Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9e683859-27be-4b82-96fb-96b0f22c410a.roa
File: 9e683859-27be-4b82-96fb-96b0f22c410a.roa (raw, json)
Hash identifier: Ap3wbFzbtjw6M09urNrjroEh3sGWSZukySKTL2Lih30=
Subject key identifier: 06:E9:8B:37:52:E2:75:CA:E4:3A:66:D2:07:6B:4F:22:0A:88:9F:85
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 563881B9C8B7ABCBC7AD6FB24ABF0AAB0239C98F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9e683859-27be-4b82-96fb-96b0f22c410a.roa
Signing time: Mon 23 Dec 2024 00:00:00 +0000
ROA not before: Mon 23 Dec 2024 00:00:00 +0000
ROA not after: Mon 27 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d027::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:38:81:b9:c8:b7:ab:cb:c7:ad:6f:b2:4a:bf:0a:ab:02:39:c9:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Dec 23 00:00:00 2024 GMT
Not After : Jan 27 23:59:59 2025 GMT
Subject: serialNumber=30d2ac5e22fa791abaf52f05799d8accbe08e81d4068014a9cce8f19e9588e17, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:66:d8:4f:2d:ab:5a:52:ef:3a:a9:99:63:c9:
d9:25:09:16:db:9a:4c:64:1d:b8:c6:84:3e:03:03:
66:d7:29:99:03:9f:91:c0:77:fe:c6:b5:d4:c6:2b:
07:24:f1:c2:84:31:33:fc:76:99:ff:35:e5:9a:bf:
27:c1:e0:d1:95:72:ac:46:51:5c:03:c0:c2:8d:12:
16:fe:dc:e8:3d:4b:ad:e9:2f:4d:79:fe:f8:c4:16:
d0:75:11:7c:48:74:c3:98:09:8d:d9:97:87:88:26:
24:c7:89:85:90:ed:8d:4e:e5:ca:38:56:8a:94:b3:
bd:46:a2:08:84:cc:78:f6:30:1d:9f:93:7d:71:38:
87:e4:ab:70:11:f7:cb:73:07:73:89:1e:f2:2e:6c:
72:df:66:03:94:3c:97:1c:d3:35:dd:e0:07:a6:fc:
21:c5:69:3e:23:24:0e:13:18:e9:6b:bd:47:ec:48:
e1:99:0b:74:0d:3e:5c:eb:e7:94:da:33:d2:15:83:
cf:da:49:28:06:3f:33:8d:4f:3c:bb:4f:5c:b8:16:
5f:ce:0e:a8:e3:6b:8a:3e:aa:d5:46:aa:22:fb:42:
bd:de:0e:60:33:cd:87:45:61:c3:c0:2c:91:7c:e4:
10:83:85:5c:c5:6b:62:38:55:12:3a:2e:9f:0d:ec:
65:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:E9:8B:37:52:E2:75:CA:E4:3A:66:D2:07:6B:4F:22:0A:88:9F:85
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/9e683859-27be-4b82-96fb-96b0f22c410a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d027::/36
Signature Algorithm: sha256WithRSAEncryption
81:96:bb:3e:c3:70:bb:cd:8f:19:01:29:12:f9:c4:3f:e2:cf:
8c:93:8f:82:f9:66:a1:2c:0d:3a:27:1f:fc:56:85:4f:cf:16:
c7:d7:16:a1:35:6b:9c:da:51:96:60:a6:63:8e:c3:fe:be:eb:
2c:3d:d3:d0:4a:7d:57:e9:41:b6:73:c2:cd:f6:1a:b8:82:3e:
72:80:fd:71:9b:f4:fb:d8:74:9d:d9:c3:71:69:e9:e6:e3:0f:
7f:b1:0d:ca:8f:8d:a8:6a:ab:5e:38:7b:82:91:17:3d:58:6f:
74:13:1d:da:c2:53:31:6f:80:e0:ea:28:d9:5b:7b:e2:a2:38:
f7:88:1e:ae:14:78:3f:72:59:93:7f:af:25:5f:8c:b1:76:af:
e9:51:49:95:d1:39:4e:50:56:82:70:57:02:56:b8:b4:45:f1:
94:5d:f4:92:2d:a5:e3:09:61:0f:38:77:b3:a3:d2:2d:75:e2:
79:05:7a:b4:71:ee:f6:d0:d2:40:dd:fe:86:46:10:16:fd:3c:
14:b7:4b:4b:bb:75:49:fa:26:78:85:5d:3f:69:a6:23:15:d7:
64:28:6c:6e:5e:16:03:32:70:57:bc:cd:68:16:e9:ee:4d:45:
92:30:bc:2c:b6:59:5c:3f:b6:46:73:c5:c0:75:d5:f4:98:d8:
e6:55:2a:61
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVjiBuci3q8vHrW+ySr8KqwI5yY8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNDEyMjMwMDAwMDBaFw0yNTAxMjcyMzU5NTlaMHoxSTBHBgNV
BAUTQDMwZDJhYzVlMjJmYTc5MWFiYWY1MmYwNTc5OWQ4YWNjYmUwOGU4MWQ0MDY4
MDE0YTljY2U4ZjE5ZTk1ODhlMTcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALlm2E8tq1pS7zqpmWPJ2SUJFtuaTGQduMaEPgMDZtcpmQOfkcB3/sa11MYr
ByTxwoQxM/x2mf815Zq/J8Hg0ZVyrEZRXAPAwo0SFv7c6D1LrekvTXn++MQW0HUR
fEh0w5gJjdmXh4gmJMeJhZDtjU7lyjhWipSzvUaiCITMePYwHZ+TfXE4h+SrcBH3
y3MHc4ke8i5sct9mA5Q8lxzTNd3gB6b8IcVpPiMkDhMY6Wu9R+xI4ZkLdA0+XOvn
lNoz0hWDz9pJKAY/M41PPLtPXLgWX84OqONrij6q1UaqIvtCvd4OYDPNh0Vhw8As
kXzkEIOFXMVrYjhVEjounw3sZQ0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQG6Ys3
UuJ1yuQ6ZtIHa08iCoifhTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
OWU2ODM4NTktMjdiZS00YjgyLTk2ZmItOTZiMGYyMmM0MTBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0CcA
MA0GCSqGSIb3DQEBCwUAA4IBAQCBlrs+w3C7zY8ZASkS+cQ/4s+Mk4+C+WahLA06
Jx/8VoVPzxbH1xahNWuc2lGWYKZjjsP+vussPdPQSn1X6UG2c8LN9hq4gj5ygP1x
m/T72HSd2cNxaenm4w9/sQ3Kj42oaqteOHuCkRc9WG90Ex3awlMxb4Dg6ijZW3vi
ojj3iB6uFHg/clmTf68lX4yxdq/pUUmV0TlOUFaCcFcCVri0RfGUXfSSLaXjCWEP
OHezo9ItdeJ5BXq0ce720NJA3f6GRhAW/TwUt0tLu3VJ+iZ4hV0/aaYjFddkKGxu
XhYDMnBXvM1oFunuTUWSMLwstllcP7ZGc8XAddX0mNjmVSph
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:24 2025 by rpki-client