Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5856c2-e850-4c50-8b70-85575b65713d.roa
File: 2c5856c2-e850-4c50-8b70-85575b65713d.roa (raw, json)
Hash identifier: ZATAO3ZpFONoai0AS+NIYXpU43eAS4VXWloYbQCSvPw=
Subject key identifier: F6:36:22:4F:DB:09:D6:6F:FF:C6:4A:A9:E1:DA:44:0C:EA:BB:F1:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1E66179271BB1CD8C257DEB41FB8ED13598F8D9C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5856c2-e850-4c50-8b70-85575b65713d.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:8020::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:66:17:92:71:bb:1c:d8:c2:57:de:b4:1f:b8:ed:13:59:8f:8d:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=db7b9c77a37094598a1a21e660800d463a68259f7e74344f0522e5f332113d74, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f7:ca:d3:3b:bf:25:e9:25:1b:fa:17:89:7a:4b:
92:ba:bc:c2:0e:36:43:94:58:b3:28:ed:32:65:19:
2c:09:23:58:00:fc:b2:37:bb:86:a0:9c:28:a8:8c:
aa:71:4d:56:bc:00:cf:39:8e:00:cf:18:65:8d:26:
dc:c8:33:84:09:03:41:c9:e9:70:e4:94:70:72:b9:
bf:67:8a:51:19:8c:41:c1:32:6a:fa:50:74:d3:3a:
67:b5:1e:ff:c7:77:e9:a3:ee:2e:d4:9c:52:c0:27:
96:14:d4:03:1c:3b:ea:0d:e7:bc:08:5d:f0:f8:f6:
94:05:df:35:b4:4c:3e:63:2e:af:5f:e4:20:93:04:
a1:60:13:4f:2a:b5:dc:4d:f7:1f:d2:78:4f:d2:21:
4e:49:15:ec:0f:27:c2:39:ba:64:e2:56:fc:d7:48:
02:1b:5a:2e:b0:ac:a6:e5:67:26:82:dd:c3:b8:11:
e4:e9:79:6b:a7:97:2a:56:99:59:96:bc:c2:3c:33:
49:80:e7:5f:81:a4:68:99:09:d2:6d:95:09:5b:a5:
19:48:cc:4c:fc:3b:4b:c0:e1:b7:c6:54:5f:7b:fe:
1c:09:5c:85:50:b9:31:66:d3:cb:a9:33:2f:e6:7c:
29:97:6f:91:b7:93:a8:ab:3b:21:b6:f8:a9:47:bf:
ce:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:36:22:4F:DB:09:D6:6F:FF:C6:4A:A9:E1:DA:44:0C:EA:BB:F1:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/2c5856c2-e850-4c50-8b70-85575b65713d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8020::/46
Signature Algorithm: sha256WithRSAEncryption
7c:64:ba:ba:5b:99:57:5b:59:53:5d:e8:3c:f0:8b:2c:89:6b:
91:db:0d:46:7f:03:7d:cc:75:cf:01:68:db:26:93:fd:f1:27:
80:8f:6d:c9:02:c1:09:2d:35:1e:60:e4:0a:43:05:74:35:d5:
d8:ad:2a:42:e2:74:a1:13:dc:3a:2f:aa:58:b5:2b:ac:91:63:
4c:63:17:e1:52:7b:a5:80:14:e7:67:fa:05:bd:21:c5:d7:13:
c7:95:00:08:93:6e:c9:16:50:dc:ae:e8:74:da:27:fc:29:df:
0a:67:71:c2:9e:08:88:88:6c:a5:72:c8:d0:5d:4e:b9:d3:de:
22:32:8d:27:ef:9b:8b:a0:cd:9b:f7:d7:25:bc:88:4a:24:a1:
87:90:2a:85:d8:11:f7:f1:a0:c5:70:16:51:53:2c:aa:a0:2e:
a2:00:7f:ae:6c:9f:6c:bd:d7:b9:3c:e0:31:ee:7e:72:d6:c4:
c7:05:8c:3b:2d:ac:a9:d9:eb:b4:fd:36:39:76:c9:3e:70:42:
68:87:4b:a0:4f:97:ee:7c:4e:1a:e8:67:a2:3d:b1:f8:d9:36:
db:da:b2:7d:95:96:4c:a7:8d:2c:55:c9:e1:f4:07:ad:65:60:
89:f6:f6:00:a9:ea:fb:23:79:40:06:34:55:43:d7:ee:ed:e4:
13:c9:36:ab
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUHmYXknG7HNjCV960H7jtE1mPjZwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGRiN2I5Yzc3YTM3MDk0NTk4YTFhMjFlNjYwODAwZDQ2M2E2ODI1OWY3ZTc0
MzQ0ZjA1MjJlNWYzMzIxMTNkNzQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPfK0zu/JeklG/oXiXpLkrq8wg42Q5RYsyjtMmUZLAkjWAD8sje7hqCcKKiM
qnFNVrwAzzmOAM8YZY0m3MgzhAkDQcnpcOSUcHK5v2eKURmMQcEyavpQdNM6Z7Ue
/8d36aPuLtScUsAnlhTUAxw76g3nvAhd8Pj2lAXfNbRMPmMur1/kIJMEoWATTyq1
3E33H9J4T9IhTkkV7A8nwjm6ZOJW/NdIAhtaLrCspuVnJoLdw7gR5Ol5a6eXKlaZ
WZa8wjwzSYDnX4GkaJkJ0m2VCVulGUjMTPw7S8Dht8ZUX3v+HAlchVC5MWbTy6kz
L+Z8KZdvkbeTqKs7Ibb4qUe/zq0CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT2NiJP
2wnWb//GSqnh2kQM6rvxezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MmM1ODU2YzItZTg1MC00YzUwLThiNzAtODU1NzViNjU3MTNkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DCA
IDANBgkqhkiG9w0BAQsFAAOCAQEAfGS6uluZV1tZU13oPPCLLIlrkdsNRn8Dfcx1
zwFo2yaT/fEngI9tyQLBCS01HmDkCkMFdDXV2K0qQuJ0oRPcOi+qWLUrrJFjTGMX
4VJ7pYAU52f6Bb0hxdcTx5UACJNuyRZQ3K7odNon/CnfCmdxwp4IiIhspXLI0F1O
udPeIjKNJ++bi6DNm/fXJbyISiShh5AqhdgR9/GgxXAWUVMsqqAuogB/rmyfbL3X
uTzgMe5+ctbExwWMOy2sqdnrtP02OXbJPnBCaIdLoE+X7nxOGuhnoj2x+Nk229qy
fZWWTKeNLFXJ4fQHrWVgifb2AKnq+yN5QAY0VUPX7u3kE8k2qw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 15:49:36 2025 by rpki-client