Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa
File: 0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa (raw, json)
Hash identifier: wiXTC/tcvHlCHwHc3zHK3e0ApNnWktXyQvUCox+d5d0=
Subject key identifier: 0F:EF:05:C0:56:03:CE:9F:6D:06:1E:C6:0E:6B:7C:F4:5E:1A:A5:3E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3C0235B19C0F57C5C7F7AA8D12E672848A4F0EAA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d072:6000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:02:35:b1:9c:0f:57:c5:c7:f7:aa:8d:12:e6:72:84:8a:4f:0e:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=b672a0a9afaac71bdcd90460c6f8ed8afc16da2f3726a4c3e40712ff94a941c0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:64:61:05:b6:37:96:13:78:7c:da:79:2c:6c:
3e:93:cc:8c:fa:af:b3:60:28:d5:0c:dc:0e:e7:3a:
e1:98:2b:86:ac:90:90:d2:c1:1d:81:df:5f:ca:60:
00:a7:1d:7e:85:47:25:41:64:07:47:43:ac:bb:8b:
65:30:75:d6:33:2d:82:5f:9a:c0:43:89:87:07:d9:
50:28:0f:19:5c:57:eb:04:27:e6:a8:af:99:cb:64:
9a:ae:c5:7e:8c:42:df:79:2d:f7:01:26:c2:17:6f:
4e:25:c9:fb:5c:db:30:93:a3:83:57:33:0f:83:34:
2d:ce:09:80:44:af:dc:9b:de:04:c9:ec:26:57:74:
69:9d:45:02:52:61:09:fb:cd:1e:3c:65:28:41:1f:
b1:26:28:f5:6e:91:f4:f6:4e:f6:a2:a9:68:91:fe:
cd:74:82:43:ed:6f:08:78:c1:ed:7b:52:d2:1f:58:
7d:60:02:c3:21:20:ba:9e:0c:88:63:ce:ee:ff:2e:
ec:00:2b:62:59:6a:82:1f:bc:51:5d:c4:e0:a8:d0:
cf:8d:0d:00:16:40:ea:2f:8b:61:0f:8f:7b:0d:19:
0c:3f:af:cc:49:10:9d:f8:aa:a6:92:d7:51:0b:f7:
df:69:36:b1:80:7b:5b:bd:1b:a1:ec:92:7e:f9:97:
32:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:EF:05:C0:56:03:CE:9F:6D:06:1E:C6:0E:6B:7C:F4:5E:1A:A5:3E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0f563251-1efa-4b6d-afe9-3e7f014bbba1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d072:6000::/40
Signature Algorithm: sha256WithRSAEncryption
ad:f8:4f:66:53:26:2c:cc:bf:f6:e4:ce:e3:3a:ce:4b:0d:2c:
60:4b:8d:99:dd:3f:4d:52:b5:f8:36:f1:0b:47:40:05:9b:74:
d1:8e:99:2b:df:af:02:70:11:56:8a:ac:0e:2e:d9:2d:62:e9:
7c:97:4b:28:32:21:61:c1:57:8e:22:93:2e:e5:bb:6d:2a:b4:
09:1d:17:9a:01:07:0b:e0:4c:e9:2c:89:cd:e4:06:24:3d:d8:
71:5a:e8:9f:61:8d:4b:dd:35:f0:83:75:3d:43:62:d8:fd:21:
ef:28:48:4c:55:60:ee:4a:6e:77:e5:d2:2c:32:94:d1:a3:99:
c3:ef:68:80:5f:e5:6d:49:46:94:91:4a:53:47:20:d6:d4:76:
3a:6e:43:01:c1:e0:2c:6a:6a:61:6a:23:c9:0d:25:d1:40:37:
7c:c4:6d:f7:6e:37:ec:aa:29:12:bc:c2:56:7b:4d:0b:ab:cb:
af:7f:38:64:57:02:4a:55:71:54:5f:fa:c5:25:f7:e8:bd:92:
51:c2:9f:c5:4c:ae:8b:d1:ac:e9:c2:c9:dd:f0:30:da:6a:b9:
32:bc:1c:76:54:2e:6f:8d:98:80:a9:58:e2:eb:e4:d1:c0:a5:
97:a5:db:ee:0c:eb:20:c1:c2:0a:81:00:ba:40:5b:d5:6e:07:
e2:c0:4c:31
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPAI1sZwPV8XH96qNEuZyhIpPDqowDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGI2NzJhMGE5YWZhYWM3MWJkY2Q5MDQ2MGM2ZjhlZDhhZmMxNmRhMmYzNzI2
YTRjM2U0MDcxMmZmOTRhOTQxYzAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKBkYQW2N5YTeHzaeSxsPpPMjPqvs2Ao1QzcDuc64ZgrhqyQkNLBHYHfX8pg
AKcdfoVHJUFkB0dDrLuLZTB11jMtgl+awEOJhwfZUCgPGVxX6wQn5qivmctkmq7F
foxC33kt9wEmwhdvTiXJ+1zbMJOjg1czD4M0Lc4JgESv3JveBMnsJld0aZ1FAlJh
CfvNHjxlKEEfsSYo9W6R9PZO9qKpaJH+zXSCQ+1vCHjB7XtS0h9YfWACwyEgup4M
iGPO7v8u7AArYllqgh+8UV3E4KjQz40NABZA6i+LYQ+Pew0ZDD+vzEkQnfiqppLX
UQv332k2sYB7W70boeySfvmXMukCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQP7wXA
VgPOn20GHsYOa3z0XhqlPjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGY1NjMyNTEtMWVmYS00YjZkLWFmZTktM2U3ZjAxNGJiYmExLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HJg
MA0GCSqGSIb3DQEBCwUAA4IBAQCt+E9mUyYszL/25M7jOs5LDSxgS42Z3T9NUrX4
NvELR0AFm3TRjpkr368CcBFWiqwOLtktYul8l0soMiFhwVeOIpMu5bttKrQJHRea
AQcL4EzpLInN5AYkPdhxWuifYY1L3TXwg3U9Q2LY/SHvKEhMVWDuSm535dIsMpTR
o5nD72iAX+VtSUaUkUpTRyDW1HY6bkMBweAsamphaiPJDSXRQDd8xG33bjfsqikS
vMJWe00Lq8uvfzhkVwJKVXFUX/rFJffovZJRwp/FTK6L0azpwsnd8DDaarkyvBx2
VC5vjZiAqVji6+TRwKWXpdvuDOsgwcIKgQC6QFvVbgfiwEwx
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:20 2025 by rpki-client