Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1e94aa28-569f-4400-a05f-d212f42799e9.roa
File: 1e94aa28-569f-4400-a05f-d212f42799e9.roa (raw, json)
Hash identifier: FBe2f6+EE6NPNC1kz4apavAB1wtVNHp/OT3LLov4SYM=
Subject key identifier: 7A:55:C6:E5:14:C9:B2:24:54:8D:E8:8C:AA:2A:97:2A:24:25:F9:38
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2499A037BE62CE62B133EF638A24E7F9ADEAF46C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1e94aa28-569f-4400-a05f-d212f42799e9.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:c000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:99:a0:37:be:62:ce:62:b1:33:ef:63:8a:24:e7:f9:ad:ea:f4:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=5a4552fa9d9aebc49cf931941fd7353344980209dbd58b16f38d3517cec00d2b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:db:4c:00:64:76:cf:55:26:ae:6e:e4:9c:11:
87:7b:56:4d:a5:94:63:cf:9b:74:08:3b:f9:8a:1d:
0f:5d:cf:0f:fc:ff:7c:f2:0e:35:74:ad:13:79:17:
f8:84:29:18:43:15:ce:76:ac:2c:8f:69:dc:d4:8f:
b8:4d:1a:f4:9d:90:82:d2:be:68:af:34:cb:ed:b9:
62:10:42:47:a6:be:09:d4:ee:f9:f1:eb:af:23:e8:
b8:fb:d8:92:f9:1c:40:f5:6a:9d:83:95:50:9e:76:
45:e4:d0:a9:37:76:6e:b1:f2:9f:72:f5:7b:0e:1d:
0b:1f:f8:5e:0e:7e:d1:df:06:6a:0c:e2:b1:20:89:
c9:89:7d:18:e1:f9:27:66:1e:b5:e8:b0:ab:a1:44:
01:7c:b9:4f:66:26:a7:ee:a1:ab:9e:12:e5:0d:26:
ed:b6:16:ab:70:97:49:5a:15:78:b5:98:ac:7f:55:
90:3f:35:ce:16:8d:16:6b:ce:09:37:e6:5e:9d:4a:
4f:05:10:65:ee:a7:c8:3f:79:6e:31:fd:7f:76:41:
4a:96:52:f0:cd:49:bc:20:f4:28:d2:e3:e5:d8:1a:
4e:f7:94:18:05:20:03:28:73:11:3b:3d:40:b3:a6:
00:31:7f:49:1f:cf:30:9f:e6:1a:50:27:d9:cf:32:
55:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:55:C6:E5:14:C9:B2:24:54:8D:E8:8C:AA:2A:97:2A:24:25:F9:38
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1e94aa28-569f-4400-a05f-d212f42799e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:c000::/40
Signature Algorithm: sha256WithRSAEncryption
47:1d:9d:a1:67:01:d0:1d:7b:b9:5f:3b:24:5d:a0:ff:e7:b9:
72:74:af:4c:62:d6:ef:e7:8f:7a:e1:9a:36:9d:02:ad:cf:81:
de:02:e0:bc:60:4d:43:a1:c2:9a:b4:33:f0:ac:82:b7:33:62:
ec:00:27:90:81:94:dc:a4:63:0d:85:73:b0:2f:b4:d1:53:32:
63:59:10:75:9b:78:a1:1b:4d:49:f3:24:24:c3:38:34:76:76:
6f:ba:32:af:5e:86:dc:84:56:a7:6e:53:6b:16:6b:9b:e0:fe:
65:85:39:58:29:d1:80:ba:31:0f:a4:d0:20:c3:95:11:5c:8b:
87:fd:72:f5:f5:55:e3:e4:6d:d5:76:b5:e2:17:41:fa:dc:75:
ec:42:5a:96:cf:17:28:c4:af:d6:f8:17:e4:1c:6d:f5:c3:f6:
6d:8a:b5:10:87:0e:8b:fc:20:14:7b:bf:67:c1:c7:83:99:7e:
11:6c:b5:8c:cd:38:63:f9:f6:0e:e8:dd:4f:31:9e:7e:a9:72:
df:5f:f9:49:ee:3c:50:fd:74:b8:39:53:50:59:7b:06:47:d8:
3b:91:b1:30:c4:12:73:41:8d:4d:fe:87:41:f8:9f:c8:f2:4d:
2f:8d:9a:de:3b:bc:e6:5b:41:26:1b:ec:31:c5:79:0d:65:2d:
00:fa:3a:ca
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUJJmgN75izmKxM+9jiiTn+a3q9GwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhNDU1MmZhOWQ5YWViYzQ5Y2Y5MzE5NDFmZDczNTMzNDQ5ODAyMDlkYmQ1
OGIxNmYzOGQzNTE3Y2VjMDBkMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfbTABkds9VJq5u5JwRh3tWTaWUY8+bdAg7+YodD13PD/z/fPIONXStE3kX
+IQpGEMVznasLI9p3NSPuE0a9J2QgtK+aK80y+25YhBCR6a+CdTu+fHrryPouPvY
kvkcQPVqnYOVUJ52ReTQqTd2brHyn3L1ew4dCx/4Xg5+0d8GagzisSCJyYl9GOH5
J2Yeteiwq6FEAXy5T2Ymp+6hq54S5Q0m7bYWq3CXSVoVeLWYrH9VkD81zhaNFmvO
CTfmXp1KTwUQZe6nyD95bjH9f3ZBSpZS8M1JvCD0KNLj5dgaTveUGAUgAyhzETs9
QLOmADF/SR/PMJ/mGlAn2c8yVUsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR6Vcbl
FMmyJFSN6IyqKpcqJCX5ODAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWU5NGFhMjgtNTY5Zi00NDAwLWEwNWYtZDIxMmY0Mjc5OWU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DDA
MA0GCSqGSIb3DQEBCwUAA4IBAQBHHZ2hZwHQHXu5XzskXaD/57lydK9MYtbv5496
4Zo2nQKtz4HeAuC8YE1DocKatDPwrIK3M2LsACeQgZTcpGMNhXOwL7TRUzJjWRB1
m3ihG01J8yQkwzg0dnZvujKvXobchFanblNrFmub4P5lhTlYKdGAujEPpNAgw5UR
XIuH/XL19VXj5G3VdrXiF0H63HXsQlqWzxcoxK/W+BfkHG31w/ZtirUQhw6L/CAU
e79nwceDmX4RbLWMzThj+fYO6N1PMZ5+qXLfX/lJ7jxQ/XS4OVNQWXsGR9g7kbEw
xBJzQY1N/odB+J/I8k0vjZreO7zmW0EmG+wxxXkNZS0A+jrK
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:25 2025 by rpki-client