01:3d:0e:31:1e:37:da:7e:da:4c:cc:be:
af:47:a2:45:55:01:18:3f:1c:88:66:df:b1:a2:3a:85:da:3b:
75:66:b8:aa:b6:9e:cf:98:ca:0c:fd:7c:be:e9:7a:a6:a5:58:
82:c7:76:10:30:9c:82:e4:ed:f3:9c:6c:97:96:0b:b1:87:61:
df:c1:74:86:fa:ed:75:96:38:d9:ed:14:e6:43:96:16:d7:7c:
47:5f:56:5c:8e:e1:76:91:a5:d3:8a:b7:38:0d:be:78:96:d5:
c3:a2:44:27:cb:78:c5:eb:bb:c7:b5:06:96:44:ab:f4:e4:92:
3c:7c:e0:0f:30:35:ab:e5:24:04:c3:d1:09:dd:0d:46:1c:1a:
8e:9f:9c:20:5d:d6:c1:85:fe:28:eb:c8:e7:e6:63:d9:24:5f:
2a:83:92:bd:99:27:ed:54:e8:21:d6:66:b8:3a:34:c8:5c:be:
db:35:fe:59:ce:c2:4d:c0:0d:4d:89:b1:2b:35:ca:91:8e:8c:
23:b6:80:6a:17:e7:29:e5:fd:30:f7:83:96:e2:24:5b:9e:3b:
6e:4b:18:d0:07:a0:e8:79:a5:79:0b:55:ab:05:ab:80:92:1d:
fc:d5:a7:69
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUaQi9YyxnSvOOyQQZairtZKJeGBAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMzAwMDAwMDBaFw0yNTAyMDMyMzU5NTlaMHoxSTBHBgNV
BAUTQDA5NmVmOWI2ZTI5OGZkY2MzZmQ3NzVmZmIzOWM0ZThiYTI2YjQzMjg0N2Yw
NzFlYTNjNWE5ZmM0NTZkNzU3ZWIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKjxgDnCl6MN2j9tEaF+RzphHphA587vp1B/5NHxc2a4oBKYREf+01YJtive
5HRmMyAIPKiAqT1vVPMil3LkMKDLUto5IY2OfOpi/xH47Vzz2raM/v0y/Q/RVCV9
Vyso7pKjOosxVNe28+GmnlNqt3SDT6U/5ogyTfjob76SHvr75+W6Ci1QD62Fx/az
uKDMslyXP/hc0WvmyAt2PDQKJLU7cPd7CiukT4K8iW3+DTFQY70c0blmCx6mDrgw
aFwmxEMJgPXG18aZWSCfiwPojBG/8A8hHhZ+b+I6M/UEgOBmmncXBiCPrqGWL1Ml
b04FdKCL6HWm4RVnCpi8bcRrUWkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBTqq3Zk
yvLmXEuExfZJVeSI4pgsgjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDU2YmE2ZTMtN2M1NS00MGI1LTljNjctOWNhMmFmYjNkNjYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBy4zgDAN
BgkqhkiG9w0BAQsFAAOCAQEAsCUgpNwkDm3tlAKxhu39ItkejV6kO5YpAT0OMR43
2n7aTMy+r0eiRVUBGD8ciGbfsaI6hdo7dWa4qraez5jKDP18vul6pqVYgsd2EDCc
guTt85xsl5YLsYdh38F0hvrtdZY42e0U5kOWFtd8R19WXI7hdpGl04q3OA2+eJbV
w6JEJ8t4xeu7x7UGlkSr9OSSPHzgDzA1q+UkBMPRCd0NRhwajp+cIF3WwYX+KOvI
5+Zj2SRfKoOSvZkn7VToIdZmuDo0yFy+2zX+Wc7CTcANTYmxKzXKkY6MI7aAahfn
KeX9MPeDluIkW547bksY0Aeg6HmleQtVqwWrgJId/NWnaQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:20 2025 by rpki-client