Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/069999d5-7730-4326-bd52-a640ad05e176.roa
File: 069999d5-7730-4326-bd52-a640ad05e176.roa (raw, json)
Hash identifier: twi7Xk48IOXie6Cba3GmPJjI3BTpeICmAKDgGl4rc5s=
Subject key identifier: CA:EF:1E:C6:DF:03:9D:1C:2B:87:C2:9C:FD:76:CB:32:C2:BF:86:40
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 22CA7CCD4E08FE46BE8E580B4CD3BFF3A95065C1
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/069999d5-7730-4326-bd52-a640ad05e176.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:20c0::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:ca:7c:cd:4e:08:fe:46:be:8e:58:0b:4c:d3:bf:f3:a9:50:65:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=51d4862faba0052b49e18fe7a76b3474f676fd456af11ae7e138f8d33a01e50d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:91:32:64:f2:d6:0e:08:7c:70:b7:7f:fb:65:
7e:52:18:8c:7f:6f:36:e0:4c:ad:0e:ba:b2:85:33:
a7:bb:a2:c4:0e:da:84:0a:55:f5:0d:ab:ab:fe:45:
50:db:d8:70:8c:8c:4f:d0:d3:2c:12:28:80:30:c1:
95:8f:69:08:8c:62:dd:12:a8:82:16:2d:57:02:78:
ea:37:7b:db:2f:24:58:25:74:f9:32:d2:64:2b:0e:
4b:74:c1:60:36:ba:bb:ab:ca:5e:16:97:00:37:ec:
e2:b0:73:9d:5c:86:04:8f:7a:ae:34:95:7e:df:19:
d5:66:9b:58:1c:6f:64:b7:1b:6f:94:e4:57:b9:9d:
63:11:66:83:f0:12:ee:86:e8:ac:cd:a2:09:1f:77:
d7:7a:c7:ab:1f:97:f4:d8:bb:8a:59:8c:8e:f0:24:
5a:35:36:3b:02:c8:18:e5:e4:7e:d5:c3:6f:0f:ec:
27:c5:35:09:f1:85:2b:64:a1:c8:2e:50:d1:11:18:
18:3c:aa:da:4d:f6:22:55:2d:1e:b7:d0:fa:ca:b1:
8f:62:e7:62:7c:96:a6:20:8d:d4:d7:36:f7:25:58:
67:f7:60:2d:2f:42:26:c5:e1:c8:34:a7:c3:be:e4:
7b:df:01:c0:45:fc:be:52:36:3b:ee:4c:a5:fc:c3:
1f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:EF:1E:C6:DF:03:9D:1C:2B:87:C2:9C:FD:76:CB:32:C2:BF:86:40
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/069999d5-7730-4326-bd52-a640ad05e176.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:20c0::/46
Signature Algorithm: sha256WithRSAEncryption
76:01:67:fd:c9:a8:2a:9f:f4:38:d8:f6:cb:ad:a1:0a:50:b6:
12:38:60:a0:d2:dc:cf:35:12:d1:1c:3e:cd:82:d6:89:8a:db:
11:1d:77:bd:ef:7b:0b:be:57:24:88:ce:22:02:21:79:dd:77:
7a:25:77:2e:31:f8:c5:e0:38:2f:7c:34:ca:f2:fa:04:4b:d7:
ea:65:19:3e:19:ad:20:f6:3f:83:f7:8d:79:cf:22:bb:3b:fb:
f7:6d:5d:8e:97:b5:78:93:90:79:1f:3d:62:e6:e7:8b:87:a9:
b1:a1:cc:61:5d:29:28:8e:4b:cb:75:3d:a4:f6:c7:4e:8a:b2:
ac:58:9a:7f:3c:94:10:33:74:3c:68:01:30:1b:c5:f0:2e:b0:
31:c2:e4:30:3c:a9:55:59:6a:cc:71:69:ad:e0:79:4f:61:10:
4c:44:5c:c1:4b:7f:18:9a:0c:e5:a1:fe:16:7c:c5:ab:fd:93:
e3:33:f8:0a:06:eb:92:46:55:e3:6d:3e:64:57:de:2c:b2:cf:
4f:24:d8:8e:f3:94:2d:17:78:99:3e:41:a5:b1:fa:b1:ef:d2:
40:c3:23:94:2f:f8:62:53:48:ee:9f:38:f2:1c:c4:5e:86:6b:
2d:75:d7:4e:75:bb:a5:fc:0d:fd:2d:80:67:8d:a2:e9:60:55:
03:07:19:e0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUIsp8zU4I/ka+jlgLTNO/86lQZcEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDUxZDQ4NjJmYWJhMDA1MmI0OWUxOGZlN2E3NmIzNDc0ZjY3NmZkNDU2YWYx
MWFlN2UxMzhmOGQzM2EwMWU1MGQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMGRMmTy1g4IfHC3f/tlflIYjH9vNuBMrQ66soUzp7uixA7ahApV9Q2rq/5F
UNvYcIyMT9DTLBIogDDBlY9pCIxi3RKoghYtVwJ46jd72y8kWCV0+TLSZCsOS3TB
YDa6u6vKXhaXADfs4rBznVyGBI96rjSVft8Z1WabWBxvZLcbb5TkV7mdYxFmg/AS
7oborM2iCR9313rHqx+X9Ni7ilmMjvAkWjU2OwLIGOXkftXDbw/sJ8U1CfGFK2Sh
yC5Q0REYGDyq2k32IlUtHrfQ+sqxj2LnYnyWpiCN1Nc29yVYZ/dgLS9CJsXhyDSn
w77ke98BwEX8vlI2O+5MpfzDH1kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTK7x7G
3wOdHCuHwpz9dssywr+GQDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MDY5OTk5ZDUtNzczMC00MzI2LWJkNTItYTY0MGFkMDVlMTc2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DAg
wDANBgkqhkiG9w0BAQsFAAOCAQEAdgFn/cmoKp/0ONj2y62hClC2EjhgoNLczzUS
0Rw+zYLWiYrbER13ve97C75XJIjOIgIhed13eiV3LjH4xeA4L3w0yvL6BEvX6mUZ
PhmtIPY/g/eNec8iuzv7921djpe1eJOQeR89Yubni4epsaHMYV0pKI5Ly3U9pPbH
ToqyrFiafzyUEDN0PGgBMBvF8C6wMcLkMDypVVlqzHFpreB5T2EQTERcwUt/GJoM
5aH+FnzFq/2T4zP4CgbrkkZV420+ZFfeLLLPTyTYjvOULRd4mT5BpbH6se/SQMMj
lC/4YlNI7p848hzEXoZrLXXXTnW7pfwN/S2AZ42i6WBVAwcZ4A==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:31 2025 by rpki-client