Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/49b19e17-33c9-4e75-a18a-4f52ec8835fb.roa
File: 49b19e17-33c9-4e75-a18a-4f52ec8835fb.roa (raw, json)
Hash identifier: zKC8gvozB5nyJEwTtm6atlPL/kIoPDSw/5BjZmsOwQc=
Subject key identifier: 97:A6:23:D9:83:A4:E7:53:33:6A:EA:60:EE:04:29:74:0B:56:6D:1E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22FF04F61B3BD23519DDD0E9BAB872B418FE9CDB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/49b19e17-33c9-4e75-a18a-4f52ec8835fb.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07c:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:ff:04:f6:1b:3b:d2:35:19:dd:d0:e9:ba:b8:72:b4:18:fe:9c:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=e0770cd22320fd6261a1a6e26f55f53881c1b27391efd8a4a0e51f0b4185feda, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:fa:ee:75:4e:9f:39:c7:d2:0f:7a:9b:a4:db:
28:ce:8a:43:68:d7:3c:7c:c6:a4:fe:02:3d:b3:7f:
b7:66:c9:de:49:44:13:15:13:fa:80:8a:f7:91:e1:
17:c5:79:c9:b8:fc:7c:0c:90:c5:63:94:b4:09:0b:
bf:2b:14:42:e1:a2:8a:60:d6:e8:cf:8c:94:29:52:
f4:7b:68:85:52:5e:0a:d2:38:5c:18:cd:60:29:db:
cd:ee:9e:07:1d:81:4f:cc:dd:c2:90:7b:bf:07:0d:
15:75:88:15:05:6f:4c:27:34:f0:c7:1c:49:58:38:
b8:02:e1:a0:49:b4:df:0c:f5:07:d3:28:d9:6b:9a:
57:28:c2:e3:52:32:1c:23:f8:9d:03:45:a0:b5:7f:
7f:db:5b:10:d0:76:38:0e:51:e3:db:d3:a8:2a:6b:
29:18:b9:31:ed:47:40:f3:7b:e2:22:a9:12:12:9e:
95:ab:cb:83:6d:d2:f2:05:d7:89:ef:1a:87:7c:6c:
bc:88:ce:57:50:c4:a4:79:26:cd:db:03:c5:af:e9:
4d:b8:4a:2d:3d:2f:ea:32:38:ca:e6:bd:c5:f0:70:
a4:5a:ff:35:05:1f:49:44:e7:54:54:b6:32:bd:9f:
1b:c7:db:63:6b:bf:88:d2:91:3e:9b:d0:f5:52:1c:
78:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A6:23:D9:83:A4:E7:53:33:6A:EA:60:EE:04:29:74:0B:56:6D:1E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/49b19e17-33c9-4e75-a18a-4f52ec8835fb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07c:b000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:99:3d:39:8d:80:80:87:f1:d2:f1:09:d4:a7:13:c0:c2:6c:
94:6b:70:4e:3d:a7:88:a7:a8:30:d7:ab:04:6e:74:77:88:d1:
60:54:c7:f9:07:d8:c7:a7:f4:a0:3b:34:9d:c3:85:eb:bd:78:
a6:58:cb:59:44:a4:fe:c4:f5:1b:42:b2:ad:5a:88:37:73:f6:
07:e5:64:26:54:a2:b4:4d:54:92:88:db:81:d6:99:b4:d0:48:
0b:6f:e3:c8:54:87:78:24:7d:97:a2:ad:e4:ee:17:10:9d:cf:
7d:e8:1d:a7:c7:a4:03:62:30:ac:2d:20:83:85:65:8e:0a:9b:
3d:8d:36:4d:b1:96:f7:c7:38:21:8d:fa:eb:5b:f7:05:ab:c2:
53:75:df:18:de:31:08:a2:98:7d:a0:85:d8:9b:d6:dd:4b:71:
88:20:22:8b:2a:dd:d9:cb:9a:3b:46:1c:5a:21:64:fe:6c:04:
c1:e9:de:b7:30:f8:8e:6d:57:7d:bb:7e:aa:04:cf:8e:18:00:
5c:0a:86:21:e9:d2:17:f4:1e:e4:f0:16:ea:b2:b1:2d:be:ba:
ec:df:30:ab:32:89:45:86:74:83:6c:12:50:2a:31:42:f0:2f:
29:98:28:d2:d6:84:cd:01:94:91:20:8a:fa:0a:71:68:ef:a1:
8d:7c:9d:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUIv8E9hs70jUZ3dDpurhytBj+nNswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGUwNzcwY2QyMjMyMGZkNjI2MWExYTZlMjZmNTVmNTM4ODFjMWIyNzM5MWVm
ZDhhNGEwZTUxZjBiNDE4NWZlZGExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALv67nVOnznH0g96m6TbKM6KQ2jXPHzGpP4CPbN/t2bJ3klEExUT+oCK95Hh
F8V5ybj8fAyQxWOUtAkLvysUQuGiimDW6M+MlClS9HtohVJeCtI4XBjNYCnbze6e
Bx2BT8zdwpB7vwcNFXWIFQVvTCc08MccSVg4uALhoEm03wz1B9Mo2WuaVyjC41Iy
HCP4nQNFoLV/f9tbENB2OA5R49vTqCprKRi5Me1HQPN74iKpEhKelavLg23S8gXX
ie8ah3xsvIjOV1DEpHkmzdsDxa/pTbhKLT0v6jI4yua9xfBwpFr/NQUfSUTnVFS2
Mr2fG8fbY2u/iNKRPpvQ9VIceP8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSXpiPZ
g6TnUzNq6mDuBCl0C1ZtHjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDliMTllMTctMzNjOS00ZTc1LWExOGEtNGY1MmVjODgzNWZiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hyw
MA0GCSqGSIb3DQEBCwUAA4IBAQComT05jYCAh/HS8QnUpxPAwmyUa3BOPaeIp6gw
16sEbnR3iNFgVMf5B9jHp/SgOzSdw4XrvXimWMtZRKT+xPUbQrKtWog3c/YH5WQm
VKK0TVSSiNuB1pm00EgLb+PIVId4JH2Xoq3k7hcQnc996B2nx6QDYjCsLSCDhWWO
Cps9jTZNsZb3xzghjfrrW/cFq8JTdd8Y3jEIoph9oIXYm9bdS3GIICKLKt3Zy5o7
RhxaIWT+bATB6d63MPiObVd9u36qBM+OGABcCoYh6dIX9B7k8BbqsrEtvrrs3zCr
MolFhnSDbBJQKjFC8C8pmCjS1oTNAZSRIIr6CnFo76GNfJ13
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:23 2025 by rpki-client