Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd1cfabb-265c-4c4a-bf2f-6254cb33235c.roa
File: fd1cfabb-265c-4c4a-bf2f-6254cb33235c.roa (raw, json)
Hash identifier: I5hqrh3n0ZZUgNnFLMvPiPTuv4rtd2u2vyJUk1bg3iA=
Subject key identifier: C5:3A:6F:2E:D0:88:85:40:52:72:5D:15:C7:D6:C8:56:E4:C1:DA:97
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 187CAC50DCF81032958B7E10F207A969D9FCB343
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd1cfabb-265c-4c4a-bf2f-6254cb33235c.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:60c0::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:7c:ac:50:dc:f8:10:32:95:8b:7e:10:f2:07:a9:69:d9:fc:b3:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=e99e7f20db884e2fc86cc753010cbff31369ff37c47bd86d32f2a18a08c4b49d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:76:0e:42:a8:4a:43:99:c3:aa:d0:ae:ed:7d:
d1:8c:56:59:94:68:a0:5e:71:1d:21:ab:ca:1e:2f:
29:45:28:ec:1c:d4:87:1e:f3:ec:d3:d7:40:f7:60:
1f:b1:63:1a:fc:60:25:83:34:fc:af:8b:e9:f3:a4:
0b:b3:b9:e4:f3:3b:60:ac:33:d5:47:fd:fc:4e:b4:
8d:2f:b3:90:a6:5a:5f:5b:f0:03:22:5e:b8:7e:5d:
b4:6a:39:7f:1a:65:2f:f2:96:ea:6d:c5:74:a2:3b:
85:88:f0:68:83:9a:4b:7b:1a:ac:0d:18:ba:fe:58:
6f:b7:c7:6b:63:95:d9:69:95:58:b5:2e:6d:2b:3e:
f6:52:81:53:fb:26:e1:49:4d:8e:27:0d:d6:62:d0:
5f:6b:88:4a:d5:d0:1f:23:e9:dc:66:91:ec:9a:79:
fb:16:32:35:5c:bd:2b:58:b4:1e:e6:29:60:a5:57:
5d:dc:a8:5f:87:c9:2d:a9:f3:ee:d1:6d:2f:7c:63:
0c:8e:82:cc:55:cc:75:3c:4f:6f:c8:a6:e6:f1:e0:
94:36:08:88:5d:6b:f6:0d:4a:db:c2:d7:09:33:36:
7a:e2:c2:c5:ea:83:99:3f:af:4e:62:e5:16:74:56:
66:8e:44:f6:59:c3:a0:28:4b:ec:43:87:98:22:3f:
7c:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:3A:6F:2E:D0:88:85:40:52:72:5D:15:C7:D6:C8:56:E4:C1:DA:97
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/fd1cfabb-265c-4c4a-bf2f-6254cb33235c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:60c0::/46
Signature Algorithm: sha256WithRSAEncryption
18:83:f3:67:22:fb:01:1a:bf:15:71:fc:68:83:20:b0:93:ae:
6e:2b:ab:0f:9d:38:02:02:6b:6a:ef:d9:9f:dc:3a:e6:e0:48:
76:ca:a9:f1:92:e7:e2:ec:36:48:7e:6a:9c:1f:b9:40:b4:4d:
3b:cf:1e:7b:0c:0c:ba:3e:04:8f:80:29:b0:55:cf:d2:12:0f:
3a:2e:67:64:5d:5f:d6:27:fa:b0:f9:ed:9d:40:4b:aa:f2:98:
db:96:63:ff:19:c4:e4:f6:a0:e0:e5:e8:bc:55:58:78:76:92:
55:09:15:18:f0:19:5f:33:ba:b5:10:ba:3e:19:de:f5:45:15:
da:32:2a:1c:5b:7d:68:af:45:b1:5b:53:b0:d5:57:b2:61:52:
ee:07:22:96:26:b2:1d:50:55:c3:50:82:3f:f5:1e:2d:90:97:
87:b2:75:f6:d5:7e:f2:ea:e0:d3:2e:a5:71:a0:19:89:44:7e:
11:8c:e6:24:fe:be:47:19:5d:be:1e:55:7b:90:63:ad:ad:83:
23:53:56:81:10:51:ea:e8:c5:d0:8d:20:f4:60:40:dc:e8:4e:
a1:8b:fb:e6:ea:c6:4b:19:f4:07:c9:85:d4:42:a6:cb:ba:80:
1a:ec:0d:b4:22:bd:e1:c2:bc:31:e0:c8:6b:0b:87:bc:85:53:
b1:7d:fa:e8
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUGHysUNz4EDKVi34Q8gepadn8s0MwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5OWU3ZjIwZGI4ODRlMmZjODZjYzc1MzAxMGNiZmYzMTM2OWZmMzdjNDdi
ZDg2ZDMyZjJhMThhMDhjNGI0OWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMx2DkKoSkOZw6rQru190YxWWZRooF5xHSGryh4vKUUo7BzUhx7z7NPXQPdg
H7FjGvxgJYM0/K+L6fOkC7O55PM7YKwz1Uf9/E60jS+zkKZaX1vwAyJeuH5dtGo5
fxplL/KW6m3FdKI7hYjwaIOaS3sarA0Yuv5Yb7fHa2OV2WmVWLUubSs+9lKBU/sm
4UlNjicN1mLQX2uIStXQHyPp3GaR7Jp5+xYyNVy9K1i0HuYpYKVXXdyoX4fJLanz
7tFtL3xjDI6CzFXMdTxPb8im5vHglDYIiF1r9g1K28LXCTM2euLCxeqDmT+vTmLl
FnRWZo5E9lnDoChL7EOHmCI/fG0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTFOm8u
0IiFQFJyXRXH1shW5MHalzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZmQxY2ZhYmItMjY1Yy00YzRhLWJmMmYtNjI1NGNiMzMyMzVjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DBg
wDANBgkqhkiG9w0BAQsFAAOCAQEAGIPzZyL7ARq/FXH8aIMgsJOubiurD504AgJr
au/Zn9w65uBIdsqp8ZLn4uw2SH5qnB+5QLRNO88eewwMuj4Ej4ApsFXP0hIPOi5n
ZF1f1if6sPntnUBLqvKY25Zj/xnE5Pag4OXovFVYeHaSVQkVGPAZXzO6tRC6Phne
9UUV2jIqHFt9aK9FsVtTsNVXsmFS7gciliayHVBVw1CCP/UeLZCXh7J19tV+8urg
0y6lcaAZiUR+EYzmJP6+Rxldvh5Ve5Bjra2DI1NWgRBR6ujF0I0g9GBA3OhOoYv7
5urGSxn0B8mF1EKmy7qAGuwNtCK94cK8MeDIawuHvIVTsX366A==
-----END CERTIFICATE-----
Generated at Thu Apr 17 05:07:23 2025 by rpki-client