Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1cd29bf-ff71-4969-8fd7-814c5338f267.roa
File: d1cd29bf-ff71-4969-8fd7-814c5338f267.roa (raw, json)
Hash identifier: Z+LI3i6OhXqyIrDklFwFWxlQE+acWkVhON0dIFDDF/E=
Subject key identifier: D2:E6:D2:A6:B1:D2:9C:35:4C:DE:32:E7:03:54:F8:5E:D2:C9:12:7B
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 31B376B5F0232DCF141B05A2BE75DF5DBDCA6426
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1cd29bf-ff71-4969-8fd7-814c5338f267.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:40c0::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:b3:76:b5:f0:23:2d:cf:14:1b:05:a2:be:75:df:5d:bd:ca:64:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=5a1bc3eb98a3201a5a825f038cf04fe38f6c79c4440082eb261a45351c9b9dcb, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:cd:8a:e1:7a:0a:ed:b1:8a:5e:9e:67:50:39:
6c:d4:52:5b:a1:be:c1:30:5b:c9:5f:41:60:ff:57:
d9:c6:94:69:b2:ee:6c:26:65:6b:51:9c:38:8b:2a:
e6:51:cf:6b:a8:6a:d3:9e:88:75:74:85:e7:89:7f:
cc:fc:8c:05:e3:81:f0:2e:a2:c8:a2:58:9a:1e:f5:
94:44:62:8b:de:71:7a:a8:60:21:45:f3:3b:ee:81:
44:d6:e9:5a:c7:ec:7b:3d:93:93:42:90:b1:aa:84:
e9:c7:18:0f:35:1e:38:da:e4:da:9e:82:b6:f6:7e:
16:c3:9d:ed:84:e7:83:a0:79:29:37:28:2f:1e:64:
b6:f0:65:51:2c:4d:44:50:a6:37:fe:5a:37:6a:28:
7e:95:a6:52:20:0c:61:1b:aa:14:d1:b7:23:46:38:
77:24:3e:33:9f:91:fb:9c:38:b7:0f:e0:9e:81:28:
fc:17:a4:0c:c5:a7:4b:ec:15:57:e9:51:df:c1:8b:
0f:ae:ff:ff:88:33:41:68:18:24:1f:68:3a:0c:03:
71:0f:99:3b:2c:33:55:f1:05:37:a3:ad:0c:67:d6:
fe:9a:43:84:6d:38:09:1e:10:67:96:fc:fb:52:b5:
19:2f:29:0c:31:96:83:02:07:1a:76:7a:89:11:83:
97:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:E6:D2:A6:B1:D2:9C:35:4C:DE:32:E7:03:54:F8:5E:D2:C9:12:7B
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/d1cd29bf-ff71-4969-8fd7-814c5338f267.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:40c0::/46
Signature Algorithm: sha256WithRSAEncryption
41:a1:fe:b2:55:9e:88:1a:37:d7:a8:4b:df:b2:0d:6d:c0:d6:
25:2f:7b:26:fd:16:a7:f8:05:dd:49:49:8b:68:0d:4e:0c:41:
a1:8f:95:1e:6b:82:5c:73:47:50:61:4a:49:2d:71:26:5c:45:
ac:41:9f:0c:e1:89:c0:42:4d:52:b2:b0:e1:88:80:92:99:70:
a2:20:48:0c:55:4e:ca:bb:0f:dc:c5:35:90:c5:a0:53:51:1f:
a5:a5:53:01:a6:e7:08:01:c1:d1:b5:f4:d2:00:e4:e3:a2:2a:
d0:03:03:0d:64:e6:d1:43:9f:e7:d1:ba:a3:f9:2f:b2:6d:dd:
42:1d:85:27:94:00:fd:c5:98:1c:05:97:81:bc:70:2b:7d:55:
bc:c3:05:57:5e:d0:d3:46:22:67:54:5a:b7:73:45:e5:d7:9c:
da:1a:99:c3:99:20:a5:02:60:e3:26:c4:e2:60:57:f5:29:3f:
94:eb:f1:c3:25:ad:e6:ca:21:96:72:0d:ba:82:6e:e7:ad:d7:
c7:2a:71:b6:fd:7c:60:e1:5c:41:f0:6a:a9:9d:14:0b:41:e1:
76:8e:8d:67:21:62:de:e8:c9:19:28:6c:bf:47:89:12:1c:9b:
ac:86:a7:1f:cc:d4:c2:1f:b3:f8:8e:d3:37:88:ac:87:9a:90:
aa:3a:8b:a5
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUMbN2tfAjLc8UGwWivnXfXb3KZCYwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAxMDgwMDAwMDBaFw0yNTAyMTIyMzU5NTlaMHoxSTBHBgNV
BAUTQDVhMWJjM2ViOThhMzIwMWE1YTgyNWYwMzhjZjA0ZmUzOGY2Yzc5YzQ0NDAw
ODJlYjI2MWE0NTM1MWM5YjlkY2IxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALrNiuF6Cu2xil6eZ1A5bNRSW6G+wTBbyV9BYP9X2caUabLubCZla1GcOIsq
5lHPa6hq056IdXSF54l/zPyMBeOB8C6iyKJYmh71lERii95xeqhgIUXzO+6BRNbp
Wsfsez2Tk0KQsaqE6ccYDzUeONrk2p6CtvZ+FsOd7YTng6B5KTcoLx5ktvBlUSxN
RFCmN/5aN2oofpWmUiAMYRuqFNG3I0Y4dyQ+M5+R+5w4tw/gnoEo/BekDMWnS+wV
V+lR38GLD67//4gzQWgYJB9oOgwDcQ+ZOywzVfEFN6OtDGfW/ppDhG04CR4QZ5b8
+1K1GS8pDDGWgwIHGnZ6iRGDl5MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBTS5tKm
sdKcNUzeMucDVPhe0skSezAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZDFjZDI5YmYtZmY3MS00OTY5LThmZDctODE0YzUzMzhmMjY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DBA
wDANBgkqhkiG9w0BAQsFAAOCAQEAQaH+slWeiBo316hL37INbcDWJS97Jv0Wp/gF
3UlJi2gNTgxBoY+VHmuCXHNHUGFKSS1xJlxFrEGfDOGJwEJNUrKw4YiAkplwoiBI
DFVOyrsP3MU1kMWgU1EfpaVTAabnCAHB0bX00gDk46Iq0AMDDWTm0UOf59G6o/kv
sm3dQh2FJ5QA/cWYHAWXgbxwK31VvMMFV17Q00YiZ1Rat3NF5dec2hqZw5kgpQJg
4ybE4mBX9Sk/lOvxwyWt5sohlnINuoJu563Xxypxtv18YOFcQfBqqZ0UC0Hhdo6N
ZyFi3ujJGShsv0eJEhybrIanH8zUwh+z+I7TN4ish5qQqjqLpQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:44:11 2025 by rpki-client