Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f34cfc31-b247-42da-9f56-1837e0a020e9.roa
File: f34cfc31-b247-42da-9f56-1837e0a020e9.roa (raw, json)
Hash identifier: WKe3Zr+ty0nsM30m3sqXly6Xi3KETRDOWnHjLpgliOg=
Subject key identifier: 0C:A5:47:15:27:10:74:38:77:C9:AC:B9:B4:EE:AE:20:12:C4:72:FC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 30B1D4436463DC8DBF366FBB15DC03452B69DCA6
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f34cfc31-b247-42da-9f56-1837e0a020e9.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:2040::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:b1:d4:43:64:63:dc:8d:bf:36:6f:bb:15:dc:03:45:2b:69:dc:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=a776bb5eb66d3ffe0c3572e4239701ded9ededf45353266469977fd1b27951d0, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:67:a6:32:38:66:fb:8e:db:7b:94:a8:78:72:
49:53:e7:ee:a5:7a:84:cc:2a:cf:a8:99:73:36:40:
49:12:ad:95:31:b5:87:23:82:bd:d4:cd:14:ea:57:
12:4f:5a:a0:19:49:f5:b7:5a:c6:62:dc:aa:ae:3c:
8e:1a:4d:fb:ae:4a:43:fa:9c:3d:fd:ef:96:c8:64:
ab:35:63:ae:69:d8:0f:39:f0:1a:4f:12:5f:2d:8b:
b2:e9:d0:78:33:21:f0:00:53:b6:d8:af:72:1b:97:
05:fe:5c:3d:ae:3e:80:36:20:6a:0e:0e:eb:0f:72:
69:f8:82:f6:33:d1:8b:7f:cf:63:cc:55:82:44:ac:
4a:32:f5:e6:5c:9b:ca:9f:22:6a:b9:24:5d:0b:b9:
9a:f2:ad:76:6f:e8:e7:e8:d0:7c:fb:ae:2d:cf:ac:
c6:a1:f0:e9:14:90:d5:6d:a6:70:9e:29:68:df:7a:
05:0d:32:6f:b0:11:09:9b:66:bf:1b:f7:3f:2b:3d:
89:11:8f:43:d9:de:30:88:de:c6:80:89:5a:08:82:
7d:4f:f7:c2:6e:09:81:6e:58:54:f6:e5:d3:9f:0d:
fa:02:80:8e:50:4c:9a:dd:75:5b:f7:81:32:ce:75:
8b:62:85:2d:21:65:22:f4:83:b4:4f:f6:33:f0:ee:
7c:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A5:47:15:27:10:74:38:77:C9:AC:B9:B4:EE:AE:20:12:C4:72:FC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f34cfc31-b247-42da-9f56-1837e0a020e9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:2040::/46
Signature Algorithm: sha256WithRSAEncryption
90:a8:86:bb:19:a8:9d:a8:ae:fa:c2:a5:4b:58:a8:b4:0b:df:
19:1d:f5:d1:8f:54:df:20:d0:ea:52:6e:14:41:9e:c1:0d:c8:
ab:8a:c2:d6:86:1b:0e:a4:30:82:9a:3b:f7:36:71:1f:40:cf:
4c:44:73:ce:1d:cd:5a:72:53:74:4d:62:7f:54:bd:7b:83:a8:
d3:c4:49:8f:36:52:82:87:19:97:2c:96:9e:78:9a:da:4a:f0:
d8:9e:f9:10:5b:66:6e:79:89:2a:d1:be:40:bb:02:a9:c1:c5:
51:81:59:b6:95:e9:ea:fe:6e:c9:76:24:9c:fc:ae:dd:fc:ff:
92:aa:ee:17:30:de:7f:4c:23:29:3e:1a:4f:38:98:6d:83:4d:
b8:82:63:3e:c3:7f:72:34:0d:a6:6f:d9:a8:57:de:b2:7c:59:
5c:08:27:f4:57:2c:c5:ef:5c:26:3d:53:1b:d4:2d:a1:f9:f5:
7e:eb:60:39:64:14:e2:9d:1b:51:50:ff:84:1f:2c:d8:4e:af:
7f:55:00:57:e2:0f:b5:58:ad:6f:70:06:68:b3:31:5a:73:a8:
b0:8a:9a:ef:19:d9:70:01:52:8d:dc:39:05:c6:4d:a1:9b:04:
76:ce:47:87:59:fb:05:04:0e:58:d2:99:07:d9:6a:13:9e:ca:
5f:ef:51:c8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMLHUQ2Rj3I2/Nm+7FdwDRStp3KYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE3NzZiYjVlYjY2ZDNmZmUwYzM1NzJlNDIzOTcwMWRlZDllZGVkZjQ1MzUz
MjY2NDY5OTc3ZmQxYjI3OTUxZDAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNnpjI4ZvuO23uUqHhySVPn7qV6hMwqz6iZczZASRKtlTG1hyOCvdTNFOpX
Ek9aoBlJ9bdaxmLcqq48jhpN+65KQ/qcPf3vlshkqzVjrmnYDznwGk8SXy2LsunQ
eDMh8ABTttivchuXBf5cPa4+gDYgag4O6w9yafiC9jPRi3/PY8xVgkSsSjL15lyb
yp8iarkkXQu5mvKtdm/o5+jQfPuuLc+sxqHw6RSQ1W2mcJ4paN96BQ0yb7ARCZtm
vxv3Pys9iRGPQ9neMIjexoCJWgiCfU/3wm4JgW5YVPbl058N+gKAjlBMmt11W/eB
Ms51i2KFLSFlIvSDtE/2M/DufK8CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQMpUcV
JxB0OHfJrLm07q4gEsRy/DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjM0Y2ZjMzEtYjI0Ny00MmRhLTlmNTYtMTgzN2UwYTAyMGU5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DAg
QDANBgkqhkiG9w0BAQsFAAOCAQEAkKiGuxmonaiu+sKlS1iotAvfGR310Y9U3yDQ
6lJuFEGewQ3Iq4rC1oYbDqQwgpo79zZxH0DPTERzzh3NWnJTdE1if1S9e4Oo08RJ
jzZSgocZlyyWnnia2krw2J75EFtmbnmJKtG+QLsCqcHFUYFZtpXp6v5uyXYknPyu
3fz/kqruFzDef0wjKT4aTziYbYNNuIJjPsN/cjQNpm/ZqFfesnxZXAgn9Fcsxe9c
Jj1TG9Qtofn1futgOWQU4p0bUVD/hB8s2E6vf1UAV+IPtVitb3AGaLMxWnOosIqa
7xnZcAFSjdw5BcZNoZsEds5Hh1n7BQQOWNKZB9lqE57KX+9RyA==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:10:57 2025 by rpki-client