Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1eb25eda-891c-435a-ac9c-18e2b0658055.roa
File: 1eb25eda-891c-435a-ac9c-18e2b0658055.roa (raw, json)
Hash identifier: 50G3aMn6Ag7AdTZZEzSQTLm5g8DEwla0Uoz6er2PMxg=
Subject key identifier: B4:76:3F:1F:8A:A6:91:B8:3E:E0:F7:01:73:9D:56:C7:09:81:30:D3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 427DEA040FC5945AD5E29791E46449EE418BF3C0
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1eb25eda-891c-435a-ac9c-18e2b0658055.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:8000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:7d:ea:04:0f:c5:94:5a:d5:e2:97:91:e4:64:49:ee:41:8b:f3:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=a8cbf478bf733868f629235025fc8760bc9b98f95ded8c922a645762e8d004e2, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:45:41:60:99:d4:aa:88:c2:29:e8:34:87:8d:
d1:e4:ea:85:73:94:34:fd:fd:bc:89:ba:e8:75:38:
4a:2b:34:d5:0d:3a:f3:be:88:cd:c7:3a:75:38:47:
e6:37:ac:ab:08:bd:8b:76:a8:9d:75:e4:c9:a3:78:
a7:13:be:af:9e:af:ee:ba:14:d8:54:52:29:53:82:
ee:01:ad:46:9f:11:30:30:b9:0b:d0:d3:f0:34:8a:
c8:2c:94:00:47:a7:f5:20:16:d3:17:31:68:82:6e:
6b:3a:b3:44:9c:7c:3d:f8:29:0c:a3:3a:e9:a5:69:
98:f8:62:30:d6:08:64:40:c4:02:88:8c:c2:22:27:
8f:29:8b:df:24:e2:a6:6a:f2:ac:47:17:cf:ba:37:
2c:38:21:23:df:15:28:e0:fb:fc:48:c6:1f:6e:87:
8e:b4:b0:f3:09:c3:5d:1e:79:a4:2b:60:63:0a:e5:
e8:13:ad:23:de:b1:6a:1b:24:29:fb:27:3a:22:e9:
d5:f5:df:39:7c:75:bb:f7:e8:6d:09:a5:98:f4:4e:
ce:e9:b3:a2:39:01:b7:32:17:bf:49:1d:73:53:12:
09:7a:fc:e6:c6:61:86:de:01:d4:b1:ad:c7:cf:74:
15:d2:36:a1:30:2b:5a:6b:98:05:e0:c5:b5:27:4c:
b1:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:76:3F:1F:8A:A6:91:B8:3E:E0:F7:01:73:9D:56:C7:09:81:30:D3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1eb25eda-891c-435a-ac9c-18e2b0658055.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8000::/40
Signature Algorithm: sha256WithRSAEncryption
39:dd:d7:40:a7:86:fb:fd:c7:5c:4b:53:93:16:8b:bd:00:18:
b8:c9:f7:c5:06:c2:88:8d:67:89:31:b9:b5:0c:04:7c:fd:1b:
ee:72:fe:6a:a7:4d:67:67:7a:bc:da:8a:95:5e:78:32:83:a5:
05:ed:bf:cc:c7:d5:c8:8f:7a:7e:5b:b9:c9:45:84:c4:eb:14:
1a:db:75:69:4d:e3:ac:e0:f0:f2:b5:8f:3a:e0:e7:c9:71:10:
04:ed:49:f1:74:83:b5:6f:5b:9e:a4:69:f1:03:0e:18:d9:94:
38:29:5a:47:8f:bf:6e:37:e1:a5:f6:03:83:d6:7a:06:29:82:
ff:69:87:ac:80:8c:9a:aa:b9:d1:6c:4e:43:7c:cb:c6:32:e1:
b8:a7:38:67:56:9b:66:bf:2b:92:fb:17:29:4a:3b:ab:b7:6e:
69:59:5f:4a:b9:83:9e:74:f4:94:62:c6:c9:b2:0f:c1:61:fe:
c3:78:88:ff:22:9f:ea:f9:2c:24:fb:62:c3:8f:10:0b:76:ab:
59:ae:22:61:ad:f1:52:65:f5:60:01:0d:60:f4:4a:84:89:ce:
13:43:99:ff:1f:ec:fa:6f:1a:b1:89:a5:8f:a2:75:f2:21:6c:
87:ce:1e:c7:31:76:09:7f:7a:f6:ed:ca:33:64:aa:bf:94:80:
57:f7:cb:52
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUQn3qBA/FlFrV4peR5GRJ7kGL88AwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGE4Y2JmNDc4YmY3MzM4NjhmNjI5MjM1MDI1ZmM4NzYwYmM5Yjk4Zjk1ZGVk
OGM5MjJhNjQ1NzYyZThkMDA0ZTIxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMZFQWCZ1KqIwinoNIeN0eTqhXOUNP39vIm66HU4Sis01Q06876Izcc6dThH
5jesqwi9i3aonXXkyaN4pxO+r56v7roU2FRSKVOC7gGtRp8RMDC5C9DT8DSKyCyU
AEen9SAW0xcxaIJuazqzRJx8PfgpDKM66aVpmPhiMNYIZEDEAoiMwiInjymL3yTi
pmryrEcXz7o3LDghI98VKOD7/EjGH26HjrSw8wnDXR55pCtgYwrl6BOtI96xahsk
KfsnOiLp1fXfOXx1u/fobQmlmPROzumzojkBtzIXv0kdc1MSCXr85sZhht4B1LGt
x890FdI2oTArWmuYBeDFtSdMsc8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBS0dj8f
iqaRuD7g9wFznVbHCYEw0zAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWViMjVlZGEtODkxYy00MzVhLWFjOWMtMThlMmIwNjU4MDU1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCA
MA0GCSqGSIb3DQEBCwUAA4IBAQA53ddAp4b7/cdcS1OTFou9ABi4yffFBsKIjWeJ
Mbm1DAR8/Rvucv5qp01nZ3q82oqVXngyg6UF7b/Mx9XIj3p+W7nJRYTE6xQa23Vp
TeOs4PDytY864OfJcRAE7UnxdIO1b1uepGnxAw4Y2ZQ4KVpHj79uN+Gl9gOD1noG
KYL/aYesgIyaqrnRbE5DfMvGMuG4pzhnVptmvyuS+xcpSjurt25pWV9KuYOedPSU
YsbJsg/BYf7DeIj/Ip/q+Swk+2LDjxALdqtZriJhrfFSZfVgAQ1g9EqEic4TQ5n/
H+z6bxqxiaWPonXyIWyHzh7HMXYJf3r27cozZKq/lIBX98tS
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:20 2025 by rpki-client