Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/457f5cd1-e865-46b1-8b65-9fcf834c0e0a.roa
File: 457f5cd1-e865-46b1-8b65-9fcf834c0e0a.roa (raw, json)
Hash identifier: MEnFxpWVYlUmSXxE4RORZpkjpE1xOL0tY9ADLabXV40=
Subject key identifier: 4C:B4:94:04:F0:C3:1F:43:1F:83:3C:29:50:59:62:0D:B9:B6:B3:D1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 52F58D6FC552FF748D31940B15732CC389A1BF2E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/457f5cd1-e865-46b1-8b65-9fcf834c0e0a.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:50c0::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:f5:8d:6f:c5:52:ff:74:8d:31:94:0b:15:73:2c:c3:89:a1:bf:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=ac25e4aad1fb02fe4608edb8a14a0a428cc8c5f117c2664bc4fc5be788372f45, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:4a:c7:ae:c3:f7:b8:5e:f3:f2:ab:b5:4c:2c:
b9:ab:f3:f3:5d:a3:f1:56:47:14:25:33:8c:36:68:
46:aa:0d:62:53:7b:ef:8b:b6:fb:20:4b:13:42:e2:
5c:ed:9d:1a:e9:3f:0d:d1:e3:17:18:88:b7:2f:52:
73:b6:6f:ae:a5:d4:bc:8b:2b:54:ff:d6:66:02:04:
7c:5b:74:86:ae:b8:f7:48:ed:c1:9a:b4:dc:6b:19:
9e:53:5b:f1:5d:eb:b7:af:c8:e8:8b:08:8a:e3:09:
a1:b9:be:27:a6:80:e0:41:ea:22:19:f3:2d:bb:1e:
93:35:22:f4:03:30:17:30:27:26:46:60:f5:a1:13:
86:a3:b3:0c:6d:a5:09:cb:fb:c4:04:24:0c:e7:d6:
06:3e:45:8a:2c:e1:fd:8e:78:88:04:34:fa:c4:fb:
7b:9b:58:26:47:cc:96:9b:e2:b0:28:05:87:00:a0:
79:08:c0:cd:4b:1d:dc:d3:5e:8a:70:fa:9a:4f:7e:
bd:49:28:7a:79:02:44:4c:fd:78:f4:94:e4:ee:ed:
e8:90:ff:10:52:62:c0:fb:fc:af:95:af:78:2c:0f:
1f:bd:d2:67:8d:b7:40:d4:16:41:39:c2:a1:0a:44:
a3:bc:36:1d:93:ff:4b:51:92:90:b9:b6:ca:69:0b:
0c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:B4:94:04:F0:C3:1F:43:1F:83:3C:29:50:59:62:0D:B9:B6:B3:D1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/457f5cd1-e865-46b1-8b65-9fcf834c0e0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:50c0::/46
Signature Algorithm: sha256WithRSAEncryption
8f:5b:f0:bd:c7:8f:11:48:7c:8b:69:a0:3c:e8:5a:90:02:2b:
67:b8:27:e8:ce:80:4c:2d:af:70:c9:eb:70:37:0a:7d:80:8f:
b4:f7:28:71:b2:ed:58:37:f0:37:8b:8c:14:0e:6d:90:1c:3d:
5a:de:20:89:3e:52:d8:90:50:f6:1f:9c:c3:5a:3d:8a:d3:c6:
dd:c9:90:13:be:97:4d:cd:7e:be:bf:fa:5b:27:29:7d:5d:cf:
a4:24:05:f5:90:52:b3:28:67:23:53:9b:a5:80:c4:54:ab:63:
e8:4b:07:41:3c:b7:1a:23:ad:f2:8b:de:d5:fd:1e:aa:c2:8f:
d3:cc:58:33:56:58:16:5f:d4:eb:f8:34:61:82:e4:43:0b:71:
58:4c:9d:ee:42:66:06:db:15:ce:c9:09:34:1d:cf:8f:f2:85:
8e:e5:2f:c9:9c:2b:3b:cc:d0:4c:f4:6b:19:21:b3:4b:ba:29:
da:d1:3a:2d:0d:61:56:d4:52:79:12:9e:a3:cb:b1:6e:2b:03:
fa:44:53:fb:b4:a5:26:35:f0:6d:9c:47:4e:7e:f5:a4:c2:bf:
a1:cf:ef:de:3f:0a:c6:00:1e:1c:51:1e:70:ac:98:62:d2:eb:
f4:86:fb:9a:55:2c:0e:3f:d1:0f:dd:c9:5a:f0:a1:5d:17:cc:
b2:23:5f:24
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUUvWNb8VS/3SNMZQLFXMsw4mhvy4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGFjMjVlNGFhZDFmYjAyZmU0NjA4ZWRiOGExNGEwYTQyOGNjOGM1ZjExN2My
NjY0YmM0ZmM1YmU3ODgzNzJmNDUxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJxKx67D97he8/KrtUwsuavz812j8VZHFCUzjDZoRqoNYlN774u2+yBLE0Li
XO2dGuk/DdHjFxiIty9Sc7ZvrqXUvIsrVP/WZgIEfFt0hq6490jtwZq03GsZnlNb
8V3rt6/I6IsIiuMJobm+J6aA4EHqIhnzLbsekzUi9AMwFzAnJkZg9aEThqOzDG2l
Ccv7xAQkDOfWBj5Fiizh/Y54iAQ0+sT7e5tYJkfMlpvisCgFhwCgeQjAzUsd3NNe
inD6mk9+vUkoenkCREz9ePSU5O7t6JD/EFJiwPv8r5WveCwPH73SZ423QNQWQTnC
oQpEo7w2HZP/S1GSkLm2ymkLDFsCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRMtJQE
8MMfQx+DPClQWWINubaz0TAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDU3ZjVjZDEtZTg2NS00NmIxLThiNjUtOWZjZjgzNGMwZTBhLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DBQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAj1vwvcePEUh8i2mgPOhakAIrZ7gn6M6ATC2v
cMnrcDcKfYCPtPcocbLtWDfwN4uMFA5tkBw9Wt4giT5S2JBQ9h+cw1o9itPG3cmQ
E76XTc1+vr/6WycpfV3PpCQF9ZBSsyhnI1ObpYDEVKtj6EsHQTy3GiOt8ove1f0e
qsKP08xYM1ZYFl/U6/g0YYLkQwtxWEyd7kJmBtsVzskJNB3Pj/KFjuUvyZwrO8zQ
TPRrGSGzS7op2tE6LQ1hVtRSeRKeo8uxbisD+kRT+7SlJjXwbZxHTn71pMK/oc/v
3j8KxgAeHFEecKyYYtLr9Ib7mlUsDj/RD93JWvChXRfMsiNfJA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:27 2025 by rpki-client