Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8876a4ac-b484-42e6-9d3d-babfed60f0a2.roa
File: 8876a4ac-b484-42e6-9d3d-babfed60f0a2.roa (raw, json)
Hash identifier: LyaQXdh3/AFLlcilfSOk29C4Kr9DHM/Z0q4Ax9RUddQ=
Subject key identifier: D2:AF:64:B5:42:F0:DA:BB:E4:34:46:D9:FB:0F:21:10:47:2C:17:16
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F9BF26FA8F337F1A6A085EB1CD55E3578690DE9
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8876a4ac-b484-42e6-9d3d-babfed60f0a2.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d03a:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:9b:f2:6f:a8:f3:37:f1:a6:a0:85:eb:1c:d5:5e:35:78:69:0d:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=76513b26b7c4450498eee3849934146b1ddef0015210b2c2047b51c673f93ddc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:46:66:bf:a3:42:b1:30:f0:ca:e9:e0:98:d6:
1b:22:9b:29:a0:e4:78:3b:e2:9f:89:c3:5e:9b:ce:
c2:e8:24:16:93:6d:67:38:73:3c:2a:84:19:07:be:
bd:a6:61:0e:55:d9:4f:89:8e:6b:8e:26:03:8a:83:
d1:11:14:0c:46:19:ce:56:eb:8a:0e:18:e6:c9:fb:
b6:db:44:ff:8d:8a:44:52:65:16:56:43:1d:e0:1b:
9d:ae:36:52:8e:ea:11:6f:c1:03:38:47:2b:7e:74:
2a:47:be:d7:3a:cc:18:37:59:cf:17:7e:46:97:bf:
66:da:7f:49:74:99:ee:90:24:4e:f8:57:ad:a8:68:
f6:3e:86:d6:07:1c:26:65:1b:cf:47:42:d2:c0:26:
59:1c:a9:67:75:e7:05:52:02:0c:6d:11:1f:65:49:
fc:df:cd:8c:2a:8e:d2:48:b7:88:cf:4f:81:e4:20:
2e:73:b4:b0:1d:b5:2b:bb:73:00:0d:ae:25:24:a1:
dc:b8:f3:fe:fe:87:12:d9:83:38:4a:a3:89:1c:ed:
9a:7c:59:9c:af:bf:57:16:a1:53:cf:5a:10:04:40:
56:5c:03:16:43:0f:64:90:74:af:13:22:32:3b:b2:
00:db:89:68:8f:de:21:9c:79:ea:55:32:25:e2:f4:
55:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:AF:64:B5:42:F0:DA:BB:E4:34:46:D9:FB:0F:21:10:47:2C:17:16
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/8876a4ac-b484-42e6-9d3d-babfed60f0a2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d03a:b000::/40
Signature Algorithm: sha256WithRSAEncryption
06:72:0d:fc:19:65:2c:71:5e:8a:ee:98:9e:96:2e:c7:01:dc:
f8:c8:5c:ea:28:5b:05:fa:76:fe:37:75:c9:dc:4b:37:26:a7:
18:d7:92:84:5c:f0:d0:6b:83:4d:f5:6c:ed:a4:bb:aa:aa:42:
74:d1:61:47:27:36:75:0c:01:72:70:f6:ec:ab:b8:02:98:14:
f4:5b:e6:e5:c1:95:3d:12:0a:db:cf:c6:0f:e1:be:3c:44:8a:
25:31:2c:47:80:4b:17:fd:ab:20:c8:69:1f:3c:43:b9:61:bc:
ea:31:5e:6b:19:79:3b:84:c2:98:f9:97:55:79:22:cb:da:88:
17:ef:e7:43:db:2a:e0:13:4e:6b:72:27:bf:e0:ee:f7:bb:36:
73:81:c2:9d:ef:7e:99:bb:c9:90:8c:08:a2:1f:e0:ad:c4:7a:
ed:8c:6b:cd:96:7f:e1:59:a0:23:41:03:29:a6:0c:d8:36:f2:
35:68:bc:36:3a:96:3d:2a:d7:52:78:95:00:49:cb:da:fd:ef:
01:f1:ae:9d:33:ad:18:ae:ea:38:6d:40:d5:c9:ee:7f:9c:d9:
c6:71:cd:8f:4a:4b:b2:39:e8:2d:ca:20:b6:81:4b:e3:cc:f1:
db:15:da:d4:00:bb:41:2e:55:95:99:23:f5:9e:80:8b:fb:b6:
8b:81:4c:ac
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH5vyb6jzN/GmoIXrHNVeNXhpDekwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDYwMDAwMDBaFw0yNTAyMTAyMzU5NTlaMHoxSTBHBgNV
BAUTQDc2NTEzYjI2YjdjNDQ1MDQ5OGVlZTM4NDk5MzQxNDZiMWRkZWYwMDE1MjEw
YjJjMjA0N2I1MWM2NzNmOTNkZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAJ5GZr+jQrEw8Mrp4JjWGyKbKaDkeDvin4nDXpvOwugkFpNtZzhzPCqEGQe+
vaZhDlXZT4mOa44mA4qD0REUDEYZzlbrig4Y5sn7tttE/42KRFJlFlZDHeAbna42
Uo7qEW/BAzhHK350Kke+1zrMGDdZzxd+Rpe/Ztp/SXSZ7pAkTvhXraho9j6G1gcc
JmUbz0dC0sAmWRypZ3XnBVICDG0RH2VJ/N/NjCqO0ki3iM9PgeQgLnO0sB21K7tz
AA2uJSSh3Ljz/v6HEtmDOEqjiRztmnxZnK+/VxahU89aEARAVlwDFkMPZJB0rxMi
MjuyANuJaI/eIZx56lUyJeL0VacCAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTSr2S1
QvDau+Q0Rtn7DyEQRywXFjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ODg3NmE0YWMtYjQ4NC00MmU2LTlkM2QtYmFiZmVkNjBmMGEyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Dqw
MA0GCSqGSIb3DQEBCwUAA4IBAQAGcg38GWUscV6K7pieli7HAdz4yFzqKFsF+nb+
N3XJ3Es3JqcY15KEXPDQa4NN9WztpLuqqkJ00WFHJzZ1DAFycPbsq7gCmBT0W+bl
wZU9Egrbz8YP4b48RIolMSxHgEsX/asgyGkfPEO5YbzqMV5rGXk7hMKY+ZdVeSLL
2ogX7+dD2yrgE05rcie/4O73uzZzgcKd736Zu8mQjAiiH+CtxHrtjGvNln/hWaAj
QQMppgzYNvI1aLw2OpY9KtdSeJUAScva/e8B8a6dM60Yruo4bUDVye5/nNnGcc2P
SkuyOegtyiC2gUvjzPHbFdrUALtBLlWVmSP1noCL+7aLgUys
-----END CERTIFICATE-----
Generated at Sat Apr 26 12:46:09 2025 by rpki-client