Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd02533-af75-4bd1-a59b-3c307246c6f2.roa
File: 4dd02533-af75-4bd1-a59b-3c307246c6f2.roa (raw, json)
Hash identifier: GNDiYfFguwUIusdifVYV1aa2vHo19b+YN1buh3rUqz0=
Subject key identifier: FA:6C:16:63:4A:96:9E:51:04:24:83:F3:13:35:53:8C:D8:AE:31:C3
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7AD5D11768C6291B8BB00CDD935C3E88B08AF6E9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd02533-af75-4bd1-a59b-3c307246c6f2.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:1080::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:d5:d1:17:68:c6:29:1b:8b:b0:0c:dd:93:5c:3e:88:b0:8a:f6:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=c369d3f02e6d57cbccf97ab968e8ce9e115eb3e98b9168da547471eaca3b4249, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:8b:60:58:28:76:25:86:9d:e3:8b:c6:b3:bf:
7c:88:e4:75:88:2b:3e:23:57:42:d8:ae:53:b2:bc:
e7:33:6d:2f:96:e2:4c:ac:35:06:a2:bd:be:29:94:
54:88:c2:7b:57:a4:21:40:10:e5:af:cd:64:57:f9:
0f:b2:0e:0d:81:db:e2:a6:72:24:a9:76:44:db:24:
22:8a:e4:b1:eb:7a:78:f0:d4:26:67:dd:3e:19:ec:
f7:bb:80:2c:4a:c1:c5:ee:92:74:06:4b:f6:72:fe:
c4:d0:8d:bd:2b:06:44:49:7d:9f:bc:4c:c0:e8:78:
7a:3e:fe:66:e7:81:e2:e6:82:07:71:c5:af:d0:e0:
d8:75:5d:60:d6:3e:62:4b:21:9d:fa:02:23:e5:b4:
3c:6e:c1:4d:0d:01:eb:27:70:11:da:0d:77:1f:7f:
cd:8f:a6:4c:3e:fc:86:bc:8f:e6:6a:73:94:bd:dd:
be:d4:87:7a:2d:f5:c7:8c:6f:a8:ba:28:b4:c9:5c:
2c:05:d2:15:f3:f9:30:22:a6:d4:79:5e:6f:45:77:
94:c7:6c:a0:b1:10:3f:44:4e:1f:3f:93:88:1f:68:
3d:e7:14:08:1e:82:f1:60:e1:ae:3c:8c:6e:36:53:
93:ae:6c:d7:a6:96:15:f8:ed:8f:16:e0:de:aa:fb:
2b:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:6C:16:63:4A:96:9E:51:04:24:83:F3:13:35:53:8C:D8:AE:31:C3
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4dd02533-af75-4bd1-a59b-3c307246c6f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:1080::/46
Signature Algorithm: sha256WithRSAEncryption
82:f1:2b:37:b8:92:03:0f:23:0f:a6:ac:a6:79:1c:5e:b4:20:
e9:4a:0a:a2:e6:73:26:e3:31:1a:c5:b1:de:20:3d:b4:1e:fc:
10:40:b1:69:d3:04:b5:b6:e0:50:36:82:49:fc:bd:cd:91:5a:
b3:2d:64:c7:d2:a6:43:8a:d9:38:93:65:54:29:30:83:eb:f0:
7f:af:af:35:3f:0c:f7:ef:4b:24:e4:48:da:e7:d5:67:ed:5d:
fb:fa:ad:e1:ea:70:67:a9:61:68:1d:5a:82:18:54:19:a5:14:
3c:cd:ee:8e:42:77:9f:d4:69:2f:59:51:e7:f1:b2:59:34:83:
5e:8f:28:e3:57:66:17:11:28:e4:92:46:18:e7:6e:6c:6f:c4:
66:9a:06:1d:c8:ca:a5:0b:16:9b:82:74:3c:1e:53:48:b4:2e:
3c:b8:d6:09:62:08:21:c5:d6:99:f7:5e:cf:2f:8f:2e:0d:48:
6f:a0:e2:04:2d:19:40:d0:57:8e:01:f4:ef:bc:b4:a3:c7:76:
7d:d4:0e:af:26:28:70:2b:88:a1:cc:04:b0:44:29:ce:2d:b4:
ae:d6:92:a2:75:01:65:3d:e5:7f:bd:93:ed:46:77:01:21:91:
42:ba:80:c4:d8:4f:e1:27:0f:9e:e7:d0:f5:01:c5:3e:8f:a4:
75:aa:7b:8b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUetXRF2jGKRuLsAzdk1w+iLCK9ukwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGMzNjlkM2YwMmU2ZDU3Y2JjY2Y5N2FiOTY4ZThjZTllMTE1ZWIzZTk4Yjkx
NjhkYTU0NzQ3MWVhY2EzYjQyNDkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALuLYFgodiWGneOLxrO/fIjkdYgrPiNXQtiuU7K85zNtL5biTKw1BqK9vimU
VIjCe1ekIUAQ5a/NZFf5D7IODYHb4qZyJKl2RNskIorkset6ePDUJmfdPhns97uA
LErBxe6SdAZL9nL+xNCNvSsGREl9n7xMwOh4ej7+ZueB4uaCB3HFr9Dg2HVdYNY+
YkshnfoCI+W0PG7BTQ0B6ydwEdoNdx9/zY+mTD78hryP5mpzlL3dvtSHei31x4xv
qLootMlcLAXSFfP5MCKm1Hleb0V3lMdsoLEQP0ROHz+TiB9oPecUCB6C8WDhrjyM
bjZTk65s16aWFfjtjxbg3qr7K20CAwEAAaOCAiQwggIgMB0GA1UdDgQWBBT6bBZj
SpaeUQQkg/MTNVOM2K4xwzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGRkMDI1MzMtYWY3NS00YmQxLWE1OWItM2MzMDcyNDZjNmYyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DAQ
gDANBgkqhkiG9w0BAQsFAAOCAQEAgvErN7iSAw8jD6aspnkcXrQg6UoKouZzJuMx
GsWx3iA9tB78EECxadMEtbbgUDaCSfy9zZFasy1kx9KmQ4rZOJNlVCkwg+vwf6+v
NT8M9+9LJORI2ufVZ+1d+/qt4epwZ6lhaB1aghhUGaUUPM3ujkJ3n9RpL1lR5/Gy
WTSDXo8o41dmFxEo5JJGGOdubG/EZpoGHcjKpQsWm4J0PB5TSLQuPLjWCWIIIcXW
mfdezy+PLg1Ib6DiBC0ZQNBXjgH077y0o8d2fdQOryYocCuIocwEsEQpzi20rtaS
onUBZT3lf72T7UZ3ASGRQrqAxNhP4ScPnufQ9QHFPo+kdap7iw==
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:06 2025 by rpki-client