Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da2145b5-6513-419c-a72b-3b41bbdf3573.roa
File: da2145b5-6513-419c-a72b-3b41bbdf3573.roa (raw, json)
Hash identifier: hnZN7KAL1+ZzEtFAVw6fHAg+hkcFDkAzbu7jNFYy5nE=
Subject key identifier: D9:46:96:92:04:EF:B0:C3:C7:00:93:20:33:4A:E0:42:1F:69:4A:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2ED3245EAE52501B11A22DDD3E961D1F3F6B2618
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da2145b5-6513-419c-a72b-3b41bbdf3573.roa
Signing time: Wed 05 Mar 2025 17:31:06 +0000
ROA not before: Wed 05 Mar 2025 17:31:06 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d036:1000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:d3:24:5e:ae:52:50:1b:11:a2:2d:dd:3e:96:1d:1f:3f:6b:26:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 5 17:31:06 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: serialNumber=80e76a0b652390e024ead75fc59b698eec02f1e5e1a0a8d1e0c4fecc9f501595, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:da:f4:99:b2:8b:74:c3:86:2c:9b:f9:be:6d:
26:f8:de:75:b9:82:c2:0b:32:7a:24:43:2e:bb:4a:
cc:71:8f:89:a3:6a:44:99:38:e3:3e:b5:ff:8e:71:
f8:eb:10:52:99:fa:ba:82:3a:98:eb:24:25:73:99:
2e:3f:9b:47:76:2e:b4:79:30:06:4d:e7:d6:17:60:
2a:c9:17:d6:a5:59:f2:ff:13:6b:de:61:da:12:ca:
52:27:18:91:5a:ba:96:1e:96:6a:8c:c3:64:fe:e6:
38:d6:2c:a4:29:9f:80:4a:01:2f:66:d7:85:90:2d:
5c:c2:34:89:67:1a:77:a8:73:3f:e0:c9:95:09:e9:
d7:d9:db:14:11:29:f5:79:44:ea:e6:35:67:14:a3:
ea:93:42:a2:b3:3c:8c:cd:0b:eb:4a:6a:d7:4c:e6:
f0:8a:27:00:df:7c:f2:f0:20:f4:8f:02:4e:55:82:
ed:a3:b7:24:78:1c:9a:96:44:0e:22:b7:50:55:da:
0b:b4:2f:3b:b6:0d:38:e0:22:dc:24:69:ca:19:a6:
67:f7:65:69:b5:09:63:47:2d:7c:59:bd:4a:00:3e:
09:17:75:d4:d5:51:35:76:95:3c:45:c4:dc:1a:d3:
4b:ad:84:ef:23:2c:a0:f7:be:c9:9c:da:c0:73:9b:
8f:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:46:96:92:04:EF:B0:C3:C7:00:93:20:33:4A:E0:42:1F:69:4A:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/da2145b5-6513-419c-a72b-3b41bbdf3573.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d036:1000::/40
Signature Algorithm: sha256WithRSAEncryption
96:6b:c9:22:f5:7b:8f:99:46:46:1c:8a:0a:56:ec:fe:8c:f3:
02:89:04:4e:30:7b:8a:ae:30:53:3b:fd:09:a3:b4:14:40:90:
65:de:9a:6b:5e:47:41:91:f6:af:ff:1a:2b:47:fe:f9:85:1f:
2d:b1:35:a1:2a:56:3a:68:f5:ee:18:d7:ba:3a:33:db:f9:3b:
0d:fd:f1:c6:41:32:82:91:89:40:c6:0d:02:8e:cb:5d:4f:63:
33:74:7e:a8:e4:76:ed:8c:27:28:43:f7:a0:20:83:f0:8d:09:
66:14:75:53:b4:79:98:f3:59:c1:69:2c:c5:4a:ad:1a:d5:46:
a2:7b:65:1f:d9:36:6d:1a:22:c7:e0:07:e3:ab:94:d6:b3:c3:
58:74:2a:d7:aa:0f:e9:55:45:b1:2e:87:b0:b9:11:47:2c:c1:
cd:50:ee:ab:06:24:11:c4:a3:2b:7b:50:aa:fa:02:f6:2a:52:
4c:dc:1d:ee:0c:5e:b6:90:8f:16:65:26:b0:c5:0a:16:3a:b2:
7c:e9:18:cc:03:14:1a:87:22:4e:61:cb:c0:72:2a:3e:19:ff:
f6:31:8e:9a:f2:a5:be:c9:61:d9:15:e5:ee:75:27:5b:17:40:
29:7d:59:1b:7a:48:e3:ef:8c:4f:4c:1e:5d:31:28:48:48:96:
97:d0:1c:64
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULtMkXq5SUBsRoi3dPpYdHz9rJhgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMDUxNzMxMDZaFw0yNTA0MDkyMzU5NTlaMHoxSTBHBgNV
BAUTQDgwZTc2YTBiNjUyMzkwZTAyNGVhZDc1ZmM1OWI2OThlZWMwMmYxZTVlMWEw
YThkMWUwYzRmZWNjOWY1MDE1OTUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOza9Jmyi3TDhiyb+b5tJvjedbmCwgsyeiRDLrtKzHGPiaNqRJk44z61/45x
+OsQUpn6uoI6mOskJXOZLj+bR3YutHkwBk3n1hdgKskX1qVZ8v8Ta95h2hLKUicY
kVq6lh6WaozDZP7mONYspCmfgEoBL2bXhZAtXMI0iWcad6hzP+DJlQnp19nbFBEp
9XlE6uY1ZxSj6pNCorM8jM0L60pq10zm8IonAN988vAg9I8CTlWC7aO3JHgcmpZE
DiK3UFXaC7QvO7YNOOAi3CRpyhmmZ/dlabUJY0ctfFm9SgA+CRd11NVRNXaVPEXE
3BrTS62E7yMsoPe+yZzawHObj2cCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTZRpaS
BO+ww8cAkyAzSuBCH2lKVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZGEyMTQ1YjUtNjUxMy00MTljLWE3MmItM2I0MWJiZGYzNTczLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DYQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCWa8ki9XuPmUZGHIoKVuz+jPMCiQROMHuKrjBT
O/0Jo7QUQJBl3pprXkdBkfav/xorR/75hR8tsTWhKlY6aPXuGNe6OjPb+TsN/fHG
QTKCkYlAxg0CjstdT2MzdH6o5HbtjCcoQ/egIIPwjQlmFHVTtHmY81nBaSzFSq0a
1Uaie2Uf2TZtGiLH4Afjq5TWs8NYdCrXqg/pVUWxLoewuRFHLMHNUO6rBiQRxKMr
e1Cq+gL2KlJM3B3uDF62kI8WZSawxQoWOrJ86RjMAxQahyJOYcvAcio+Gf/2MY6a
8qW+yWHZFeXudSdbF0ApfVkbekjj74xPTB5dMShISJaX0Bxk
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:08:17 2025 by rpki-client