Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1509b8-a94c-47ec-9b81-a3c3b4b2ae63.roa
File: 9c1509b8-a94c-47ec-9b81-a3c3b4b2ae63.roa (raw, json)
Hash identifier: 2WsngsKXR8ucaUt02X09EhOqocGhIbUBe+rrAazwFVo=
Subject key identifier: 3C:25:06:3A:F4:F2:E4:2D:2C:A6:B7:A5:C8:29:3C:9A:1E:14:A7:AB
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 76C29A11D562A689366E846931012454888E26DE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1509b8-a94c-47ec-9b81-a3c3b4b2ae63.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:5000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:c2:9a:11:d5:62:a6:89:36:6e:84:69:31:01:24:54:88:8e:26:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=f1c0fe4b3b04d01dabafb4a729fd8cad30c6194fa38f6ef7194941bfe621d5ea, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:44:5c:f6:92:50:f1:82:b7:2e:8c:a7:3e:55:
3a:28:03:7b:40:52:c9:85:b3:ab:45:15:c8:26:1b:
22:4a:bf:da:f2:79:67:07:10:f1:c0:4b:31:b6:14:
7d:6e:9e:8b:9c:0f:9a:aa:e2:93:bb:49:38:d9:00:
93:5b:f9:c5:5d:b2:84:37:e8:96:0b:c8:87:5b:4b:
5f:c8:68:b2:0f:66:7d:b4:bb:fd:ba:96:af:32:1a:
7a:dc:43:17:b9:85:fa:2a:08:33:c3:3a:2a:13:e1:
63:82:8a:d0:de:a6:9e:fb:48:f1:8a:3e:0e:d8:22:
aa:e6:77:1a:75:7b:50:e3:7a:1e:40:73:2d:67:2f:
8e:d8:e9:27:74:76:4c:56:0a:2c:3e:01:ac:59:38:
b0:76:38:3c:bc:b9:94:f2:dd:cb:76:28:6d:64:da:
f4:4d:9d:25:01:71:35:28:31:43:09:9c:57:98:c7:
ae:46:86:d0:3a:05:34:f2:cc:e4:8e:52:de:e5:13:
9d:85:46:e4:bc:81:5f:5a:9d:21:e2:06:29:f8:7d:
72:1b:ca:7a:ba:d0:66:86:32:72:9b:40:f0:2c:34:
45:5b:f2:2d:7d:22:7f:37:3a:01:b6:22:fa:d2:78:
97:06:a5:6f:bc:2a:53:9f:af:f7:ef:55:20:d7:23:
83:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:25:06:3A:F4:F2:E4:2D:2C:A6:B7:A5:C8:29:3C:9A:1E:14:A7:AB
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9c1509b8-a94c-47ec-9b81-a3c3b4b2ae63.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:5000::/40
Signature Algorithm: sha256WithRSAEncryption
a0:27:9d:f4:c3:08:4d:46:85:0f:4b:13:60:9d:da:86:b6:27:
cb:f1:2e:3d:53:a6:3a:ef:ed:86:89:09:c1:fa:e9:94:04:b7:
2b:ca:fa:35:b0:26:b9:2a:83:4e:4f:7b:7e:a3:3b:2e:81:b8:
28:71:0b:b2:a9:d9:8d:ce:00:41:e5:d6:22:47:7b:69:89:d3:
19:b8:c5:7a:7b:6a:76:05:4f:33:23:c4:9e:5b:c6:cf:9d:b2:
63:ff:0a:ec:a5:69:c4:e0:c4:72:b3:cb:b0:24:3b:bf:13:dd:
1d:6b:57:46:7b:68:6e:0b:a5:ea:8e:a6:6f:4b:8b:39:34:49:
4c:dd:23:d9:c8:6e:d5:21:e8:49:87:68:74:5f:96:a2:f6:3f:
fc:48:f3:23:d5:4e:51:74:6e:7f:04:e7:d8:3e:37:eb:ed:ea:
a3:94:26:25:15:e1:6a:7c:de:05:a7:b3:4c:bc:b8:81:6a:a7:
d0:e6:b9:ed:28:46:f1:b3:92:aa:37:e8:28:c7:bf:09:aa:a0:
ae:73:5a:04:ab:34:c2:3d:65:38:33:c4:0e:36:19:2e:52:3a:
8c:6e:cf:e0:8d:63:c0:d0:71:d2:df:2b:de:40:83:8c:c0:54:
c7:af:fd:7e:7b:bf:d0:b8:0d:8f:f0:c2:fd:56:25:ab:b8:82:
84:3c:9f:5e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUdsKaEdVipok2boRpMQEkVIiOJt4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGYxYzBmZTRiM2IwNGQwMWRhYmFmYjRhNzI5ZmQ4Y2FkMzBjNjE5NGZhMzhm
NmVmNzE5NDk0MWJmZTYyMWQ1ZWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ1EXPaSUPGCty6Mpz5VOigDe0BSyYWzq0UVyCYbIkq/2vJ5ZwcQ8cBLMbYU
fW6ei5wPmqrik7tJONkAk1v5xV2yhDfolgvIh1tLX8hosg9mfbS7/bqWrzIaetxD
F7mF+ioIM8M6KhPhY4KK0N6mnvtI8Yo+DtgiquZ3GnV7UON6HkBzLWcvjtjpJ3R2
TFYKLD4BrFk4sHY4PLy5lPLdy3YobWTa9E2dJQFxNSgxQwmcV5jHrkaG0DoFNPLM
5I5S3uUTnYVG5LyBX1qdIeIGKfh9chvKerrQZoYycptA8Cw0RVvyLX0ifzc6AbYi
+tJ4lwalb7wqU5+v9+9VINcjgzMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8JQY6
9PLkLSymt6XIKTyaHhSnqzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWMxNTA5YjgtYTk0Yy00N2VjLTliODEtYTNjM2I0YjJhZTYzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DBQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCgJ530wwhNRoUPSxNgndqGtifL8S49U6Y67+2G
iQnB+umUBLcryvo1sCa5KoNOT3t+ozsugbgocQuyqdmNzgBB5dYiR3tpidMZuMV6
e2p2BU8zI8SeW8bPnbJj/wrspWnE4MRys8uwJDu/E90da1dGe2huC6XqjqZvS4s5
NElM3SPZyG7VIehJh2h0X5ai9j/8SPMj1U5RdG5/BOfYPjfr7eqjlCYlFeFqfN4F
p7NMvLiBaqfQ5rntKEbxs5KqN+gox78JqqCuc1oEqzTCPWU4M8QONhkuUjqMbs/g
jWPA0HHS3yveQIOMwFTHr/1+e7/QuA2P8ML9ViWruIKEPJ9e
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:25 2025 by rpki-client