Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87432496-163c-4a4c-8ecc-dd18db4ac5d3.roa
File: 87432496-163c-4a4c-8ecc-dd18db4ac5d3.roa (raw, json)
Hash identifier: J9NklJ/r0lYXBOBSnW/ilpuUkewfL3P+aycKsUFQS9I=
Subject key identifier: 72:F8:94:EA:8D:10:AA:CE:B3:73:70:F8:DF:F2:39:C3:49:69:26:8F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6F8585A96EC10D3C7ADFF9A2DD209D3CA2E5AD6F
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87432496-163c-4a4c-8ecc-dd18db4ac5d3.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:90c0::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6f:85:85:a9:6e:c1:0d:3c:7a:df:f9:a2:dd:20:9d:3c:a2:e5:ad:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=e9fba1ebeb9b0d9f94a33a9c0ad7b5d9ca7a7cd529fa73bb75cc8fcd20f49367, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ef:77:27:6c:76:33:e3:e1:52:74:d2:f4:12:
f1:01:9b:d7:ed:1f:e2:ae:63:bf:aa:ae:c8:b2:6f:
f9:44:80:00:36:54:96:79:97:18:11:db:ec:07:1e:
94:84:f6:21:53:36:6b:f2:07:6a:ee:f8:5e:3a:77:
c8:68:0c:77:5d:48:f3:4c:a7:a3:7b:4c:85:0c:7a:
03:4f:7a:fc:fb:25:e5:1b:b0:03:12:50:a6:78:3e:
be:7e:ad:6b:97:d0:25:ac:15:bc:fc:d0:8a:bc:7f:
6b:0c:45:f6:8f:e4:70:7c:72:c7:7a:9f:78:c0:fb:
14:9b:4e:ec:16:c1:1b:ab:0e:c3:f0:9a:66:67:5c:
70:7d:f6:e4:b8:82:99:58:9c:41:e1:86:96:98:ff:
8f:51:4c:3a:c3:37:86:1c:95:94:45:f5:b1:8e:ba:
ad:3e:00:4d:70:a3:96:c9:06:b1:b1:de:e1:6a:c7:
63:b0:fa:53:20:58:50:93:99:5f:e5:dd:e5:3f:9a:
71:9a:14:11:34:8d:c0:ec:ab:c4:56:08:7b:98:ea:
ae:ec:9f:87:a7:1b:a0:ef:51:03:bd:63:71:c9:75:
51:15:dc:7a:79:c9:1f:f9:50:cf:a3:c3:6f:c1:d8:
4b:aa:88:60:1b:6b:51:1c:8d:40:ce:09:76:8a:59:
5f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:F8:94:EA:8D:10:AA:CE:B3:73:70:F8:DF:F2:39:C3:49:69:26:8F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/87432496-163c-4a4c-8ecc-dd18db4ac5d3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:90c0::/46
Signature Algorithm: sha256WithRSAEncryption
8f:ca:43:b0:fc:09:62:6e:43:b8:cc:13:a4:1f:66:bf:15:dc:
10:d5:e7:09:3b:ac:3a:eb:45:af:e8:ed:d6:df:a2:41:9c:5a:
8d:82:62:6c:6c:f1:ea:43:9b:d9:bc:8b:2f:72:19:59:f1:91:
45:0d:31:94:e8:f0:58:e2:c3:3c:40:f1:d7:55:75:12:1f:84:
de:01:6a:3d:64:0f:bf:e5:19:a7:f5:22:0b:19:04:68:cb:fa:
e0:39:7c:18:b6:11:13:23:85:7e:bd:7b:aa:f0:72:c9:a6:83:
d2:6c:9b:1e:c5:74:0f:98:d0:85:40:c6:49:19:c7:57:fb:22:
8b:5a:dd:16:7b:a0:05:0e:39:11:b3:8a:d4:23:6a:87:3c:e1:
65:a0:24:da:18:66:8b:01:33:06:fd:90:d6:29:63:8f:01:2f:
be:13:cb:ab:45:22:ee:ef:82:4d:be:5a:90:72:bc:04:b8:4b:
fc:e8:10:71:06:41:97:97:42:56:04:66:8a:d6:90:5a:36:56:
ff:91:6c:56:62:1a:62:11:1f:9b:43:cf:9a:d8:e2:cd:e7:58:
59:f5:db:59:b5:47:f9:87:9a:b3:ac:0a:a1:b1:a2:93:00:52:
63:95:d2:97:f6:a8:3f:4b:70:29:b3:55:5f:ea:4e:35:5e:be:
ee:d4:79:ae
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUb4WFqW7BDTx63/mi3SCdPKLlrW8wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQGU5ZmJhMWViZWI5YjBkOWY5NGEzM2E5YzBhZDdiNWQ5Y2E3YTdjZDUyOWZh
NzNiYjc1Y2M4ZmNkMjBmNDkzNjcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMzvdydsdjPj4VJ00vQS8QGb1+0f4q5jv6quyLJv+USAADZUlnmXGBHb7Ace
lIT2IVM2a/IHau74Xjp3yGgMd11I80yno3tMhQx6A096/Psl5RuwAxJQpng+vn6t
a5fQJawVvPzQirx/awxF9o/kcHxyx3qfeMD7FJtO7BbBG6sOw/CaZmdccH325LiC
mVicQeGGlpj/j1FMOsM3hhyVlEX1sY66rT4ATXCjlskGsbHe4WrHY7D6UyBYUJOZ
X+Xd5T+acZoUETSNwOyrxFYIe5jqruyfh6cboO9RA71jccl1URXcennJH/lQz6PD
b8HYS6qIYBtrURyNQM4JdopZX9kCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRy+JTq
jRCqzrNzcPjf8jnDSWkmjzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODc0MzI0OTYtMTYzYy00YTRjLThlY2MtZGQxOGRiNGFjNWQzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DCQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAj8pDsPwJYm5DuMwTpB9mvxXcENXnCTusOutF
r+jt1t+iQZxajYJibGzx6kOb2byLL3IZWfGRRQ0xlOjwWOLDPEDx11V1Eh+E3gFq
PWQPv+UZp/UiCxkEaMv64Dl8GLYREyOFfr17qvByyaaD0mybHsV0D5jQhUDGSRnH
V/sii1rdFnugBQ45EbOK1CNqhzzhZaAk2hhmiwEzBv2Q1iljjwEvvhPLq0Ui7u+C
Tb5akHK8BLhL/OgQcQZBl5dCVgRmitaQWjZW/5FsVmIaYhEfm0PPmtjizedYWfXb
WbVH+Yeas6wKobGikwBSY5XSl/aoP0twKbNVX+pONV6+7tR5rg==
-----END CERTIFICATE-----
Generated at Sat Apr 26 19:49:36 2025 by rpki-client