Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa
File: a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa (raw, json)
Hash identifier: HJZjUZkg7ENhLxyvG/NfQWCcqZ6XzPD5M838BpHalE0=
Subject key identifier: A6:FA:68:0F:93:83:6D:27:74:9E:C5:8C:FF:D7:65:85:48:F0:4A:63
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1B5ED1ADDA3EF324410484F3AED207BC02D4BAB2
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d035:1000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:5e:d1:ad:da:3e:f3:24:41:04:84:f3:ae:d2:07:bc:02:d4:ba:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=86a5ffdd2a2518361bfcc34e1569c7a760507b23a62606612aa3410d8c2849aa, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:43:d9:d3:40:7b:80:fc:3a:a4:b3:95:8b:eb:
c0:3d:61:0c:ca:36:a3:4f:ab:28:0e:df:39:84:eb:
61:8e:24:33:93:31:6e:91:30:50:67:57:ac:13:34:
0d:44:10:9c:75:cf:3b:80:b4:b2:80:82:f8:ff:c9:
58:e9:26:1b:3a:82:28:6f:5f:0a:7f:e6:c2:09:53:
a9:d2:fe:56:21:92:8b:77:5a:a1:0b:4c:c3:9e:2c:
f4:73:bd:18:5a:ac:34:66:72:ca:14:08:24:9b:7d:
e8:b8:a1:f4:0d:21:ee:0d:d8:ba:fe:ac:43:bd:89:
b6:49:02:3b:a6:a1:94:f5:f6:c9:ff:b7:a3:df:12:
17:e8:8f:4c:ac:3e:a7:8e:64:9e:38:5b:3b:af:40:
72:9e:9c:bc:3a:3d:65:7b:8e:42:e4:60:f3:95:c9:
5a:60:43:87:4a:56:a9:75:6c:2c:28:9d:5e:ea:24:
d0:1a:ee:e6:bc:55:ec:83:f8:c1:11:1a:5a:37:76:
6e:7d:03:11:36:eb:cb:95:8b:c0:5e:8b:de:a1:ae:
7e:cc:97:78:13:66:ac:82:7d:ff:1d:f7:b7:48:a6:
63:59:6c:28:97:0e:a0:3b:41:30:f9:31:36:d6:7d:
30:0c:9f:85:43:21:05:41:72:5b:56:49:9d:b9:7c:
e6:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:FA:68:0F:93:83:6D:27:74:9E:C5:8C:FF:D7:65:85:48:F0:4A:63
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a380f4dc-ddaf-44f7-adac-c908e52ec48c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d035:1000::/40
Signature Algorithm: sha256WithRSAEncryption
b9:44:b6:48:4a:bb:7e:ff:09:4f:32:90:48:6b:09:08:53:1f:
51:72:10:22:2c:f9:bb:9c:7f:21:c2:8a:4e:f5:d9:0d:99:62:
a7:ad:7b:1f:23:78:e4:d4:ed:e6:fc:e7:df:42:6d:2b:1e:1a:
29:80:6a:7e:b9:f2:bd:99:a4:fd:f3:f9:9e:9a:7c:a3:c0:99:
e8:73:51:f7:8b:21:c1:77:27:46:09:e9:e8:84:09:02:96:3f:
39:10:bb:6f:45:7d:f3:1e:72:19:c3:58:fa:58:90:ff:be:11:
f9:0b:03:92:fe:d3:2b:49:78:3e:aa:80:e8:c1:5c:1b:3b:e2:
c4:a8:70:25:0e:53:59:be:a4:e7:c6:40:f0:58:23:1b:b4:90:
72:f1:16:c6:97:f4:b6:fe:ba:c7:97:3e:4b:e0:01:37:d7:10:
83:bb:b7:10:fb:2a:15:ce:1b:1d:25:c3:6c:a6:39:f9:ba:4c:
6f:9a:01:3f:b0:2e:f3:0d:d2:f0:1d:cf:3f:cd:ff:c8:fd:b8:
49:ca:d3:a7:4b:38:6e:25:72:92:dc:2c:a9:aa:ca:1e:d2:6a:
b0:d0:a8:50:3b:84:a5:f1:b5:c7:c7:c8:1e:d5:35:77:a4:a5:
26:d1:13:e7:71:0b:94:41:73:07:f2:48:65:32:0b:36:ec:92:
df:d2:5a:92
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUG17Rrdo+8yRBBITzrtIHvALUurIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDg2YTVmZmRkMmEyNTE4MzYxYmZjYzM0ZTE1NjljN2E3NjA1MDdiMjNhNjI2
MDY2MTJhYTM0MTBkOGMyODQ5YWExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOdD2dNAe4D8OqSzlYvrwD1hDMo2o0+rKA7fOYTrYY4kM5MxbpEwUGdXrBM0
DUQQnHXPO4C0soCC+P/JWOkmGzqCKG9fCn/mwglTqdL+ViGSi3daoQtMw54s9HO9
GFqsNGZyyhQIJJt96Lih9A0h7g3Yuv6sQ72JtkkCO6ahlPX2yf+3o98SF+iPTKw+
p45knjhbO69Acp6cvDo9ZXuOQuRg85XJWmBDh0pWqXVsLCidXuok0Bru5rxV7IP4
wREaWjd2bn0DETbry5WLwF6L3qGufsyXeBNmrIJ9/x33t0imY1lsKJcOoDtBMPkx
NtZ9MAyfhUMhBUFyW1ZJnbl85vcCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSm+mgP
k4NtJ3SexYz/12WFSPBKYzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTM4MGY0ZGMtZGRhZi00NGY3LWFkYWMtYzkwOGU1MmVjNDhjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DUQ
MA0GCSqGSIb3DQEBCwUAA4IBAQC5RLZISrt+/wlPMpBIawkIUx9RchAiLPm7nH8h
wopO9dkNmWKnrXsfI3jk1O3m/OffQm0rHhopgGp+ufK9maT98/memnyjwJnoc1H3
iyHBdydGCenohAkClj85ELtvRX3zHnIZw1j6WJD/vhH5CwOS/tMrSXg+qoDowVwb
O+LEqHAlDlNZvqTnxkDwWCMbtJBy8RbGl/S2/rrHlz5L4AE31xCDu7cQ+yoVzhsd
JcNspjn5ukxvmgE/sC7zDdLwHc8/zf/I/bhJytOnSzhuJXKS3Cypqsoe0mqw0KhQ
O4Sl8bXHx8ge1TV3pKUm0RPncQuUQXMH8khlMgs27JLf0lqS
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:22 2025 by rpki-client