Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16c95432-d5ac-4fb1-92e5-843e7359b8e2.roa
File: 16c95432-d5ac-4fb1-92e5-843e7359b8e2.roa (raw, json)
Hash identifier: vQG2M6OvbefvZpET3XxTUhqK0VMaNuBhZMN5x9HgUFo=
Subject key identifier: 8E:FD:09:5C:6A:4B:B0:2D:B3:F9:5E:DA:E4:D9:53:05:1B:10:00:F1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1312201E01E7B5D26AD0B614470C36ECA53FB3FB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16c95432-d5ac-4fb1-92e5-843e7359b8e2.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:a0c0::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:12:20:1e:01:e7:b5:d2:6a:d0:b6:14:47:0c:36:ec:a5:3f:b3:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=890222c66bba2c8f584fac6b0ce62e4780b29c86eb04b1f744156273ad6bfdd1, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:99:ef:79:c4:7a:9f:5e:86:f8:07:ce:88:dc:
0a:1c:7f:ce:18:02:ba:45:57:ce:cb:5f:39:67:fa:
a7:e0:f4:24:cd:22:80:cd:54:80:ed:41:59:a8:59:
17:65:45:95:79:a5:9e:c1:2e:d0:c2:f5:d5:fb:5c:
05:54:4e:c0:2c:4e:65:96:bd:9e:5d:43:05:bf:1e:
f0:83:ea:d1:3b:c4:7e:27:7f:ab:31:45:7f:43:03:
b3:5e:ce:2b:bd:46:3b:9c:e1:31:f2:32:50:10:50:
cd:7d:b6:33:18:f9:96:cb:bd:20:9c:89:70:b1:23:
52:98:94:e3:68:14:72:bb:20:ae:83:13:86:42:79:
39:4c:74:3d:c2:6b:26:ad:3b:0f:79:95:26:e9:98:
41:d7:72:0f:d7:fc:ec:49:75:c7:de:25:1f:26:97:
18:66:29:df:3d:87:0c:ac:a9:5d:bc:36:e1:bc:2d:
24:7e:af:3b:40:d5:58:8f:80:b2:bd:b8:50:9f:4a:
cd:ff:da:f4:c9:35:bf:bf:d4:a0:e5:1a:ca:75:ee:
61:8b:49:94:4b:fe:d1:66:52:26:30:5f:c1:14:3a:
a6:b9:aa:5e:07:67:3b:1e:17:71:6a:6e:76:71:2e:
3a:97:90:7a:1a:be:d2:d8:c2:76:24:fd:ac:fb:07:
98:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:FD:09:5C:6A:4B:B0:2D:B3:F9:5E:DA:E4:D9:53:05:1B:10:00:F1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/16c95432-d5ac-4fb1-92e5-843e7359b8e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:a0c0::/46
Signature Algorithm: sha256WithRSAEncryption
81:2d:d0:2a:68:84:d9:6d:83:b3:1c:5e:9f:db:93:6e:b6:0a:
c5:ec:a5:64:86:81:2d:5b:08:98:ce:2e:ee:d3:39:b4:56:3f:
ec:0d:e1:9f:f8:5f:c2:d4:04:d2:36:b5:53:8a:c7:4a:2a:db:
f9:2d:9d:61:17:bb:53:2f:55:f1:0c:d0:51:23:4a:a9:e0:1c:
34:53:61:ad:20:cb:44:19:07:2e:a1:48:80:96:07:a3:08:01:
32:49:57:12:8c:c0:52:5d:57:d2:0e:44:75:73:4b:d7:70:15:
59:58:75:3b:19:9c:49:cf:8a:04:ae:40:c8:d1:4e:9b:e1:26:
7b:c9:3c:db:4e:5d:3c:93:4f:4b:a4:f2:03:87:31:87:57:49:
3a:5c:65:17:65:3a:4e:20:48:da:4c:43:f9:e8:56:cb:3d:31:
c9:10:12:23:44:5b:28:d9:0f:35:4b:d5:bb:1c:a7:97:42:74:
b1:69:e0:fa:6a:b1:86:3b:06:ba:fc:f0:64:4a:bf:bb:83:6b:
f8:ea:c2:50:64:e3:1f:2a:0c:a0:73:fd:a0:7e:d8:12:83:2d:
4b:df:62:47:71:9f:d1:f8:a0:21:09:db:18:20:9e:59:0c:a1:
d3:34:f4:cd:40:d7:58:08:70:4e:85:60:00:8d:3a:c1:fa:e3:
3f:50:27:64
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUExIgHgHntdJq0LYURww27KU/s/swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDg5MDIyMmM2NmJiYTJjOGY1ODRmYWM2YjBjZTYyZTQ3ODBiMjljODZlYjA0
YjFmNzQ0MTU2MjczYWQ2YmZkZDExLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALiZ73nEep9ehvgHzojcChx/zhgCukVXzstfOWf6p+D0JM0igM1UgO1BWahZ
F2VFlXmlnsEu0ML11ftcBVROwCxOZZa9nl1DBb8e8IPq0TvEfid/qzFFf0MDs17O
K71GO5zhMfIyUBBQzX22Mxj5lsu9IJyJcLEjUpiU42gUcrsgroMThkJ5OUx0PcJr
Jq07D3mVJumYQddyD9f87El1x94lHyaXGGYp3z2HDKypXbw24bwtJH6vO0DVWI+A
sr24UJ9Kzf/a9Mk1v7/UoOUaynXuYYtJlEv+0WZSJjBfwRQ6prmqXgdnOx4XcWpu
dnEuOpeQehq+0tjCdiT9rPsHmMUCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSO/Qlc
akuwLbP5Xtrk2VMFGxAA8TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MTZjOTU0MzItZDVhYy00ZmIxLTkyZTUtODQzZTczNTliOGUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DCg
wDANBgkqhkiG9w0BAQsFAAOCAQEAgS3QKmiE2W2Dsxxen9uTbrYKxeylZIaBLVsI
mM4u7tM5tFY/7A3hn/hfwtQE0ja1U4rHSirb+S2dYRe7Uy9V8QzQUSNKqeAcNFNh
rSDLRBkHLqFIgJYHowgBMklXEozAUl1X0g5EdXNL13AVWVh1OxmcSc+KBK5AyNFO
m+Eme8k8205dPJNPS6TyA4cxh1dJOlxlF2U6TiBI2kxD+ehWyz0xyRASI0RbKNkP
NUvVuxynl0J0sWng+mqxhjsGuvzwZEq/u4Nr+OrCUGTjHyoMoHP9oH7YEoMtS99i
R3Gf0figIQnbGCCeWQyh0zT0zUDXWAhwToVgAI06wfrjP1AnZA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:24 2025 by rpki-client