Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84806225-a68a-42be-b071-20dc5ddad951.roa
File: 84806225-a68a-42be-b071-20dc5ddad951.roa (raw, json)
Hash identifier: +J5/wPJwHGKS6pkyMv3PnB0rmO1E+xll2ez0z0FJCyA=
Subject key identifier: 03:F1:71:C4:B4:6B:8C:A6:8A:2B:18:A0:2A:AB:08:E7:BB:DD:B3:BB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3D5043EA05F0C2ECB9C6737B992CD1FB002A9D33
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84806225-a68a-42be-b071-20dc5ddad951.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:1000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:50:43:ea:05:f0:c2:ec:b9:c6:73:7b:99:2c:d1:fb:00:2a:9d:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=452383e51346ef4f164610ca94fb9ada1721950d412e58de44f66bfea0c030d1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d2:85:b8:f2:53:ac:cd:d7:1e:3f:57:23:82:
f1:82:81:77:6c:4e:04:51:17:4b:7c:d3:bd:e6:12:
5f:89:87:ae:8a:93:d8:2e:17:e5:a1:16:7b:65:59:
ab:3c:1f:1e:9d:98:30:9f:47:a6:04:5c:83:c4:44:
f0:c5:3a:e0:2c:29:11:fe:8f:8b:5f:9b:08:db:c1:
89:7d:2b:a1:e9:06:62:0d:03:9b:eb:d6:e9:6d:05:
bf:6a:9c:e7:02:b8:50:79:c2:c0:ca:40:b1:a4:a3:
21:47:f4:87:42:7d:73:27:ea:2b:5d:1d:e5:05:c3:
6c:e9:7f:b6:da:ee:ed:b5:39:39:3e:6d:07:b8:14:
39:d6:78:0c:75:eb:ad:15:6b:b1:02:f8:a9:8d:90:
c6:73:38:06:fa:62:34:a6:86:e7:07:1c:9d:4c:b7:
b6:7a:14:4d:b0:24:38:cc:9c:3e:15:14:17:c6:d7:
2a:3e:28:0b:19:90:43:e1:bb:8d:48:e2:dc:66:45:
d2:b0:52:1a:73:a9:b2:42:ff:50:f6:9b:9f:8f:8c:
bc:fb:22:72:c3:45:28:a1:3b:78:10:67:b2:d5:98:
65:31:58:58:21:3b:0b:43:fb:18:ba:4c:0d:ad:ea:
ad:99:84:4c:e9:a7:ce:43:f0:82:44:1e:7a:ca:c9:
e2:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F1:71:C4:B4:6B:8C:A6:8A:2B:18:A0:2A:AB:08:E7:BB:DD:B3:BB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/84806225-a68a-42be-b071-20dc5ddad951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:1000::/40
Signature Algorithm: sha256WithRSAEncryption
1b:18:f4:e1:28:a6:b2:01:21:74:09:c3:ff:91:17:d6:75:08:
d8:01:9f:d9:61:cc:2b:61:b2:2c:2a:ba:e5:5b:e4:e4:f3:81:
5b:64:16:d3:85:bd:ac:8d:3b:da:c6:93:15:c6:c7:7a:da:c6:
7c:77:6a:27:0d:b7:77:42:3b:a1:33:0a:e7:b0:a1:d4:fd:bb:
de:6f:09:e5:2b:2a:ed:76:4e:06:99:56:50:c5:26:e3:03:19:
fa:5b:65:c2:75:d1:7a:58:e1:36:80:fe:81:e0:55:13:13:05:
a3:4e:f5:35:b4:6b:42:1b:87:1d:6e:47:bb:5f:be:4e:9c:76:
d2:10:75:26:49:e8:52:c6:c2:84:fc:48:37:df:25:d2:77:d5:
0e:ff:b8:cb:38:58:00:d4:6e:b1:fb:c0:86:d9:13:2a:52:45:
ce:d4:c9:f4:a2:4f:e9:1e:ed:d9:97:b8:6e:d9:ba:56:e0:a8:
a6:a9:26:7f:4d:d8:74:fe:24:82:86:b1:51:8e:d8:bb:62:35:
6f:58:6c:4e:ea:7f:63:a1:27:ec:ef:1a:4a:c1:77:1c:9a:7f:
9a:85:3d:52:9b:1e:64:39:12:bb:fb:90:e2:f6:e4:05:bb:76:
b2:85:50:68:09:f1:fc:f3:4d:80:58:a4:27:85:b1:04:a5:cb:
1d:0c:e6:d4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUPVBD6gXwwuy5xnN7mSzR+wAqnTMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ1MjM4M2U1MTM0NmVmNGYxNjQ2MTBjYTk0ZmI5YWRhMTcyMTk1MGQ0MTJl
NThkZTQ0ZjY2YmZlYTBjMDMwZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKzShbjyU6zN1x4/VyOC8YKBd2xOBFEXS3zTveYSX4mHroqT2C4X5aEWe2VZ
qzwfHp2YMJ9HpgRcg8RE8MU64CwpEf6Pi1+bCNvBiX0roekGYg0Dm+vW6W0Fv2qc
5wK4UHnCwMpAsaSjIUf0h0J9cyfqK10d5QXDbOl/ttru7bU5OT5tB7gUOdZ4DHXr
rRVrsQL4qY2QxnM4BvpiNKaG5wccnUy3tnoUTbAkOMycPhUUF8bXKj4oCxmQQ+G7
jUji3GZF0rBSGnOpskL/UPabn4+MvPsicsNFKKE7eBBnstWYZTFYWCE7C0P7GLpM
Da3qrZmETOmnzkPwgkQeesrJ4hsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQD8XHE
tGuMpoorGKAqqwjnu92zuzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODQ4MDYyMjUtYTY4YS00MmJlLWIwNzEtMjBkYzVkZGFkOTUxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DAQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAbGPThKKayASF0CcP/kRfWdQjYAZ/ZYcwrYbIs
KrrlW+Tk84FbZBbThb2sjTvaxpMVxsd62sZ8d2onDbd3QjuhMwrnsKHU/bvebwnl
Kyrtdk4GmVZQxSbjAxn6W2XCddF6WOE2gP6B4FUTEwWjTvU1tGtCG4cdbke7X75O
nHbSEHUmSehSxsKE/Eg33yXSd9UO/7jLOFgA1G6x+8CG2RMqUkXO1Mn0ok/pHu3Z
l7hu2bpW4KimqSZ/Tdh0/iSChrFRjti7YjVvWGxO6n9joSfs7xpKwXccmn+ahT1S
mx5kORK7+5Di9uQFu3ayhVBoCfH8802AWKQnhbEEpcsdDObU
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:23:49 2025 by rpki-client