Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65e89521-4466-4028-9fe5-8fee1d77c3eb.roa
File: 65e89521-4466-4028-9fe5-8fee1d77c3eb.roa (raw, json)
Hash identifier: E1fdUqKRCc2gk8ufYFfB/7iQjrtgcmEpgR4pNKBiBTI=
Subject key identifier: CA:BE:3D:BF:8D:2D:3B:72:D2:2C:A4:50:D2:0F:03:4A:DC:91:7E:A1
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 144352B78FBDF4E5F6770CB9AE8C5B52B4D90F96
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65e89521-4466-4028-9fe5-8fee1d77c3eb.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:b000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:43:52:b7:8f:bd:f4:e5:f6:77:0c:b9:ae:8c:5b:52:b4:d9:0f:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=3ad6dd2714bf788383e6b9c5916a73c4290ef67db5b23e2d11fc69a1bd440fa9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:1e:dd:a7:4d:2a:03:a3:29:e6:7c:28:d7:cf:
c8:80:c3:b0:98:d8:f4:c9:3a:26:94:69:b3:22:2d:
b1:d6:d1:e3:d4:71:93:97:0c:63:68:dc:76:f9:22:
0a:ed:d7:de:b7:45:1b:1c:29:c1:83:04:ae:30:8d:
ff:c2:08:1e:f3:23:ef:d0:9d:09:93:a4:57:0d:a9:
56:a7:47:08:e5:51:0d:df:00:2b:a7:13:1c:c7:cb:
e9:62:12:cd:2f:8a:e5:07:51:4f:0b:e5:6c:bd:a6:
71:f2:b9:6d:a7:9d:8f:2b:02:98:71:fd:bd:a6:5f:
c3:ae:eb:86:25:7b:33:ff:04:63:f0:be:7c:55:2a:
6d:c6:40:0a:40:3c:f3:b3:27:e6:90:98:e0:70:81:
e3:d8:db:88:c5:0c:bd:46:a3:e4:6d:c8:17:41:7e:
a4:f0:42:d4:be:94:75:25:30:5d:31:83:6e:64:af:
8a:4a:68:54:37:3d:c0:ac:60:95:8e:ee:3a:b2:8a:
d9:4d:e9:b8:bc:e4:e0:57:0b:54:0d:a9:ae:e6:d4:
c4:93:6b:c6:59:8f:61:c5:8e:6b:e7:b4:64:b5:5f:
f5:15:79:39:85:2e:b6:2d:56:f6:f5:6b:fe:e7:85:
f1:39:28:3b:02:be:6c:3a:9c:f9:fc:4a:1c:e3:57:
9b:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:BE:3D:BF:8D:2D:3B:72:D2:2C:A4:50:D2:0F:03:4A:DC:91:7E:A1
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/65e89521-4466-4028-9fe5-8fee1d77c3eb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:b000::/40
Signature Algorithm: sha256WithRSAEncryption
2d:6c:e5:4f:e0:9e:65:e8:0a:86:9a:91:2a:b3:2a:0b:30:96:
fa:ec:a7:da:5f:6e:f3:aa:ee:85:19:0e:fc:f9:3b:6c:2b:6f:
dc:92:f7:fc:7a:b9:84:97:58:07:cd:c3:55:31:13:99:09:d8:
0e:f9:ad:d2:57:ae:dc:a3:85:42:b7:8a:fd:88:01:30:3f:2b:
66:00:15:89:cd:54:fb:cf:17:70:f5:c3:ac:22:4b:be:e5:de:
69:cf:ab:40:b1:51:39:17:56:ea:30:0a:ca:65:3c:47:8b:a6:
f3:50:e2:42:2f:8e:72:ed:c1:fb:20:c0:5b:30:e3:c1:30:df:
06:e0:65:a8:30:49:43:dd:9c:a7:db:02:1e:14:0d:8d:41:b9:
a6:fe:c3:e4:7d:07:ee:56:f6:e4:b3:11:66:7c:1c:0a:30:73:
af:0d:07:60:bf:bc:41:1d:af:72:80:b0:a3:e3:d6:42:fd:96:
37:0d:b0:3f:26:1f:c9:a8:2e:c6:ee:6c:b0:8b:46:e9:36:82:
27:65:0c:b7:fc:7a:1a:83:1c:9f:6c:93:6e:0e:c4:0b:e8:08:
59:e2:c2:72:ce:89:73:5d:fc:89:d0:00:dd:59:0f:8a:3a:8e:
37:b9:29:d1:67:e4:36:59:7c:bc:dd:3e:f6:26:59:26:a5:3c:
d1:38:34:da
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUFENSt4+99OX2dwy5roxbUrTZD5YwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhZDZkZDI3MTRiZjc4ODM4M2U2YjljNTkxNmE3M2M0MjkwZWY2N2RiNWIy
M2UyZDExZmM2OWExYmQ0NDBmYTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALEe3adNKgOjKeZ8KNfPyIDDsJjY9Mk6JpRpsyItsdbR49Rxk5cMY2jcdvki
Cu3X3rdFGxwpwYMErjCN/8IIHvMj79CdCZOkVw2pVqdHCOVRDd8AK6cTHMfL6WIS
zS+K5QdRTwvlbL2mcfK5baedjysCmHH9vaZfw67rhiV7M/8EY/C+fFUqbcZACkA8
87Mn5pCY4HCB49jbiMUMvUaj5G3IF0F+pPBC1L6UdSUwXTGDbmSvikpoVDc9wKxg
lY7uOrKK2U3puLzk4FcLVA2prubUxJNrxlmPYcWOa+e0ZLVf9RV5OYUuti1W9vVr
/ueF8TkoOwK+bDqc+fxKHONXmxECAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTKvj2/
jS07ctIspFDSDwNK3JF+oTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NjVlODk1MjEtNDQ2Ni00MDI4LTlmZTUtOGZlZTFkNzdjM2ViLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0DCw
MA0GCSqGSIb3DQEBCwUAA4IBAQAtbOVP4J5l6AqGmpEqsyoLMJb67KfaX27zqu6F
GQ78+TtsK2/ckvf8ermEl1gHzcNVMROZCdgO+a3SV67co4VCt4r9iAEwPytmABWJ
zVT7zxdw9cOsIku+5d5pz6tAsVE5F1bqMArKZTxHi6bzUOJCL45y7cH7IMBbMOPB
MN8G4GWoMElD3Zyn2wIeFA2NQbmm/sPkfQfuVvbksxFmfBwKMHOvDQdgv7xBHa9y
gLCj49ZC/ZY3DbA/Jh/JqC7G7mywi0bpNoInZQy3/HoagxyfbJNuDsQL6AhZ4sJy
zolzXfyJ0ADdWQ+KOo43uSnRZ+Q2WXy83T72JlkmpTzRODTa
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:13 2025 by rpki-client