Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f38d5e95-0ee3-454a-846f-d7ca6fc64fc0.roa
File: f38d5e95-0ee3-454a-846f-d7ca6fc64fc0.roa (raw, json)
Hash identifier: CIFeDjcgbpALdNs25OFALeWQO8srChisYsXaO7sAyb0=
Subject key identifier: 32:64:A1:75:03:C5:21:BC:5F:A9:2A:57:00:9F:EE:FE:A7:BB:DD:8E
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 607D619EDE021C735035B64A9F35C0E584E988FD
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f38d5e95-0ee3-454a-846f-d7ca6fc64fc0.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:9000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:7d:61:9e:de:02:1c:73:50:35:b6:4a:9f:35:c0:e5:84:e9:88:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=1af2c4cb54f09905d05519521b7a00fd3deb47d771f18436bc075d7dd104fd62, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:55:5f:8c:d9:58:bd:00:d7:e2:73:ee:61:ec:
c9:3a:53:1a:47:2b:9d:e6:15:5f:77:fe:07:bb:50:
1d:53:5b:43:b3:e5:aa:97:57:11:cf:ba:af:62:16:
fb:b0:e9:97:34:7f:9b:45:75:89:80:76:0b:5a:9b:
25:06:6c:b9:d1:e6:fa:cb:50:0c:e0:d3:51:e5:50:
83:31:43:7f:de:2a:34:65:64:d4:40:46:fe:4b:5b:
fe:56:ee:65:05:12:b4:50:27:f3:6b:d9:92:81:80:
99:0d:b8:7b:09:dd:71:86:41:bf:f3:76:76:d4:74:
9e:c2:9a:1d:2a:b5:4b:3c:50:ac:6d:6a:de:af:79:
50:85:78:24:ab:79:46:fa:05:ac:f3:ae:0c:88:8e:
75:e3:0b:b7:f3:34:86:09:7e:27:d0:2a:5e:14:7f:
d3:53:3a:0f:e7:8c:4c:a4:2a:34:0c:c2:eb:a9:c6:
a3:d9:f8:53:3c:95:70:27:1f:7c:5f:93:86:48:bb:
4b:07:0e:e2:01:54:fa:b9:7b:95:55:21:02:87:3b:
36:e9:52:c1:0a:6f:73:44:b0:73:0d:55:0e:4f:83:
c0:88:5b:3f:33:a9:1c:fa:84:47:4a:05:04:2a:b0:
5c:58:23:4e:b0:f3:07:e3:ef:5e:aa:3d:3a:14:f9:
52:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:64:A1:75:03:C5:21:BC:5F:A9:2A:57:00:9F:EE:FE:A7:BB:DD:8E
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f38d5e95-0ee3-454a-846f-d7ca6fc64fc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:9000::/40
Signature Algorithm: sha256WithRSAEncryption
3b:c8:d8:f9:cc:dd:98:67:94:9d:6e:b3:c9:93:8c:06:51:a6:
7c:4c:ee:b2:27:3f:1b:bb:81:66:20:5c:54:37:72:54:11:d7:
d6:fd:7e:8b:ac:24:a7:c6:5d:26:12:87:c1:35:c8:b9:db:d4:
83:cd:59:17:06:6e:ea:58:d4:c9:cd:51:8b:40:ee:96:a9:6d:
df:47:af:8b:55:35:0e:67:08:7e:f2:25:34:ae:89:6d:c8:f7:
41:69:d7:bc:80:a4:fe:f0:6e:85:34:45:92:8c:b4:6c:ef:fb:
0d:e4:3a:3c:e4:29:1f:97:15:91:58:2e:df:be:c0:21:37:51:
9b:fe:2d:b8:3c:bb:14:90:7c:c8:1e:8f:7d:81:ff:bc:26:58:
08:ac:d6:c0:2e:ae:e5:f0:bc:5a:f1:75:e9:da:c1:30:d1:0b:
36:54:eb:77:e5:01:73:47:8b:ce:2a:00:e3:e1:a2:fc:38:e7:
a9:30:bd:0a:40:bd:d6:cb:5c:47:a1:75:5c:9f:1e:5a:bf:1c:
ea:ab:b7:24:5e:5e:a8:d7:14:d6:22:b2:63:91:51:07:20:20:
16:0d:2b:c9:62:b2:67:4e:8d:63:20:86:02:5f:f1:84:c5:22:
24:74:53:b1:a6:3f:10:a6:cd:e6:19:4b:9f:e0:1d:86:b0:6f:
51:18:66:0b
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUYH1hnt4CHHNQNbZKnzXA5YTpiP0wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDFhZjJjNGNiNTRmMDk5MDVkMDU1MTk1MjFiN2EwMGZkM2RlYjQ3ZDc3MWYx
ODQzNmJjMDc1ZDdkZDEwNGZkNjIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAK1VX4zZWL0A1+Jz7mHsyTpTGkcrneYVX3f+B7tQHVNbQ7PlqpdXEc+6r2IW
+7DplzR/m0V1iYB2C1qbJQZsudHm+stQDODTUeVQgzFDf94qNGVk1EBG/ktb/lbu
ZQUStFAn82vZkoGAmQ24ewndcYZBv/N2dtR0nsKaHSq1SzxQrG1q3q95UIV4JKt5
RvoFrPOuDIiOdeMLt/M0hgl+J9AqXhR/01M6D+eMTKQqNAzC66nGo9n4UzyVcCcf
fF+Thki7SwcO4gFU+rl7lVUhAoc7NulSwQpvc0Swcw1VDk+DwIhbPzOpHPqER0oF
BCqwXFgjTrDzB+PvXqo9OhT5UsMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQyZKF1
A8UhvF+pKlcAn+7+p7vdjjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjM4ZDVlOTUtMGVlMy00NTRhLTg0NmYtZDdjYTZmYzY0ZmMwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCQ
MA0GCSqGSIb3DQEBCwUAA4IBAQA7yNj5zN2YZ5SdbrPJk4wGUaZ8TO6yJz8bu4Fm
IFxUN3JUEdfW/X6LrCSnxl0mEofBNci529SDzVkXBm7qWNTJzVGLQO6WqW3fR6+L
VTUOZwh+8iU0roltyPdBade8gKT+8G6FNEWSjLRs7/sN5Do85CkflxWRWC7fvsAh
N1Gb/i24PLsUkHzIHo99gf+8JlgIrNbALq7l8Lxa8XXp2sEw0Qs2VOt35QFzR4vO
KgDj4aL8OOepML0KQL3Wy1xHoXVcnx5avxzqq7ckXl6o1xTWIrJjkVEHICAWDSvJ
YrJnTo1jIIYCX/GExSIkdFOxpj8Qps3mGUuf4B2GsG9RGGYL
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:08:11 2025 by rpki-client