Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/020a18fb-75e8-4c3e-a203-40161e4d4508.roa
File: 020a18fb-75e8-4c3e-a203-40161e4d4508.roa (raw, json)
Hash identifier: s7khYjLdpE079tY5pCA0eZi2+mtZ9Muf/4rG9ZDcYI8=
Subject key identifier: 8E:D0:C7:34:C7:6A:AC:82:04:51:B0:D7:D7:65:56:EE:0D:94:FB:74
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1DC217A9469AFDCF0E061EA31B97D90ED47AAEA3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/020a18fb-75e8-4c3e-a203-40161e4d4508.roa
Signing time: Thu 17 Apr 2025 16:37:10 +0000
ROA not before: Thu 17 Apr 2025 16:37:10 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d05b:5000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:c2:17:a9:46:9a:fd:cf:0e:06:1e:a3:1b:97:d9:0e:d4:7a:ae:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 17 16:37:10 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=b5d00682c6b3921483b0d71f0841602e41450f3923529d9ccfaffcc1b451ed80, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:8a:b2:33:7f:34:b3:4c:c5:67:32:7c:7f:05:
42:81:38:4e:7e:4f:b3:7a:7c:73:2f:cb:a5:ec:8c:
9b:93:cd:b9:18:5d:63:fa:1f:51:60:c5:96:ff:90:
5d:74:b2:e4:d5:00:8b:a8:53:84:b5:43:be:be:a8:
12:58:15:6c:c6:6b:1b:f7:96:c6:f6:2a:78:7a:ae:
17:af:5f:5c:61:45:65:45:00:eb:42:80:18:33:6a:
47:e8:b0:89:e8:91:18:df:55:0c:34:2a:78:ff:dd:
19:44:0e:8a:8d:f2:e5:4b:4f:c7:60:cf:0e:52:12:
fd:ce:71:19:65:d3:29:6a:60:28:9f:b7:59:4f:8c:
79:fa:50:d5:f0:44:fd:63:08:2e:0f:a5:7b:9a:9e:
97:cf:9b:e3:68:1f:b4:cb:55:5f:53:de:3f:7f:67:
92:b3:ce:b1:f8:38:2c:9a:0c:bd:a7:b2:1e:b1:6d:
c3:32:99:b4:5e:13:67:ba:41:a9:8f:b6:67:8c:6d:
ea:0e:65:bf:16:a4:dc:09:da:83:46:1f:7d:6e:61:
e2:ab:12:f8:a3:6f:f4:41:61:07:a4:e8:26:8c:76:
41:ba:59:ce:f2:36:35:f7:3b:35:37:be:ad:90:0c:
7a:46:17:c5:6f:6f:e9:de:f0:1f:89:eb:bc:ad:85:
60:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:D0:C7:34:C7:6A:AC:82:04:51:B0:D7:D7:65:56:EE:0D:94:FB:74
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/020a18fb-75e8-4c3e-a203-40161e4d4508.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d05b:5000::/40
Signature Algorithm: sha256WithRSAEncryption
1c:5a:19:62:c5:cf:2a:7c:6e:8c:c9:76:1b:28:48:8d:87:37:
25:e9:4a:88:db:b1:fe:e2:91:bc:d8:97:ff:90:6e:86:31:9a:
61:d6:10:7f:5d:34:12:96:2c:fb:2f:15:7c:a2:56:9c:73:79:
e2:fe:1b:36:12:d0:fc:20:46:8b:8f:ea:64:cf:a7:c0:cc:c9:
62:91:42:7c:4c:4c:db:05:db:39:94:cc:b8:72:b7:f1:30:69:
48:9d:ac:ed:12:73:53:47:50:e5:20:86:a6:94:65:7c:c6:2b:
b5:81:56:ef:50:81:ee:30:02:b2:ee:9d:e1:a1:ce:6f:54:ca:
62:e2:43:56:58:49:35:6f:41:82:a9:08:60:b1:37:28:7a:3d:
91:f7:f4:e6:4d:c3:60:9a:1f:51:da:f5:a5:9b:65:67:e6:4d:
07:99:84:5a:74:1a:b1:87:b3:80:6c:98:45:0a:8c:aa:19:46:
87:31:7d:85:06:d0:52:c2:45:41:f7:0f:25:7a:b6:cb:22:e0:
a5:a9:b2:35:57:dc:84:62:40:9a:a9:ef:c5:ee:09:6b:d9:01:
94:3b:03:c9:0c:d9:a5:30:95:0a:43:05:be:6e:61:9e:d9:eb:
59:4d:6d:5e:c8:b2:55:b8:24:de:15:3b:61:4e:5b:08:ed:76:
8c:66:10:80
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHcIXqUaa/c8OBh6jG5fZDtR6rqMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MTcxNjM3MTBaFw0yNTA1MjIyMzU5NTlaMHoxSTBHBgNV
BAUTQGI1ZDAwNjgyYzZiMzkyMTQ4M2IwZDcxZjA4NDE2MDJlNDE0NTBmMzkyMzUy
OWQ5Y2NmYWZmY2MxYjQ1MWVkODAxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANqKsjN/NLNMxWcyfH8FQoE4Tn5Ps3p8cy/LpeyMm5PNuRhdY/ofUWDFlv+Q
XXSy5NUAi6hThLVDvr6oElgVbMZrG/eWxvYqeHquF69fXGFFZUUA60KAGDNqR+iw
ieiRGN9VDDQqeP/dGUQOio3y5UtPx2DPDlIS/c5xGWXTKWpgKJ+3WU+MefpQ1fBE
/WMILg+le5qel8+b42gftMtVX1PeP39nkrPOsfg4LJoMvaeyHrFtwzKZtF4TZ7pB
qY+2Z4xt6g5lvxak3Anag0YffW5h4qsS+KNv9EFhB6ToJox2QbpZzvI2Nfc7NTe+
rZAMekYXxW9v6d7wH4nrvK2FYGkCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBSO0Mc0
x2qsggRRsNfXZVbuDZT7dDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDIwYTE4ZmItNzVlOC00YzNlLWEyMDMtNDAxNjFlNGQ0NTA4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FtQ
MA0GCSqGSIb3DQEBCwUAA4IBAQAcWhlixc8qfG6MyXYbKEiNhzcl6UqI27H+4pG8
2Jf/kG6GMZph1hB/XTQSliz7LxV8olacc3ni/hs2EtD8IEaLj+pkz6fAzMlikUJ8
TEzbBds5lMy4crfxMGlInaztEnNTR1DlIIamlGV8xiu1gVbvUIHuMAKy7p3hoc5v
VMpi4kNWWEk1b0GCqQhgsTcoej2R9/TmTcNgmh9R2vWlm2Vn5k0HmYRadBqxh7OA
bJhFCoyqGUaHMX2FBtBSwkVB9w8lerbLIuClqbI1V9yEYkCaqe/F7glr2QGUOwPJ
DNmlMJUKQwW+bmGe2etZTW1eyLJVuCTeFTthTlsI7XaMZhCA
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:10:59 2025 by rpki-client