Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06682b3c-ff09-4d2d-a148-5dc0fa6da718.roa
File: 06682b3c-ff09-4d2d-a148-5dc0fa6da718.roa (raw, json)
Hash identifier: wsC1BSvTWpEQ7Y9TeOoOi0mNd5V4/45MO8fTnc1KEb4=
Subject key identifier: AA:4D:CB:6A:E8:98:E6:C9:71:C5:69:89:0F:05:FC:31:F5:CF:46:A0
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5E864B0A93B2EBFF20700C3DECCD7C2A702DC6AD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06682b3c-ff09-4d2d-a148-5dc0fa6da718.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:c080::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:86:4b:0a:93:b2:eb:ff:20:70:0c:3d:ec:cd:7c:2a:70:2d:c6:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=94494ae4e93258bed23bc23889d0e7eeb4bedb05039372921047d6c09fd0f8a7, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:26:fa:a7:54:15:2f:39:7a:b7:e3:7d:93:6d:
05:00:f4:67:29:37:3f:ac:ef:4d:c6:0d:ac:50:a6:
e6:23:35:86:f2:25:79:dd:8a:f5:42:b4:d6:57:38:
b2:d4:3f:b3:92:a6:a8:75:0c:52:b6:62:23:77:7f:
f1:c4:9e:9a:a9:7f:25:5d:d9:0f:91:64:95:11:13:
b9:34:57:dd:9f:31:0e:97:72:6c:a4:86:c7:af:d2:
aa:76:7c:9b:04:f9:f8:6f:01:e4:c3:d4:51:cc:fb:
8c:27:ac:39:e3:0a:75:c7:e4:c1:65:18:47:bf:7f:
ab:34:a1:dc:de:ad:a9:f5:93:1f:2e:49:51:fb:6f:
76:e0:d7:4c:5d:7f:2f:0a:b8:ef:db:50:76:cc:7d:
77:40:cd:2e:db:87:b6:02:aa:22:d3:b9:ab:69:5e:
85:34:db:c5:da:09:76:13:6d:ae:10:31:47:4b:cc:
34:86:78:36:8e:0d:41:c7:f4:30:5d:06:bf:ee:d8:
8d:dc:2b:75:3e:15:dc:3f:96:04:f5:26:f5:40:0b:
2c:3d:1d:74:33:f5:6a:f2:93:f3:1a:fe:18:17:fc:
cd:4d:96:ad:c4:0a:13:9d:3a:32:01:33:48:c2:10:
38:34:73:4b:8b:e6:19:c2:70:b6:9b:1f:07:b4:dc:
50:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:4D:CB:6A:E8:98:E6:C9:71:C5:69:89:0F:05:FC:31:F5:CF:46:A0
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/06682b3c-ff09-4d2d-a148-5dc0fa6da718.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c080::/46
Signature Algorithm: sha256WithRSAEncryption
97:6a:20:eb:6f:80:24:56:ac:a9:4b:1a:a0:b4:be:75:2b:83:
e8:d7:bd:f9:d6:84:e2:f7:0d:41:b5:17:ec:9f:8e:36:6b:a8:
3e:a0:d2:12:28:dd:34:d5:a1:15:c0:0f:c3:f7:da:4a:f1:65:
a0:2a:86:db:ad:f7:49:70:97:95:82:27:03:44:01:19:fc:9f:
aa:4b:7c:4d:41:c1:b9:4b:a0:e9:5d:2a:08:93:09:d9:e4:ca:
fb:fa:aa:91:fc:1e:1c:71:27:15:4e:db:4c:f4:64:30:8f:92:
23:8e:1c:ef:27:33:43:5d:63:af:5d:1a:66:34:fa:ad:3c:88:
08:11:91:03:cb:73:57:46:1a:04:9e:d4:df:06:6e:d7:a7:ec:
73:a8:97:e4:a1:ea:9f:e0:3f:0a:0c:68:95:63:86:a1:02:eb:
7d:a2:3e:9f:98:d0:88:fa:17:3e:d9:17:9a:31:37:ab:f2:75:
79:7f:12:73:20:03:9f:5d:ca:8d:b7:93:e2:51:2b:c8:c2:76:
6a:bf:9e:f8:68:f2:46:6b:cd:d4:b8:3d:42:85:ce:39:39:75:
e1:2d:28:91:68:48:31:92:01:f0:07:41:f8:e3:01:5c:cb:18:
cc:ab:51:8c:dd:63:67:86:65:38:69:0d:d4:36:a0:93:57:b8:
c2:93:a7:c0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUXoZLCpOy6/8gcAw97M18KnAtxq0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDk0NDk0YWU0ZTkzMjU4YmVkMjNiYzIzODg5ZDBlN2VlYjRiZWRiMDUwMzkz
NzI5MjEwNDdkNmMwOWZkMGY4YTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKEm+qdUFS85erfjfZNtBQD0Zyk3P6zvTcYNrFCm5iM1hvIled2K9UK01lc4
stQ/s5KmqHUMUrZiI3d/8cSemql/JV3ZD5FklRETuTRX3Z8xDpdybKSGx6/SqnZ8
mwT5+G8B5MPUUcz7jCesOeMKdcfkwWUYR79/qzSh3N6tqfWTHy5JUftvduDXTF1/
Lwq479tQdsx9d0DNLtuHtgKqItO5q2lehTTbxdoJdhNtrhAxR0vMNIZ4No4NQcf0
MF0Gv+7YjdwrdT4V3D+WBPUm9UALLD0ddDP1avKT8xr+GBf8zU2WrcQKE506MgEz
SMIQODRzS4vmGcJwtpsfB7TcUOECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSqTctq
6JjmyXHFaYkPBfwx9c9GoDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDY2ODJiM2MtZmYwOS00ZDJkLWExNDgtNWRjMGZhNmRhNzE4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DDA
gDANBgkqhkiG9w0BAQsFAAOCAQEAl2og62+AJFasqUsaoLS+dSuD6Ne9+daE4vcN
QbUX7J+ONmuoPqDSEijdNNWhFcAPw/faSvFloCqG2633SXCXlYInA0QBGfyfqkt8
TUHBuUug6V0qCJMJ2eTK+/qqkfweHHEnFU7bTPRkMI+SI44c7yczQ11jr10aZjT6
rTyICBGRA8tzV0YaBJ7U3wZu16fsc6iX5KHqn+A/CgxolWOGoQLrfaI+n5jQiPoX
PtkXmjE3q/J1eX8ScyADn13KjbeT4lEryMJ2ar+e+GjyRmvN1Lg9QoXOOTl14S0o
kWhIMZIB8AdB+OMBXMsYzKtRjN1jZ4ZlOGkN1Dagk1e4wpOnwA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:20 2025 by rpki-client