Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d33501f4-37b1-436c-b8e9-4674e1466304.roa
File: d33501f4-37b1-436c-b8e9-4674e1466304.roa (raw, json)
Hash identifier: vb0ns6DSJnG/0CgHgvBM3CIn18/jxKutyhFpoOe2qPA=
Subject key identifier: A0:C5:D7:56:64:DE:57:E9:8F:2A:55:49:28:B9:C1:80:7E:D8:57:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F44BFA833DFD7AC1A7B1A0FA77CC986F96D6AEB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d33501f4-37b1-436c-b8e9-4674e1466304.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:6000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:44:bf:a8:33:df:d7:ac:1a:7b:1a:0f:a7:7c:c9:86:f9:6d:6a:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=d05a3117c366bfe647d800346b2c03b981ed640efd4a1edfb020cf266b52494d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:b7:09:2e:4e:a4:b9:e1:55:17:9d:8a:af:fd:
ee:66:b7:62:05:a8:3e:98:65:f6:f7:f1:b1:6f:1c:
b4:ea:66:35:57:81:18:47:3e:d6:f6:3a:04:5a:a0:
69:d1:3e:c8:f3:9a:46:77:d8:ee:b9:7e:ee:61:e9:
22:ba:d7:5d:8b:7b:d8:ad:cc:63:93:05:be:5e:b4:
f1:31:d8:78:27:ed:a2:40:0a:2c:d1:a6:a4:7e:a8:
52:55:c7:b1:44:7d:ea:4e:d3:74:67:28:7d:c2:fe:
50:7c:a0:22:7c:b7:71:f5:55:c5:9d:84:30:98:e3:
35:b4:9a:22:a7:4c:09:81:ad:18:7f:af:2e:c6:1c:
e6:d9:ff:14:8d:df:db:2c:cb:80:8a:d4:f9:0d:58:
9a:21:85:30:58:95:f3:9b:61:75:f8:5c:08:79:d2:
23:e8:69:9b:05:4c:b2:eb:22:9f:c9:4f:0e:1a:39:
5e:bc:40:2e:ce:45:d2:b3:7b:b9:22:02:4f:8a:eb:
8a:bc:e7:34:f7:5a:9e:49:7f:0f:e8:1f:71:23:b3:
87:d4:40:a8:e0:33:32:dc:a2:e8:c2:0c:69:84:c7:
ab:8e:46:6f:61:ec:0a:67:0d:5d:5d:51:58:ff:e1:
65:5a:09:66:e2:85:ce:bc:71:f6:32:4f:93:75:dc:
67:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:C5:D7:56:64:DE:57:E9:8F:2A:55:49:28:B9:C1:80:7E:D8:57:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d33501f4-37b1-436c-b8e9-4674e1466304.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:6000::/40
Signature Algorithm: sha256WithRSAEncryption
41:97:a0:ba:b4:7f:8e:38:7f:7c:57:38:71:5d:98:9a:8c:95:
a7:cd:95:71:a1:a6:f9:04:b7:c9:c9:a5:9c:30:61:1f:08:46:
98:24:57:de:68:e6:fd:c7:78:6d:d4:93:aa:1b:54:80:09:52:
6a:b4:bb:88:03:e9:96:03:2b:33:a9:63:ed:4c:d4:3d:36:5b:
ba:df:a6:e1:d3:51:9c:05:0d:0c:d8:63:b3:6a:1a:99:eb:28:
2f:c8:70:6c:89:a0:18:16:01:b4:c0:1c:05:23:2d:2c:84:86:
47:dd:05:ee:2e:48:02:a2:ce:a6:26:04:c1:3f:67:2b:09:99:
3f:a9:16:02:99:fd:ba:ba:60:03:34:f2:03:35:f8:21:0e:84:
f5:8f:75:28:db:a3:1b:b9:4c:0a:ff:9e:72:1f:9e:24:b2:3b:
df:8c:09:fa:5c:e6:6b:29:85:98:54:c4:af:8e:0e:66:e2:82:
5b:07:40:fb:07:cf:6a:d0:27:f3:77:b7:92:84:78:79:2e:6f:
88:5b:62:ba:2b:47:7f:c2:d8:f0:db:29:e8:98:a6:bb:35:2f:
a6:19:34:85:94:c3:b5:05:d9:f3:b9:52:ef:79:2e:6a:29:fa:
f8:2d:31:59:84:12:6c:53:cb:23:86:8a:06:0d:c6:1f:7b:20:
0a:20:a8:24
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH0S/qDPf16waexoPp3zJhvltauswDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGQwNWEzMTE3YzM2NmJmZTY0N2Q4MDAzNDZiMmMwM2I5ODFlZDY0MGVmZDRh
MWVkZmIwMjBjZjI2NmI1MjQ5NGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ23CS5OpLnhVRediq/97ma3YgWoPphl9vfxsW8ctOpmNVeBGEc+1vY6BFqg
adE+yPOaRnfY7rl+7mHpIrrXXYt72K3MY5MFvl608THYeCftokAKLNGmpH6oUlXH
sUR96k7TdGcofcL+UHygIny3cfVVxZ2EMJjjNbSaIqdMCYGtGH+vLsYc5tn/FI3f
2yzLgIrU+Q1YmiGFMFiV85thdfhcCHnSI+hpmwVMsusin8lPDho5XrxALs5F0rN7
uSICT4rrirznNPdankl/D+gfcSOzh9RAqOAzMtyi6MIMaYTHq45Gb2HsCmcNXV1R
WP/hZVoJZuKFzrxx9jJPk3XcZ/kCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSgxddW
ZN5X6Y8qVUkoucGAfthXBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDMzNTAxZjQtMzdiMS00MzZjLWI4ZTktNDY3NGUxNDY2MzA0LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dpg
MA0GCSqGSIb3DQEBCwUAA4IBAQBBl6C6tH+OOH98VzhxXZiajJWnzZVxoab5BLfJ
yaWcMGEfCEaYJFfeaOb9x3ht1JOqG1SACVJqtLuIA+mWAyszqWPtTNQ9Nlu636bh
01GcBQ0M2GOzahqZ6ygvyHBsiaAYFgG0wBwFIy0shIZH3QXuLkgCos6mJgTBP2cr
CZk/qRYCmf26umADNPIDNfghDoT1j3Uo26MbuUwK/55yH54ksjvfjAn6XOZrKYWY
VMSvjg5m4oJbB0D7B89q0Cfzd7eShHh5Lm+IW2K6K0d/wtjw2ynomKa7NS+mGTSF
lMO1BdnzuVLveS5qKfr4LTFZhBJsU8sjhooGDcYfeyAKIKgk
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:10:54 2025 by rpki-client