Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a910c116-6f9b-43da-ab6c-c408fd69bf5b.roa
File: a910c116-6f9b-43da-ab6c-c408fd69bf5b.roa (raw, json)
Hash identifier: VocvnPWgnMg+d+pgDFeSs1DuYiCy0lLAmnkWcucWxis=
Subject key identifier: C8:45:25:C5:45:3B:67:1E:29:A5:50:EB:6D:13:91:1D:AD:B1:B2:95
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DDAC3B67F4408F319FAC7D7ADE8ED7D3DDCB6B0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a910c116-6f9b-43da-ab6c-c408fd69bf5b.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030::/32 maxlen: 32
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:da:c3:b6:7f:44:08:f3:19:fa:c7:d7:ad:e8:ed:7d:3d:dc:b6:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=01010e1db3f0ce8713af2ea6044a66e38165b0715b60a25f35138cdbca6a4ccd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0e:52:2d:f6:73:db:30:a1:57:94:3d:ea:7d:
56:df:e9:9b:8e:50:f1:b6:5c:92:df:ed:02:7b:68:
f6:b3:a3:0c:b4:4e:fa:20:e3:df:ab:a9:7d:dd:73:
a4:c3:06:a9:29:cd:41:9f:00:5d:1a:e9:83:13:de:
48:68:c7:a8:55:ae:e5:ab:c9:5b:08:4b:a6:85:a6:
bf:56:16:2d:a7:0d:dc:54:41:06:d6:b5:37:32:f8:
01:01:fa:12:3f:16:dd:23:06:ab:a6:39:c1:7f:0b:
eb:04:fa:9d:74:3b:e2:a1:e6:cf:8e:89:e9:67:2e:
08:fc:76:f3:ca:6d:1e:4b:62:62:71:b9:78:ad:79:
df:b2:0b:7d:34:2f:1f:30:ea:9f:e6:23:d9:9e:fe:
6d:ba:2e:e7:78:59:95:47:ab:7b:ad:b0:1f:32:b8:
a5:66:e3:92:a3:35:e8:11:de:a6:38:65:1d:92:a2:
2d:3c:17:a2:14:e3:96:1d:6b:c7:86:4f:d3:0a:74:
39:f1:bf:37:2c:53:e8:03:b9:4f:4d:47:4d:36:69:
5f:29:3f:c7:35:6e:1a:ad:44:70:1b:f1:dc:45:10:
77:64:b6:e6:3e:15:b3:17:ad:e1:b4:d5:a7:88:3a:
c8:44:68:10:d5:47:c8:fb:dc:f5:b8:33:2d:5d:86:
57:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C8:45:25:C5:45:3B:67:1E:29:A5:50:EB:6D:13:91:1D:AD:B1:B2:95
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a910c116-6f9b-43da-ab6c-c408fd69bf5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030::/32
Signature Algorithm: sha256WithRSAEncryption
45:84:69:74:27:37:52:f2:71:15:ac:db:5c:0c:20:10:91:88:
25:81:c3:a4:4d:07:db:d5:89:a7:d0:09:b8:fc:3b:01:fb:c1:
52:9f:2b:47:85:e0:99:93:64:a1:b9:05:5d:ab:49:b7:b6:06:
d2:44:c5:b4:63:8d:08:27:8f:49:b8:a6:be:87:a5:1e:c7:49:
8b:8c:ac:d1:b2:f5:33:32:9e:b1:5e:27:ae:8f:d9:bb:58:4c:
6b:82:d5:a9:4f:bf:78:39:04:12:47:b8:f2:f8:46:74:13:18:
85:95:ce:54:f5:5d:96:5b:43:cd:de:e7:d4:99:20:b9:e1:4d:
d0:2b:45:09:2a:83:65:1d:dd:44:5e:36:d9:0d:97:d6:33:ce:
ee:ac:6c:78:3b:55:37:25:38:31:6b:9a:a6:c0:16:98:21:84:
dd:c4:12:ae:96:61:f9:cb:5a:d1:cf:aa:4a:87:8a:99:5e:92:
ba:89:4c:99:25:43:4a:06:3b:d6:72:b1:76:57:ac:e2:3a:2e:
ec:44:36:7e:9a:1a:80:92:f7:2c:ba:4d:a1:40:9c:02:5f:b2:
2e:b8:f6:18:d9:23:33:87:3e:99:d5:6e:f0:6c:0e:cf:78:31:
26:82:29:c7:f8:2e:e2:08:c4:21:5c:8b:38:0d:8d:1d:22:63:
32:ab:6c:ec
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgIUHdrDtn9ECPMZ+sfXrejtfT3ctrAwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDAxMDEwZTFkYjNmMGNlODcxM2FmMmVhNjA0NGE2NmUzODE2NWIwNzE1YjYw
YTI1ZjM1MTM4Y2RiY2E2YTRjY2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMcOUi32c9swoVeUPep9Vt/pm45Q8bZckt/tAnto9rOjDLRO+iDj36upfd1z
pMMGqSnNQZ8AXRrpgxPeSGjHqFWu5avJWwhLpoWmv1YWLacN3FRBBta1NzL4AQH6
Ej8W3SMGq6Y5wX8L6wT6nXQ74qHmz46J6WcuCPx288ptHktiYnG5eK1537ILfTQv
HzDqn+Yj2Z7+bbou53hZlUere62wHzK4pWbjkqM16BHepjhlHZKiLTwXohTjlh1r
x4ZP0wp0OfG/NyxT6AO5T01HTTZpXyk/xzVuGq1EcBvx3EUQd2S25j4Vsxet4bTV
p4g6yERoENVHyPvc9bgzLV2GV3kCAwEAAaOCAiIwggIeMB0GA1UdDgQWBBTIRSXF
RTtnHimlUOttE5EdrbGylTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTkxMGMxMTYtNmY5Yi00M2RhLWFiNmMtYzQwOGZkNjliZjViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAgBggrBgEFBQcBBwEB/wQRMA8wDQQCAAIwBwMFACoF0DAw
DQYJKoZIhvcNAQELBQADggEBAEWEaXQnN1LycRWs21wMIBCRiCWBw6RNB9vViafQ
Cbj8OwH7wVKfK0eF4JmTZKG5BV2rSbe2BtJExbRjjQgnj0m4pr6HpR7HSYuMrNGy
9TMynrFeJ66P2btYTGuC1alPv3g5BBJHuPL4RnQTGIWVzlT1XZZbQ83e59SZILnh
TdArRQkqg2Ud3UReNtkNl9Yzzu6sbHg7VTclODFrmqbAFpghhN3EEq6WYfnLWtHP
qkqHiplekrqJTJklQ0oGO9ZysXZXrOI6LuxENn6aGoCS9yy6TaFAnAJfsi649hjZ
IzOHPpnVbvBsDs94MSaCKcf4LuIIxCFcizgNjR0iYzKrbOw=
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:21 2025 by rpki-client