Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a936626d-d488-4592-873a-b340b1b23c31.roa
File: a936626d-d488-4592-873a-b340b1b23c31.roa (raw, json)
Hash identifier: wbGxQAvZ4WG/0fceg1tS++81OVQfhB9TDVs4X9UhX6M=
Subject key identifier: AD:88:4C:98:B0:5F:50:FC:CA:F0:5D:1A:BE:13:6C:CF:6B:2B:5D:25
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3435D4944716DE9C799EF10BA44C8ABC2860EFCA
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a936626d-d488-4592-873a-b340b1b23c31.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:35:d4:94:47:16:de:9c:79:9e:f1:0b:a4:4c:8a:bc:28:60:ef:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=66d867cc9fd882ba0c9a5cb739f1d51b764c60352d4de3df562a9d196612ad2b, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:4c:3c:6d:6f:10:29:f2:cf:33:35:8c:e0:f5:
00:64:80:de:78:b8:d0:10:5b:98:65:41:4f:8d:3c:
28:84:ce:43:c7:15:06:76:5e:a0:35:16:d1:f9:e3:
1b:bf:90:7d:da:a5:be:7e:39:a5:eb:5c:c5:c3:61:
ff:85:98:a9:72:a4:9b:5c:d8:ef:27:c2:90:85:e5:
7b:50:29:5c:b3:55:94:78:c3:02:50:45:70:39:71:
18:f6:bc:0a:bb:0d:d7:c7:13:8b:bd:b2:8f:ba:7b:
13:5c:9e:a2:e8:42:75:1e:85:fe:16:b7:1a:dd:cf:
2a:46:3c:d2:a9:e4:13:c8:a9:b6:ef:49:15:e9:9f:
de:33:8f:cb:6a:66:71:9f:e5:65:a8:5a:90:6d:b4:
2e:e4:3c:8c:23:49:53:b4:b3:6c:58:7a:2b:7d:40:
0d:4f:ac:4f:70:56:54:1c:b9:92:76:64:1f:dc:4e:
f5:fd:ee:3f:72:44:17:8b:cd:77:c6:25:ea:20:79:
d9:b1:8f:14:55:8a:2c:7b:d3:c8:1e:59:09:b9:20:
ef:ed:54:d4:1e:55:20:aa:f9:c6:a6:f5:a2:ad:1d:
00:33:a2:83:0f:a2:d6:91:f1:e2:6a:43:9c:56:81:
51:d0:ee:28:14:c7:1f:93:2a:c8:2a:3d:7a:fc:fc:
11:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:88:4C:98:B0:5F:50:FC:CA:F0:5D:1A:BE:13:6C:CF:6B:2B:5D:25
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/a936626d-d488-4592-873a-b340b1b23c31.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:b000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:3b:88:92:7b:06:33:e8:f9:2b:3c:2e:da:b9:ef:8a:18:7b:
fd:a2:3d:2f:b0:9b:7b:b2:ed:b8:51:81:6b:f1:b3:c0:37:7f:
2a:10:a5:9f:fa:81:30:14:6e:9e:d0:30:d2:dc:e0:3f:b8:5f:
4e:46:d8:21:cf:c5:5e:8a:8f:15:69:83:7f:98:26:18:87:8b:
8f:8b:43:f1:9f:09:08:f3:1f:a1:19:b8:c7:3d:5f:d9:c9:d3:
61:3a:db:35:ae:46:6f:ae:b4:fb:75:31:0e:d7:94:a8:a3:7f:
7b:4d:7c:35:f7:01:43:3e:b0:e1:fd:f6:b9:19:3a:92:e8:e5:
ad:21:f9:4a:f5:28:7d:03:f7:e5:da:67:13:8e:40:fe:ba:ac:
f2:af:1a:72:57:ac:5e:ea:3d:02:ae:96:d3:48:49:0d:2d:03:
5a:83:40:50:b9:6c:41:98:83:4f:40:80:93:b6:35:53:77:91:
ba:db:ed:f4:df:3c:57:7b:b1:5e:19:05:bb:86:aa:d9:48:e1:
e1:8c:da:2f:47:24:7c:5e:80:7f:ab:56:f0:f6:c8:75:63:f5:
2e:4e:a5:51:40:9f:b9:06:6d:f5:c4:fc:d1:38:94:08:be:85:
be:4d:ea:2c:39:dd:fa:8f:28:9c:9f:89:fc:50:04:55:86:c3:
9b:80:7a:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUNDXUlEcW3px5nvELpEyKvChg78owDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDY2ZDg2N2NjOWZkODgyYmEwYzlhNWNiNzM5ZjFkNTFiNzY0YzYwMzUyZDRk
ZTNkZjU2MmE5ZDE5NjYxMmFkMmIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKxMPG1vECnyzzM1jOD1AGSA3ni40BBbmGVBT408KITOQ8cVBnZeoDUW0fnj
G7+Qfdqlvn45petcxcNh/4WYqXKkm1zY7yfCkIXle1ApXLNVlHjDAlBFcDlxGPa8
CrsN18cTi72yj7p7E1yeouhCdR6F/ha3Gt3PKkY80qnkE8iptu9JFemf3jOPy2pm
cZ/lZahakG20LuQ8jCNJU7SzbFh6K31ADU+sT3BWVBy5knZkH9xO9f3uP3JEF4vN
d8Yl6iB52bGPFFWKLHvTyB5ZCbkg7+1U1B5VIKr5xqb1oq0dADOigw+i1pHx4mpD
nFaBUdDuKBTHH5MqyCo9evz8EWsCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBStiEyY
sF9Q/MrwXRq+E2zPaytdJTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YTkzNjYyNmQtZDQ4OC00NTkyLTg3M2EtYjM0MGIxYjIzYzMxLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw
MA0GCSqGSIb3DQEBCwUAA4IBAQDJO4iSewYz6PkrPC7aue+KGHv9oj0vsJt7su24
UYFr8bPAN38qEKWf+oEwFG6e0DDS3OA/uF9ORtghz8Veio8VaYN/mCYYh4uPi0Px
nwkI8x+hGbjHPV/ZydNhOts1rkZvrrT7dTEO15Soo397TXw19wFDPrDh/fa5GTqS
6OWtIflK9Sh9A/fl2mcTjkD+uqzyrxpyV6xe6j0CrpbTSEkNLQNag0BQuWxBmINP
QICTtjVTd5G62+303zxXe7FeGQW7hqrZSOHhjNovRyR8XoB/q1bw9sh1Y/UuTqVR
QJ+5Bm31xPzROJQIvoW+TeosOd36jyicn4n8UARVhsObgHoS
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:10:57 2025 by rpki-client