Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/636fd47b-89eb-4828-873d-2c6e06a89e85.roa
File: 636fd47b-89eb-4828-873d-2c6e06a89e85.roa (raw, json)
Hash identifier: bpbWmQzrSvzz01D8iPTJo9I5NW/wXTj4OH9jqC/Fqio=
Subject key identifier: 60:29:69:00:05:4E:EB:D2:10:BF:F5:EE:FA:77:D2:03:B1:42:A4:24
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 5C956AEB28ADDBB8B16050DD3E2E5A64D44C994B
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/636fd47b-89eb-4828-873d-2c6e06a89e85.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d011::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:95:6a:eb:28:ad:db:b8:b1:60:50:dd:3e:2e:5a:64:d4:4c:99:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=d435abbb38bcda57e43f4d894db168fd961f39d61b20b22aac0ac87e19153278, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:ab:03:cc:f5:9a:0f:63:f6:d4:1c:59:4c:e3:
d6:bb:e7:b4:47:56:e1:7a:83:76:96:7f:8e:d8:c8:
22:f7:9e:0e:7d:36:cd:22:6c:61:f3:95:19:1b:1e:
15:5c:73:9c:3f:f4:d0:ab:66:5b:6f:4c:f6:51:0c:
a0:09:68:f0:ee:06:03:ce:64:99:31:52:b6:17:32:
e4:06:b6:24:11:37:6c:7c:d8:af:11:34:01:8d:f1:
8c:a5:da:9d:b9:4c:00:82:89:d4:31:96:0f:72:cb:
21:fc:96:5a:b9:61:60:3d:90:e8:09:55:d6:79:01:
e8:85:e4:55:13:44:0c:08:ea:c6:1c:ce:e5:db:af:
4c:f0:00:3f:fb:8b:55:13:e1:9c:e2:de:a3:82:81:
0d:a3:0f:78:9a:e0:4a:10:de:98:62:f1:2c:d7:22:
f0:9e:30:42:8a:92:3f:ba:f0:7c:4f:ba:37:d1:bf:
8e:06:f8:1a:03:e3:99:33:cc:94:b0:ea:44:69:23:
b7:c5:6f:53:56:6b:6a:84:b7:ed:c5:ff:22:be:a3:
70:2e:fa:f0:e2:3d:d4:85:60:f0:0e:ed:6b:fb:f4:
cf:dc:9b:b3:3b:0f:40:84:cd:35:21:47:66:3e:d2:
58:b6:ad:06:6e:d6:bd:d2:bf:ba:5b:7d:af:eb:a4:
7d:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:29:69:00:05:4E:EB:D2:10:BF:F5:EE:FA:77:D2:03:B1:42:A4:24
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/636fd47b-89eb-4828-873d-2c6e06a89e85.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d011::/36
Signature Algorithm: sha256WithRSAEncryption
34:a8:e2:6c:c0:e1:15:fd:04:40:fa:cc:46:ca:5f:88:70:2b:
f4:87:b4:79:42:9a:4a:c0:a6:ab:81:ed:37:b9:b4:e5:96:a6:
1b:2d:c2:50:36:96:bb:aa:3c:ed:95:09:3a:ba:fe:da:6e:29:
dc:b1:c5:9a:3f:57:12:ca:4c:c3:35:b9:4f:54:95:64:2d:db:
aa:4c:48:e2:53:a3:0c:2d:f6:3c:cc:d0:e2:0a:54:6e:81:f3:
fe:cd:27:60:26:ee:e1:50:86:b4:85:0a:d4:3f:89:1d:c7:f4:
7d:e6:6a:b7:35:61:cf:4c:cf:e3:fc:33:44:c1:6a:96:32:41:
a0:53:10:23:19:85:34:c2:de:73:63:39:14:28:bc:ea:98:4c:
eb:a2:d3:34:d1:1f:85:9f:ff:d0:74:9c:5b:2e:68:d0:fa:ec:
b3:d9:ff:43:ce:22:05:59:b2:b3:10:75:e6:dc:38:b6:4e:51:
9d:2e:92:4f:86:42:47:02:27:47:3c:bd:6e:19:20:4b:05:59:
25:b6:d2:34:29:29:5f:af:34:a5:c2:d8:89:32:a4:46:33:5f:
ca:51:13:5e:84:25:87:2d:68:22:b1:6a:dd:6a:ff:09:29:dd:
27:d7:b1:e9:4c:8e:73:4f:36:60:24:a9:a7:70:d1:7c:76:36:
38:8a:59:04
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUXJVq6yit27ixYFDdPi5aZNRMmUswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQGQ0MzVhYmJiMzhiY2RhNTdlNDNmNGQ4OTRkYjE2OGZkOTYxZjM5ZDYxYjIw
YjIyYWFjMGFjODdlMTkxNTMyNzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMSrA8z1mg9j9tQcWUzj1rvntEdW4XqDdpZ/jtjIIveeDn02zSJsYfOVGRse
FVxznD/00KtmW29M9lEMoAlo8O4GA85kmTFSthcy5Aa2JBE3bHzYrxE0AY3xjKXa
nblMAIKJ1DGWD3LLIfyWWrlhYD2Q6AlV1nkB6IXkVRNEDAjqxhzO5duvTPAAP/uL
VRPhnOLeo4KBDaMPeJrgShDemGLxLNci8J4wQoqSP7rwfE+6N9G/jgb4GgPjmTPM
lLDqRGkjt8VvU1ZraoS37cX/Ir6jcC768OI91IVg8A7ta/v0z9ybszsPQITNNSFH
Zj7SWLatBm7WvdK/ult9r+ukfZECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRgKWkA
BU7r0hC/9e76d9IDsUKkJDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjM2ZmQ0N2ItODllYi00ODI4LTg3M2QtMmM2ZTA2YTg5ZTg1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0BEA
MA0GCSqGSIb3DQEBCwUAA4IBAQA0qOJswOEV/QRA+sxGyl+IcCv0h7R5QppKwKar
ge03ubTllqYbLcJQNpa7qjztlQk6uv7abincscWaP1cSykzDNblPVJVkLduqTEji
U6MMLfY8zNDiClRugfP+zSdgJu7hUIa0hQrUP4kdx/R95mq3NWHPTM/j/DNEwWqW
MkGgUxAjGYU0wt5zYzkUKLzqmEzrotM00R+Fn//QdJxbLmjQ+uyz2f9DziIFWbKz
EHXm3Di2TlGdLpJPhkJHAidHPL1uGSBLBVklttI0KSlfrzSlwtiJMqRGM1/KURNe
hCWHLWgisWrdav8JKd0n17HpTI5zTzZgJKmncNF8djY4ilkE
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:19 2025 by rpki-client