Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89d16364-f332-4447-aafc-99a9264e55dc.roa
File: 89d16364-f332-4447-aafc-99a9264e55dc.roa (raw, json)
Hash identifier: smqk92eRnacchWSOLP6gNd51ffMcn5MeQPG5RFMboUA=
Subject key identifier: C2:1E:2D:C8:BC:E3:90:37:04:31:87:11:34:CA:D4:D7:54:A8:CF:86
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 27BD547CDC8F0072D222B33E1A895B535483D357
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89d16364-f332-4447-aafc-99a9264e55dc.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:a080::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:bd:54:7c:dc:8f:00:72:d2:22:b3:3e:1a:89:5b:53:54:83:d3:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=a4a81b7afa815678e696c67106260bd0310f8719e37c9ba47ec484e4fbe35026, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:45:a1:dd:e0:5d:aa:f9:a1:21:25:54:39:bd:
5b:24:da:9d:63:eb:7f:7c:d2:d6:ac:63:76:c6:e6:
fd:67:d0:37:04:1d:b8:74:70:04:0c:33:4d:ed:35:
c8:81:fe:7d:a0:c4:1a:44:03:26:fb:b4:e5:1b:cb:
a9:6a:38:f0:a4:8d:fa:b4:d7:18:cd:58:e6:03:cf:
a9:b1:e1:83:d5:c8:17:69:3c:2f:fb:12:e2:e8:52:
6f:1c:59:64:1f:07:e0:99:71:af:9e:64:f3:36:2e:
4e:b0:03:94:b3:d1:6d:85:59:fc:3d:99:80:d2:19:
ec:57:e8:f2:a2:40:30:72:f0:6c:65:b9:2f:5b:be:
cf:88:6f:bb:83:90:7b:7a:90:5c:9a:33:a2:f7:f0:
5f:ed:1a:f5:15:6b:8e:41:19:64:b5:c2:7b:fb:e6:
8d:79:7e:64:58:1a:40:02:16:40:b7:7b:96:91:12:
26:d7:86:68:7e:fa:b2:83:d7:60:3b:b4:00:40:2f:
f3:10:41:99:18:27:21:b6:02:a2:f7:09:97:a2:4d:
8e:60:e3:63:9c:86:86:ae:65:75:a6:1a:12:f1:cc:
fd:2f:0d:e8:c8:5c:7d:27:70:13:13:c1:c1:f8:62:
a0:b1:57:81:6a:4f:1e:12:57:fb:a6:95:52:1f:b8:
76:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:1E:2D:C8:BC:E3:90:37:04:31:87:11:34:CA:D4:D7:54:A8:CF:86
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/89d16364-f332-4447-aafc-99a9264e55dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a080::/46
Signature Algorithm: sha256WithRSAEncryption
38:1d:7a:72:6f:34:69:85:42:18:ca:36:1f:ed:f4:16:2a:cf:
c5:d2:db:7a:54:74:95:67:9a:3f:e2:88:69:2f:23:c2:d8:65:
af:d0:c6:1b:6e:50:a4:3b:99:01:56:12:af:8f:bc:01:c8:01:
d6:55:d0:37:43:30:47:54:2f:05:c9:db:76:2c:e8:b5:14:96:
e9:3b:e4:3c:85:50:9c:5f:d9:0a:6a:01:ac:d6:4c:96:5e:01:
70:38:2b:c9:3e:b8:18:05:95:44:33:4e:73:98:44:f9:c0:21:
c0:41:c6:97:68:9a:d9:29:d9:07:3a:7c:8a:e9:30:b1:8a:12:
c0:23:f4:35:9b:e3:8f:0d:67:7c:ed:7e:c8:bf:a1:f4:74:c6:
a3:83:7f:5b:f7:fa:a4:7f:e5:15:68:fe:82:e5:b1:5d:d2:c5:
4e:b9:a8:90:73:0a:5a:72:02:4f:28:88:7d:b4:42:0c:5e:63:
ea:fd:2a:f3:1f:c7:6f:ab:9b:80:98:6b:95:16:a3:f7:e5:a6:
df:f2:c0:38:11:b3:63:9d:48:97:0b:98:ff:44:2f:ca:c9:e4:
4f:c1:04:a5:f1:a3:c4:44:74:ed:f7:8d:8b:de:09:1f:4e:45:
6a:74:ed:7f:52:2e:9e:3e:d1:4d:4c:c5:92:d4:ac:b3:ce:fd:
65:d3:2f:39
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUJ71UfNyPAHLSIrM+GolbU1SD01cwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE0YTgxYjdhZmE4MTU2NzhlNjk2YzY3MTA2MjYwYmQwMzEwZjg3MTllMzdj
OWJhNDdlYzQ4NGU0ZmJlMzUwMjYxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOpFod3gXar5oSElVDm9WyTanWPrf3zS1qxjdsbm/WfQNwQduHRwBAwzTe01
yIH+faDEGkQDJvu05RvLqWo48KSN+rTXGM1Y5gPPqbHhg9XIF2k8L/sS4uhSbxxZ
ZB8H4Jlxr55k8zYuTrADlLPRbYVZ/D2ZgNIZ7Ffo8qJAMHLwbGW5L1u+z4hvu4OQ
e3qQXJozovfwX+0a9RVrjkEZZLXCe/vmjXl+ZFgaQAIWQLd7lpESJteGaH76soPX
YDu0AEAv8xBBmRgnIbYCovcJl6JNjmDjY5yGhq5ldaYaEvHM/S8N6MhcfSdwExPB
wfhioLFXgWpPHhJX+6aVUh+4dqUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTCHi3I
vOOQNwQxhxE0ytTXVKjPhjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODlkMTYzNjQtZjMzMi00NDQ3LWFhZmMtOTlhOTI2NGU1NWRjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DCg
gDANBgkqhkiG9w0BAQsFAAOCAQEAOB16cm80aYVCGMo2H+30FirPxdLbelR0lWea
P+KIaS8jwthlr9DGG25QpDuZAVYSr4+8AcgB1lXQN0MwR1QvBcnbdizotRSW6Tvk
PIVQnF/ZCmoBrNZMll4BcDgryT64GAWVRDNOc5hE+cAhwEHGl2ia2SnZBzp8iukw
sYoSwCP0NZvjjw1nfO1+yL+h9HTGo4N/W/f6pH/lFWj+guWxXdLFTrmokHMKWnIC
TyiIfbRCDF5j6v0q8x/Hb6ubgJhrlRaj9+Wm3/LAOBGzY51IlwuY/0QvysnkT8EE
pfGjxER07feNi94JH05FanTtf1Iunj7RTUzFktSss879ZdMvOQ==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:19 2025 by rpki-client