Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4eac002e-4d26-4f92-ab97-0d7001e1cf2f.roa
File: 4eac002e-4d26-4f92-ab97-0d7001e1cf2f.roa (raw, json)
Hash identifier: K0Pk17bPQ/GRxUr3Zq6x1iX/pzUq7LAD+hB1dlQJb/8=
Subject key identifier: 54:11:C7:E6:72:8F:0C:1C:E4:F9:B2:8D:18:DE:08:F1:A6:49:AA:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77D9AAB0D8D388BAF680F4436857EF67CA21AC72
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4eac002e-4d26-4f92-ab97-0d7001e1cf2f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:a000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:d9:aa:b0:d8:d3:88:ba:f6:80:f4:43:68:57:ef:67:ca:21:ac:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a5:a8:45:5e:0d:b7:ba:97:2e:3d:84:96:73:
f9:b7:97:72:75:45:3e:a4:63:2f:97:92:1d:5a:3a:
69:63:39:bf:91:4e:5f:8d:ef:08:4f:97:1b:78:66:
25:03:43:8a:24:f0:1f:64:df:9f:17:25:6d:a4:a2:
37:df:5f:d0:e6:ca:b1:e9:02:dc:f2:67:2c:b5:e0:
68:d6:2e:fe:5f:da:fa:3e:7a:54:af:24:fe:76:6b:
4b:66:63:95:64:83:99:e0:7a:b3:43:13:09:4a:a8:
c2:11:0d:ba:90:60:4b:04:5c:ce:be:b8:7b:c0:9d:
d1:e2:42:26:d1:fc:cb:63:af:85:7b:3a:d9:a0:43:
7d:41:3e:9d:65:0e:04:d1:f3:54:41:ee:5d:87:9f:
ee:84:22:0c:70:2e:6e:0d:a2:95:1d:16:fe:e7:34:
b3:21:d1:18:e1:78:72:34:f9:b8:38:1d:80:19:27:
a3:b8:a0:77:03:2e:d7:57:f1:64:73:f1:4b:ca:b2:
cb:30:0c:f0:96:53:42:ba:3f:3e:1e:d7:94:62:98:
fe:31:57:e5:d9:d3:0e:07:49:97:b8:8d:18:f4:81:
32:7e:58:a2:df:ef:e1:45:72:4a:bb:aa:a9:d6:3a:
0c:7d:e9:3b:3d:a4:3a:84:d7:8e:ba:4d:0a:d9:d1:
69:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:11:C7:E6:72:8F:0C:1C:E4:F9:B2:8D:18:DE:08:F1:A6:49:AA:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4eac002e-4d26-4f92-ab97-0d7001e1cf2f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:a000::/40
Signature Algorithm: sha256WithRSAEncryption
18:8a:0e:66:02:54:20:fb:37:a2:a8:0a:32:18:d7:e6:11:d3:
a7:3b:0c:81:28:aa:0f:46:63:48:8c:57:73:f4:93:fb:25:a4:
3c:9f:12:69:95:47:3e:06:b6:96:9a:ae:a8:da:7a:a5:42:fa:
83:2e:43:19:cf:c2:e1:1f:1b:e9:6d:b5:cb:a5:f2:6d:4c:13:
ea:9c:b0:35:e6:87:65:2e:8a:c1:d2:25:f2:8a:06:ec:df:3f:
ec:ea:3a:83:de:91:d9:43:ee:86:41:4f:79:8b:b0:5c:ce:2c:
82:c6:dc:3f:8a:2a:f9:a9:18:14:fe:7c:8e:68:4d:75:35:df:
7e:5f:4c:28:06:c6:e3:d0:a9:60:f6:e4:ba:d2:af:d8:de:95:
01:45:7d:1d:8e:ac:8f:21:67:41:63:d5:8c:8a:92:af:ab:49:
2a:36:4b:9c:be:7a:40:f3:2e:a7:6f:fa:f0:08:dc:e2:da:21:
af:b5:79:de:b0:b4:b1:e9:81:d6:67:0d:5c:66:bb:ff:12:4f:
1a:1d:bc:c5:8c:7e:75:38:d9:7b:05:eb:7a:5d:bc:7c:50:b7:
83:79:af:23:db:03:6f:a6:f8:47:18:88:98:a5:25:56:a4:02:
d6:b0:96:d4:fb:d5:e4:79:04:d2:56:da:00:c6:e9:ba:7c:45:
cd:40:34:3e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUd9mqsNjTiLr2gPRDaFfvZ8ohrHIwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDcwMDAwMDBaFw0yNTAyMTEyMzU5NTlaMHoxSTBHBgNV
BAUTQDQ5M2ZiZDc0Njc4OGFjNzA5NTRmMzg3ZmM0OGRmMTg0ZDk0NTcwMWMwMmMy
NDJlNjdiOTFhNzkwNzdjNzczOWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJWlqEVeDbe6ly49hJZz+beXcnVFPqRjL5eSHVo6aWM5v5FOX43vCE+XG3hm
JQNDiiTwH2TfnxclbaSiN99f0ObKsekC3PJnLLXgaNYu/l/a+j56VK8k/nZrS2Zj
lWSDmeB6s0MTCUqowhENupBgSwRczr64e8Cd0eJCJtH8y2OvhXs62aBDfUE+nWUO
BNHzVEHuXYef7oQiDHAubg2ilR0W/uc0syHRGOF4cjT5uDgdgBkno7igdwMu11fx
ZHPxS8qyyzAM8JZTQro/Ph7XlGKY/jFX5dnTDgdJl7iNGPSBMn5Yot/v4UVySruq
qdY6DH3pOz2kOoTXjrpNCtnRaakCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRUEcfm
co8MHOT5so0Y3gjxpkmqezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGVhYzAwMmUtNGQyNi00ZjkyLWFiOTctMGQ3MDAxZTFjZjJmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Hmg
MA0GCSqGSIb3DQEBCwUAA4IBAQAYig5mAlQg+zeiqAoyGNfmEdOnOwyBKKoPRmNI
jFdz9JP7JaQ8nxJplUc+BraWmq6o2nqlQvqDLkMZz8LhHxvpbbXLpfJtTBPqnLA1
5odlLorB0iXyigbs3z/s6jqD3pHZQ+6GQU95i7BcziyCxtw/iir5qRgU/nyOaE11
Nd9+X0woBsbj0Klg9uS60q/Y3pUBRX0djqyPIWdBY9WMipKvq0kqNkucvnpA8y6n
b/rwCNzi2iGvtXnesLSx6YHWZw1cZrv/Ek8aHbzFjH51ONl7Bet6Xbx8ULeDea8j
2wNvpvhHGIiYpSVWpALWsJbU+9XkeQTSVtoAxum6fEXNQDQ+
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:52:55 2025 by rpki-client