Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4fd9f435-a1bd-4a33-bcd7-a98885db581f.roa
File: 4fd9f435-a1bd-4a33-bcd7-a98885db581f.roa (raw, json)
Hash identifier: BUj/ISwwluh+UWIbIAJhPFOZCRlsq5OXrMvFcdy4PYI=
Subject key identifier: 21:B2:75:06:4B:50:B8:C4:DA:02:22:D4:DE:B2:62:8A:9A:0E:F6:26
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2C055D5DCA3B4EB6436999E3004BD76C99E7C181
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4fd9f435-a1bd-4a33-bcd7-a98885db581f.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:e000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:05:5d:5d:ca:3b:4e:b6:43:69:99:e3:00:4b:d7:6c:99:e7:c1:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=4ae9ba71ab4525f39d111596bdd3bdec840de41f2a13c8a8ac64717d8dd6b496, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:94:b3:f1:f0:9d:62:43:85:c8:bb:3a:28:1b:
ec:8c:74:1e:82:b3:c8:fa:b9:db:0a:d1:26:ed:36:
2e:8a:fd:44:b2:51:a3:fd:ff:13:18:27:e5:da:38:
72:fb:e5:23:25:5d:bf:7e:5c:fd:b3:06:1f:ca:73:
70:85:88:58:f3:24:40:a3:f6:67:07:80:f2:95:d0:
d0:3a:04:b4:1b:cd:4e:20:4b:11:66:35:de:96:5e:
91:7b:fb:b8:16:76:d3:68:de:c9:dd:af:ab:d3:54:
66:25:60:bd:0a:0b:15:6f:2c:c6:9c:1e:ad:04:61:
87:a0:c3:b6:cb:c6:81:f2:8f:86:0c:84:89:f5:4a:
24:36:0e:8c:e3:21:39:83:15:8b:14:84:ff:8b:05:
b8:53:1c:4d:bd:07:dd:a4:41:a5:03:c5:0e:ca:0e:
38:ad:f5:4b:4a:9e:2a:5e:e6:33:ff:81:dc:8c:46:
38:a8:a0:c2:28:68:e3:d0:59:0d:97:57:5e:7f:f1:
48:6d:18:f7:f2:47:f7:f3:48:35:89:88:fd:cd:c5:
39:04:5f:4d:1b:7e:a3:21:ff:76:33:6c:e0:5d:3a:
99:69:64:46:3f:88:11:78:84:6a:8e:8e:43:8f:66:
25:b0:4e:41:de:61:92:c3:77:a3:52:d8:9a:81:fa:
13:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B2:75:06:4B:50:B8:C4:DA:02:22:D4:DE:B2:62:8A:9A:0E:F6:26
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4fd9f435-a1bd-4a33-bcd7-a98885db581f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:e000::/40
Signature Algorithm: sha256WithRSAEncryption
16:f4:29:46:75:b9:3e:e0:23:7e:25:98:44:e5:ea:95:a5:6c:
cd:15:02:64:e0:ca:92:e3:9b:d8:31:96:3c:19:83:a6:a2:26:
31:53:61:97:f5:68:c1:c1:5c:42:1f:7c:c4:84:84:12:cc:3a:
83:77:8f:fd:4b:d9:f5:0d:e9:2d:4e:52:65:29:ae:2c:c9:39:
58:12:fe:c0:67:91:33:9b:47:a9:ce:fa:7e:17:64:6a:e8:3e:
47:1f:89:88:a3:a3:b5:7b:ad:56:ed:83:70:2d:fa:e8:3f:48:
39:24:60:09:96:71:98:59:6c:69:54:ed:1e:86:ce:e3:45:ef:
ef:53:77:1c:57:27:74:42:31:85:a8:79:2e:2e:a6:08:c5:5c:
d5:5d:5c:f9:2a:41:f0:aa:e4:9a:ac:fa:83:7d:93:4d:77:fc:
ca:a1:22:05:95:60:28:3d:ee:7e:70:a1:a9:c6:49:82:5b:c2:
c0:69:e6:de:3f:7f:03:52:0c:b3:15:18:48:2e:77:f3:74:ba:
60:27:da:47:3e:9e:8b:31:21:93:9e:de:8f:95:b7:03:a8:33:
bd:c9:81:dd:1a:2a:ff:55:db:12:84:14:4d:ed:c6:3a:95:f0:
39:91:26:74:24:a8:b8:d9:37:49:de:67:7d:6c:b6:62:17:f9:
83:1c:11:64
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULAVdXco7TrZDaZnjAEvXbJnnwYEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDRhZTliYTcxYWI0NTI1ZjM5ZDExMTU5NmJkZDNiZGVjODQwZGU0MWYyYTEz
YzhhOGFjNjQ3MTdkOGRkNmI0OTYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL+Us/HwnWJDhci7Oigb7Ix0HoKzyPq52wrRJu02Lor9RLJRo/3/Exgn5do4
cvvlIyVdv35c/bMGH8pzcIWIWPMkQKP2ZweA8pXQ0DoEtBvNTiBLEWY13pZekXv7
uBZ202jeyd2vq9NUZiVgvQoLFW8sxpwerQRhh6DDtsvGgfKPhgyEifVKJDYOjOMh
OYMVixSE/4sFuFMcTb0H3aRBpQPFDsoOOK31S0qeKl7mM/+B3IxGOKigwiho49BZ
DZdXXn/xSG0Y9/JH9/NINYmI/c3FOQRfTRt+oyH/djNs4F06mWlkRj+IEXiEao6O
Q49mJbBOQd5hksN3o1LYmoH6E5kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQhsnUG
S1C4xNoCItTesmKKmg72JjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGZkOWY0MzUtYTFiZC00YTMzLWJjZDctYTk4ODg1ZGI1ODFmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DXg
MA0GCSqGSIb3DQEBCwUAA4IBAQAW9ClGdbk+4CN+JZhE5eqVpWzNFQJk4MqS45vY
MZY8GYOmoiYxU2GX9WjBwVxCH3zEhIQSzDqDd4/9S9n1DektTlJlKa4syTlYEv7A
Z5Ezm0epzvp+F2Rq6D5HH4mIo6O1e61W7YNwLfroP0g5JGAJlnGYWWxpVO0ehs7j
Re/vU3ccVyd0QjGFqHkuLqYIxVzVXVz5KkHwquSarPqDfZNNd/zKoSIFlWAoPe5+
cKGpxkmCW8LAaebeP38DUgyzFRhILnfzdLpgJ9pHPp6LMSGTnt6PlbcDqDO9yYHd
Gir/VdsShBRN7cY6lfA5kSZ0JKi42TdJ3md9bLZiF/mDHBFk
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:06:18 2025 by rpki-client