Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d952455-9c5f-4fa9-88c0-abed2531b77e.roa
File: 3d952455-9c5f-4fa9-88c0-abed2531b77e.roa (raw, json)
Hash identifier: twwOpHbZdyCYiBxEOj+aTwImq1e5A07AgkzLlNmcXVU=
Subject key identifier: F0:4A:EE:C5:7B:E4:A6:09:9B:64:DC:FB:25:4A:94:37:2F:57:90:EC
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F1C7F4B2C70CAD80ED3C1C13506F4E7BC06303C
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d952455-9c5f-4fa9-88c0-abed2531b77e.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d079:5000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:1c:7f:4b:2c:70:ca:d8:0e:d3:c1:c1:35:06:f4:e7:bc:06:30:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=a3cb8041e1172486ae519ac4d96dbf8a8bc05c43b543b66674899d104c4ade19, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:79:9c:63:f3:ed:6e:95:3b:29:7c:61:37:eb:
4d:2b:68:2e:f4:4b:08:f3:d7:82:da:a5:8f:3e:03:
cf:97:be:cf:74:f5:18:8e:2f:e5:7c:31:eb:7b:c6:
7e:5b:4a:4d:71:eb:f7:10:e3:8f:2f:44:33:a3:51:
f8:d0:62:d8:2c:88:81:e3:58:03:9f:10:35:c7:56:
fa:01:48:c2:e8:dc:3e:90:f2:af:29:ee:28:be:2d:
7d:46:b5:a5:72:0e:b2:39:46:f9:fa:57:6c:13:de:
eb:2e:e9:8a:40:bc:33:35:d6:dd:fe:0b:de:f6:93:
ba:4f:51:70:d2:42:ae:67:1a:01:ec:42:35:21:6f:
86:17:f4:27:f9:54:f5:95:af:f1:89:6a:10:4a:7c:
a0:55:40:3d:df:e1:43:b3:16:f9:b1:10:08:b9:b4:
81:b7:d4:7b:4e:5e:98:72:54:9d:40:1d:99:a4:f0:
4e:00:e7:97:28:b9:bc:ef:da:04:06:8b:cb:aa:1e:
3e:8d:5d:ed:80:1e:18:81:df:10:c3:94:0c:86:bc:
6a:ff:6b:c4:ed:4a:f8:e8:bc:8f:31:31:4c:56:4c:
c4:19:c5:66:b6:2a:0a:63:e6:9b:a3:00:e4:69:c6:
07:7f:80:d2:ba:5d:96:4e:7a:e3:4c:fc:28:aa:8e:
ee:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:4A:EE:C5:7B:E4:A6:09:9B:64:DC:FB:25:4A:94:37:2F:57:90:EC
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/3d952455-9c5f-4fa9-88c0-abed2531b77e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d079:5000::/40
Signature Algorithm: sha256WithRSAEncryption
5f:87:c3:de:79:63:ba:65:b7:bb:7c:fb:26:c4:22:8d:dc:d0:
46:87:61:7b:de:c9:30:68:95:93:a0:13:d6:8a:92:fb:70:b1:
c3:69:d8:93:4e:85:82:ff:78:b7:eb:7e:f1:68:a2:ed:55:a8:
a9:e1:f8:14:47:b4:84:26:c8:7c:57:f8:ef:eb:f1:35:64:97:
1f:a2:bc:86:f6:ba:d6:f5:97:2c:6c:ff:81:e7:19:7c:0c:67:
21:49:46:21:7c:75:76:c4:1b:6e:00:0d:4f:37:fa:80:e9:2a:
bc:ff:ae:7c:20:9b:9b:74:51:3a:3e:d2:5f:92:0b:0a:ae:2c:
49:29:b2:cf:06:eb:ee:de:2a:99:96:1d:51:77:8a:da:40:d1:
6a:69:cf:f3:30:61:cc:39:6a:65:d5:50:94:8f:c8:32:c3:80:
17:3c:10:9d:91:6e:e3:7a:b5:c8:f4:7e:9d:d8:d9:4b:b8:00:
f6:ba:c0:6f:4f:0c:fa:dc:64:45:f7:69:af:29:89:19:e3:51:
fc:13:39:b1:90:aa:ed:19:bd:2b:be:63:3a:09:fe:83:24:f4:
09:5a:0f:75:67:53:7f:71:cb:86:d3:12:88:d7:24:c3:a5:c9:
c8:62:bc:52:b8:ef:3a:81:67:e6:0d:1a:38:d5:ed:f0:19:c2:
82:3d:59:ef
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUbxx/SyxwytgO08HBNQb057wGMDwwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQGEzY2I4MDQxZTExNzI0ODZhZTUxOWFjNGQ5NmRiZjhhOGJjMDVjNDNiNTQz
YjY2Njc0ODk5ZDEwNGM0YWRlMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALt5nGPz7W6VOyl8YTfrTStoLvRLCPPXgtqljz4Dz5e+z3T1GI4v5Xwx63vG
fltKTXHr9xDjjy9EM6NR+NBi2CyIgeNYA58QNcdW+gFIwujcPpDyrynuKL4tfUa1
pXIOsjlG+fpXbBPe6y7pikC8MzXW3f4L3vaTuk9RcNJCrmcaAexCNSFvhhf0J/lU
9ZWv8YlqEEp8oFVAPd/hQ7MW+bEQCLm0gbfUe05emHJUnUAdmaTwTgDnlyi5vO/a
BAaLy6oePo1d7YAeGIHfEMOUDIa8av9rxO1K+Oi8jzExTFZMxBnFZrYqCmPmm6MA
5GnGB3+A0rpdlk5640z8KKqO7nECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTwSu7F
e+SmCZtk3PslSpQ3L1eQ7DAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
M2Q5NTI0NTUtOWM1Zi00ZmE5LTg4YzAtYWJlZDI1MzFiNzdlLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HlQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBfh8PeeWO6Zbe7fPsmxCKN3NBGh2F73skwaJWT
oBPWipL7cLHDadiTToWC/3i3637xaKLtVaip4fgUR7SEJsh8V/jv6/E1ZJcforyG
9rrW9ZcsbP+B5xl8DGchSUYhfHV2xBtuAA1PN/qA6Sq8/658IJubdFE6PtJfkgsK
rixJKbLPBuvu3iqZlh1Rd4raQNFqac/zMGHMOWpl1VCUj8gyw4AXPBCdkW7jerXI
9H6d2NlLuAD2usBvTwz63GRF92mvKYkZ41H8EzmxkKrtGb0rvmM6Cf6DJPQJWg91
Z1N/ccuG0xKI1yTDpcnIYrxSuO86gWfmDRo41e3wGcKCPVnv
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:43 2025 by rpki-client