Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7679349a-4375-4948-b036-c3ca617a471b.roa
File: 7679349a-4375-4948-b036-c3ca617a471b.roa (raw, json)
Hash identifier: KJ8mJsQ3+Pa+ox0jc19bcHgfavP6GncCJmbJQA2nyTg=
Subject key identifier: FE:9D:C4:88:82:1D:3C:96:DC:57:B8:D0:69:6C:54:88:D4:33:E2:B6
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7ECB0B9913247BD42070C8AAF714C398F0DEF0DF
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7679349a-4375-4948-b036-c3ca617a471b.roa
Signing time: Fri 14 Feb 2025 19:07:18 +0000
ROA not before: Fri 14 Feb 2025 19:07:18 +0000
ROA not after: Fri 21 Mar 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2a05:d01f::/36 maxlen: 36
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:cb:0b:99:13:24:7b:d4:20:70:c8:aa:f7:14:c3:98:f0:de:f0:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Feb 14 19:07:18 2025 GMT
Not After : Mar 21 23:59:59 2025 GMT
Subject: serialNumber=f9a86f7f9548bc1005725247e433519faebb735c9151fa7c8b94b811b38790ed, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:88:7d:a1:86:97:ac:e8:2f:45:73:7e:9f:73:
2f:b6:95:f0:66:6c:24:09:cb:d1:cd:08:58:31:5b:
46:06:15:0a:62:be:41:77:5c:36:72:ea:ed:d1:87:
ce:d3:c9:c5:e4:c8:55:2c:1f:64:7e:ec:a6:ce:eb:
0e:de:2e:05:7e:66:ed:3c:c0:4a:07:35:2e:24:18:
da:63:a2:04:61:38:f2:02:b8:4e:42:82:e0:65:fc:
31:b4:2c:71:06:6a:09:d3:31:43:c9:b9:4a:12:f3:
01:b1:1e:03:7e:b1:c7:d5:14:a6:97:7c:c0:2d:e5:
83:08:8a:01:9d:62:0a:6b:49:35:a4:44:bf:51:be:
e0:93:a6:17:74:6b:c3:42:45:29:dd:d7:07:d6:76:
43:29:68:66:82:dc:94:55:e3:8e:d5:a9:fc:fb:f8:
a8:3e:26:e7:5d:e2:25:7a:f1:e4:b0:3b:f7:fb:e4:
89:c4:a1:8d:36:e2:ae:d8:34:7b:26:01:ac:c4:cd:
61:f6:8a:34:c7:4c:b9:26:c4:15:40:27:32:b7:19:
10:1a:3c:55:3a:b2:ae:17:11:71:ba:6f:1a:11:d8:
7f:86:89:8e:ae:a3:b0:29:12:97:5a:4b:c4:dd:83:
df:a0:cd:f2:b7:85:8b:c0:cc:b0:99:14:fd:bf:01:
3a:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:9D:C4:88:82:1D:3C:96:DC:57:B8:D0:69:6C:54:88:D4:33:E2:B6
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/7679349a-4375-4948-b036-c3ca617a471b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d01f::/36
Signature Algorithm: sha256WithRSAEncryption
21:ce:92:31:92:cc:56:4e:6f:fb:6d:a7:ab:d4:9f:f0:6e:a8:
fc:54:d8:d3:57:df:b6:9f:4a:90:00:e2:fe:d3:db:13:47:34:
ff:24:0f:4c:aa:7b:5c:d1:0b:44:83:67:8c:af:45:f2:3a:70:
fe:7d:ff:67:d2:8d:17:e0:95:52:25:73:77:18:00:34:d9:93:
19:57:90:db:19:8d:e6:96:eb:51:b7:e4:06:e3:97:1a:e7:e6:
91:e0:1a:55:19:24:06:08:a9:7c:ce:5a:93:c1:20:36:bd:73:
9b:d5:7e:9a:87:30:54:8b:46:ba:d7:59:3d:fc:ee:44:e7:8d:
0b:df:a7:21:d3:d9:d1:67:81:54:fc:61:88:22:7c:2b:b7:4e:
93:02:8e:70:0e:f9:6a:8b:0b:f7:42:d7:fd:51:86:12:ef:6e:
4d:ff:d5:cd:7c:a2:c3:9c:95:c1:ea:ac:eb:dc:e5:47:27:0c:
86:77:32:d8:08:3a:27:da:8d:90:67:ab:e6:a3:15:e4:77:da:
00:0b:46:95:a0:dc:26:e0:bb:8c:69:c4:54:47:c8:a2:b3:dc:
fd:20:1b:cf:63:57:a7:e8:f1:bd:ef:bc:14:fc:ca:15:66:19:
4e:ba:83:46:09:45:5d:be:55:d3:6a:a6:b4:33:95:56:7d:d0:
d5:c4:75:77
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUfssLmRMke9QgcMiq9xTDmPDe8N8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAyMTQxOTA3MThaFw0yNTAzMjEyMzU5NTlaMHoxSTBHBgNV
BAUTQGY5YTg2ZjdmOTU0OGJjMTAwNTcyNTI0N2U0MzM1MTlmYWViYjczNWM5MTUx
ZmE3YzhiOTRiODExYjM4NzkwZWQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALGIfaGGl6zoL0Vzfp9zL7aV8GZsJAnL0c0IWDFbRgYVCmK+QXdcNnLq7dGH
ztPJxeTIVSwfZH7sps7rDt4uBX5m7TzASgc1LiQY2mOiBGE48gK4TkKC4GX8MbQs
cQZqCdMxQ8m5ShLzAbEeA36xx9UUppd8wC3lgwiKAZ1iCmtJNaREv1G+4JOmF3Rr
w0JFKd3XB9Z2QyloZoLclFXjjtWp/Pv4qD4m513iJXrx5LA79/vkicShjTbirtg0
eyYBrMTNYfaKNMdMuSbEFUAnMrcZEBo8VTqyrhcRcbpvGhHYf4aJjq6jsCkSl1pL
xN2D36DN8reFi8DMsJkU/b8BOsMCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBT+ncSI
gh08ltxXuNBpbFSI1DPitjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NzY3OTM0OWEtNDM3NS00OTQ4LWIwMzYtYzNjYTYxN2E0NzFiLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGBCoF0B8A
MA0GCSqGSIb3DQEBCwUAA4IBAQAhzpIxksxWTm/7baer1J/wbqj8VNjTV9+2n0qQ
AOL+09sTRzT/JA9Mqntc0QtEg2eMr0XyOnD+ff9n0o0X4JVSJXN3GAA02ZMZV5Db
GY3mlutRt+QG45ca5+aR4BpVGSQGCKl8zlqTwSA2vXOb1X6ahzBUi0a611k9/O5E
540L36ch09nRZ4FU/GGIInwrt06TAo5wDvlqiwv3Qtf9UYYS725N/9XNfKLDnJXB
6qzr3OVHJwyGdzLYCDon2o2QZ6vmoxXkd9oAC0aVoNwm4LuMacRUR8iis9z9IBvP
Y1en6PG977wU/MoVZhlOuoNGCUVdvlXTaqa0M5VWfdDVxHV3
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:49:21 2025 by rpki-client