Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/43c1a5ad-fdf5-4445-9979-6eee105d7d50.roa
File: 43c1a5ad-fdf5-4445-9979-6eee105d7d50.roa (raw, json)
Hash identifier: 7SnzYsxoZ3zHkhUruqrf/7cgPJqCWsrn5VII9P+tGBY=
Subject key identifier: 43:A8:2C:78:CD:86:F6:7D:64:9A:D0:58:77:AE:3C:43:F1:37:65:04
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 3A79B8529D90142B76AD7D793589CCF372964FBB
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/43c1a5ad-fdf5-4445-9979-6eee105d7d50.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:1040::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:79:b8:52:9d:90:14:2b:76:ad:7d:79:35:89:cc:f3:72:96:4f:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=7ed5c80e64085c64b68c1324028c93a5b0b309fc4712d8c2e373667801fd21fc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9b:44:a9:21:27:48:cb:0d:d1:8f:19:b1:d3:
53:dc:a0:a4:de:96:a7:fd:10:40:83:4e:49:c4:78:
9a:bc:20:91:23:9f:90:97:7f:43:4c:a6:f9:5b:ef:
59:8d:83:7e:a5:df:02:ec:65:51:23:26:1a:37:26:
5f:aa:f4:84:71:b8:a1:17:dc:7b:31:54:31:76:ba:
cc:ae:ef:75:db:35:11:ac:17:20:5a:bf:7f:2d:ba:
32:18:42:ed:7d:3a:5c:0c:d3:8e:b7:15:ec:b0:fc:
e1:1b:95:e3:a3:a4:e2:7d:32:f9:0b:fd:c2:47:d0:
5e:da:4e:a4:54:03:04:4c:bb:2d:70:9f:7b:6f:2a:
a8:46:c6:d6:bb:b6:00:3d:49:9b:ca:a8:cb:35:e1:
76:9d:b8:22:0e:c9:fd:5f:fe:e6:f3:2e:08:fd:30:
44:c0:99:0d:e4:90:c9:e3:3a:06:1f:7e:c5:db:40:
67:da:0d:52:e1:5a:e2:19:ab:94:a2:24:55:67:cb:
57:83:92:e0:63:cb:bf:6b:c2:f3:55:81:48:67:60:
51:b7:c7:75:ac:a0:51:ed:63:10:61:4f:5b:c6:03:
27:b3:3b:55:75:fb:c4:fa:39:25:0b:03:68:ee:c5:
78:1b:d9:ac:7f:6a:17:ca:88:79:d6:81:81:e6:e5:
9d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:A8:2C:78:CD:86:F6:7D:64:9A:D0:58:77:AE:3C:43:F1:37:65:04
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/43c1a5ad-fdf5-4445-9979-6eee105d7d50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:1040::/46
Signature Algorithm: sha256WithRSAEncryption
1f:91:fa:b4:1a:e8:d0:05:a4:eb:a0:4f:61:82:59:1c:03:fd:
7e:c0:ae:f2:64:65:4e:af:a1:ee:4a:37:35:5c:55:a2:a0:34:
76:54:a5:3a:2e:4c:88:46:ed:91:39:0e:3e:08:85:53:c2:29:
01:52:44:e7:9d:fc:a5:a8:4b:f4:fe:c7:3c:7f:eb:01:6c:40:
c2:55:9c:14:36:6d:fc:ba:79:2c:a2:4f:6d:59:cf:a1:d3:da:
8d:11:34:97:99:22:d5:bf:ed:6d:d6:68:ed:2e:fd:9b:a6:bc:
48:a5:81:c9:1d:20:93:42:e4:dd:a6:2e:00:b9:74:ec:6c:1b:
02:c4:61:a3:6f:ef:d4:ca:18:a0:0c:9a:42:9b:ea:76:49:4f:
68:13:76:5a:20:88:c3:50:0a:05:2b:09:86:73:28:6a:5a:8c:
50:0c:f8:85:ed:dd:ab:a7:ed:3e:36:08:64:67:bc:20:8a:08:
51:55:ae:60:80:26:b0:c0:1d:ba:0f:ad:ff:17:67:74:f5:d4:
e0:0c:41:98:b0:20:76:e9:03:2d:b6:5a:44:f9:bb:57:89:e9:
31:35:7a:19:1d:c3:ba:fc:ca:f4:21:2a:48:34:ed:48:f3:c2:
af:c2:54:c7:04:a7:b8:b5:a8:d9:8e:25:0b:cc:62:3a:d3:77:
8f:2b:eb:0c
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUOnm4Up2QFCt2rX15NYnM83KWT7swDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDdlZDVjODBlNjQwODVjNjRiNjhjMTMyNDAyOGM5M2E1YjBiMzA5ZmM0NzEy
ZDhjMmUzNzM2Njc4MDFmZDIxZmMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKabRKkhJ0jLDdGPGbHTU9ygpN6Wp/0QQINOScR4mrwgkSOfkJd/Q0ym+Vvv
WY2DfqXfAuxlUSMmGjcmX6r0hHG4oRfcezFUMXa6zK7vdds1EawXIFq/fy26MhhC
7X06XAzTjrcV7LD84RuV46Ok4n0y+Qv9wkfQXtpOpFQDBEy7LXCfe28qqEbG1ru2
AD1Jm8qoyzXhdp24Ig7J/V/+5vMuCP0wRMCZDeSQyeM6Bh9+xdtAZ9oNUuFa4hmr
lKIkVWfLV4OS4GPLv2vC81WBSGdgUbfHdaygUe1jEGFPW8YDJ7M7VXX7xPo5JQsD
aO7FeBvZrH9qF8qIedaBgeblnQMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRDqCx4
zYb2fWSa0Fh3rjxD8TdlBDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDNjMWE1YWQtZmRmNS00NDQ1LTk5NzktNmVlZTEwNWQ3ZDUwLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DAQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAH5H6tBro0AWk66BPYYJZHAP9fsCu8mRlTq+h
7ko3NVxVoqA0dlSlOi5MiEbtkTkOPgiFU8IpAVJE5538pahL9P7HPH/rAWxAwlWc
FDZt/Lp5LKJPbVnPodPajRE0l5ki1b/tbdZo7S79m6a8SKWByR0gk0Lk3aYuALl0
7GwbAsRho2/v1MoYoAyaQpvqdklPaBN2WiCIw1AKBSsJhnMoalqMUAz4he3dq6ft
PjYIZGe8IIoIUVWuYIAmsMAdug+t/xdndPXU4AxBmLAgdukDLbZaRPm7V4npMTV6
GR3DuvzK9CEqSDTtSPPCr8JUxwSnuLWo2Y4lC8xiOtN3jyvrDA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:10 2025 by rpki-client