Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f736cf1-6305-45ee-bb48-efc7a8a36dd5.roa
File: 1f736cf1-6305-45ee-bb48-efc7a8a36dd5.roa (raw, json)
Hash identifier: kAaO8tNzhBeloGKS29wMheGKKA5nKWUN7cs/oSH4Kbw=
Subject key identifier: 29:95:05:CE:12:33:F0:96:53:ED:BF:AB:79:EC:D6:BA:9E:D7:EF:62
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 50A43E17B017D0C903DF8F8B3DE88DBACDEF0676
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f736cf1-6305-45ee-bb48-efc7a8a36dd5.roa
Signing time: Wed 02 Apr 2025 18:52:06 +0000
ROA not before: Wed 02 Apr 2025 18:52:06 +0000
ROA not after: Wed 07 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:840::/46 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:a4:3e:17:b0:17:d0:c9:03:df:8f:8b:3d:e8:8d:ba:cd:ef:06:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 18:52:06 2025 GMT
Not After : May 7 23:59:59 2025 GMT
Subject: serialNumber=9af10aa876649f5240fc031c9ac3275954b6f8ede267abae192cf02ae98f3039, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:93:9a:2a:d1:5d:71:eb:03:ae:40:f0:1e:3b:
87:5f:a4:ac:7d:4e:69:cd:41:b0:be:93:b0:65:77:
37:db:c4:8c:76:28:11:de:15:30:82:3a:0e:17:a1:
63:29:8d:e9:03:fb:d8:f0:5e:90:6f:52:60:5d:4a:
5a:e3:60:55:48:16:de:ea:e3:3b:b8:00:4c:50:81:
d7:04:3c:47:dd:ef:93:15:37:5b:13:52:97:5c:99:
f8:a4:07:2e:b4:c0:51:d7:c2:13:07:19:e4:be:61:
b6:37:5b:86:95:44:51:1f:66:b6:50:e0:23:28:f5:
45:5e:9f:36:ba:4f:1e:69:06:47:41:58:f1:5e:8f:
b0:9f:ee:17:f4:b8:38:7b:a6:fd:9f:64:33:b3:e8:
77:e1:dd:d1:cf:00:6c:1e:2e:c0:2f:0e:7c:5b:d4:
ca:9e:a5:31:0b:64:ca:df:4d:91:1b:79:45:eb:76:
36:fe:f5:04:27:00:2d:31:d8:46:91:a5:0b:0b:1a:
fc:ad:c7:cf:2f:1a:a8:43:77:a9:fd:f3:98:08:b7:
23:9c:31:31:10:ae:ca:db:21:da:37:ef:0c:5e:e0:
c3:41:76:8e:41:b3:96:0a:ae:cf:f4:f1:6b:86:30:
46:9e:02:07:5a:a7:9b:90:fb:39:37:d6:96:2d:27:
32:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:95:05:CE:12:33:F0:96:53:ED:BF:AB:79:EC:D6:BA:9E:D7:EF:62
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1f736cf1-6305-45ee-bb48-efc7a8a36dd5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:840::/46
Signature Algorithm: sha256WithRSAEncryption
32:8d:9f:a4:58:5d:29:79:dc:59:e6:b3:48:55:f0:c2:32:4f:
2d:e3:00:7f:a3:5f:2e:89:3a:35:ec:c4:cd:2d:a4:76:2a:3d:
3d:a0:27:88:42:60:f1:30:6f:e9:d5:a1:ed:3b:05:8c:bc:af:
ca:82:ae:72:17:c6:5e:c3:02:34:27:a9:b0:22:10:91:2d:63:
cc:d0:ca:d9:42:ce:da:c6:31:66:9b:18:ab:42:b9:57:7d:93:
0f:e9:12:80:33:3c:6f:38:62:33:bc:4d:36:42:73:63:83:5b:
a5:08:09:d9:3d:5a:01:b7:bb:26:82:79:9f:ab:b7:08:fa:83:
ad:4a:33:1e:fa:e5:b6:09:c7:ac:d1:88:27:d3:05:17:43:f2:
62:11:46:8a:9c:33:43:ef:97:12:cb:d5:5e:2e:6d:f3:0d:f0:
13:19:48:6f:cb:24:b9:3a:a5:ee:c9:d8:42:56:68:db:e6:22:
d0:77:16:bc:19:36:c2:0d:b2:6a:f0:ee:a0:8a:f8:cc:57:16:
99:64:39:99:0a:57:ac:5b:f0:35:9b:13:73:56:4f:d0:ad:82:
ec:a1:07:d6:cb:95:85:52:90:f1:1d:4e:64:41:40:f6:e3:21:
07:59:e6:52:bf:a7:e3:1b:e5:5a:f5:d6:b1:2d:94:94:f9:bf:
84:87:1f:9f
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUKQ+F7AX0MkD34+LPeiNus3vBnYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDIxODUyMDZaFw0yNTA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDlhZjEwYWE4NzY2NDlmNTI0MGZjMDMxYzlhYzMyNzU5NTRiNmY4ZWRlMjY3
YWJhZTE5MmNmMDJhZTk4ZjMwMzkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAI+TmirRXXHrA65A8B47h1+krH1Oac1BsL6TsGV3N9vEjHYoEd4VMII6Dheh
YymN6QP72PBekG9SYF1KWuNgVUgW3urjO7gATFCB1wQ8R93vkxU3WxNSl1yZ+KQH
LrTAUdfCEwcZ5L5htjdbhpVEUR9mtlDgIyj1RV6fNrpPHmkGR0FY8V6PsJ/uF/S4
OHum/Z9kM7Pod+Hd0c8AbB4uwC8OfFvUyp6lMQtkyt9NkRt5Ret2Nv71BCcALTHY
RpGlCwsa/K3Hzy8aqEN3qf3zmAi3I5wxMRCuytsh2jfvDF7gw0F2jkGzlgquz/Tx
a4YwRp4CB1qnm5D7OTfWli0nMt0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQplQXO
EjPwllPtv6t57Na6ntfvYjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWY3MzZjZjEtNjMwNS00NWVlLWJiNDgtZWZjN2E4YTM2ZGQ1LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DAI
QDANBgkqhkiG9w0BAQsFAAOCAQEAMo2fpFhdKXncWeazSFXwwjJPLeMAf6NfLok6
NezEzS2kdio9PaAniEJg8TBv6dWh7TsFjLyvyoKuchfGXsMCNCepsCIQkS1jzNDK
2ULO2sYxZpsYq0K5V32TD+kSgDM8bzhiM7xNNkJzY4NbpQgJ2T1aAbe7JoJ5n6u3
CPqDrUozHvrltgnHrNGIJ9MFF0PyYhFGipwzQ++XEsvVXi5t8w3wExlIb8skuTql
7snYQlZo2+Yi0HcWvBk2wg2yavDuoIr4zFcWmWQ5mQpXrFvwNZsTc1ZP0K2C7KEH
1suVhVKQ8R1OZEFA9uMhB1nmUr+n4xvlWvXWsS2UlPm/hIcfnw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 23:38:45 2025 by rpki-client