Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f37407f7-85a8-40b9-bf04-6649fb6b61b9.roa
File: f37407f7-85a8-40b9-bf04-6649fb6b61b9.roa (raw, json)
Hash identifier: Deoj/nup8RgppunrMBTx4hlWNMefyWzpzODrp0MuKS4=
Subject key identifier: A4:6B:45:E2:9D:22:15:3C:99:BD:BC:D4:6C:AD:73:E1:D3:96:2B:91
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 280DB73CD3BF5FA343C04227F4665CF763B66C55
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f37407f7-85a8-40b9-bf04-6649fb6b61b9.roa
Signing time: Wed 02 Apr 2025 18:52:08 +0000
ROA not before: Wed 02 Apr 2025 18:52:08 +0000
ROA not after: Wed 07 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d030:8c0::/46 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:0d:b7:3c:d3:bf:5f:a3:43:c0:42:27:f4:66:5c:f7:63:b6:6c:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 2 18:52:08 2025 GMT
Not After : May 7 23:59:59 2025 GMT
Subject: serialNumber=64afbdbf43fd464fbe79f7d0c1c980bb54c483d8590471dacf9dc1714ab5683d, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:d5:13:e5:ba:20:99:56:57:bb:ad:7e:26:43:
88:39:25:41:5a:9c:fb:bd:67:e3:72:23:b4:b8:0f:
ee:12:61:21:35:51:29:99:a6:71:35:99:da:85:2e:
bb:5a:43:73:d6:65:14:fe:64:67:a4:ef:3e:d4:4a:
34:db:58:4a:98:4d:d0:c8:f4:e8:a9:23:f7:d6:41:
b1:f3:04:64:20:f4:76:62:28:5f:77:e5:fb:99:ae:
07:cb:8d:4f:68:9a:51:21:19:8f:8d:3f:31:b0:0b:
76:08:cb:51:d4:92:d6:f0:ad:69:e8:66:9b:75:9d:
84:fa:2e:a9:5c:86:3d:e4:6f:83:23:85:27:28:a2:
91:b1:f9:bf:a7:67:2a:8d:8b:91:f6:53:cf:d0:4c:
91:77:ac:2a:13:a2:8c:38:5b:85:97:b9:e7:6e:25:
6e:14:3e:9b:c1:b9:83:90:b6:47:b5:1d:57:b1:01:
fb:57:9c:24:5a:b7:ee:c2:a3:00:7e:9b:1e:82:0f:
8d:32:7d:5a:26:4b:84:06:db:d1:34:90:2a:20:5a:
72:ca:2b:45:41:e4:73:64:96:7a:08:0c:eb:92:76:
54:e8:98:10:bf:57:3e:9b:d6:04:85:60:21:5f:f2:
9d:2c:d1:39:f3:af:20:b1:39:06:3a:38:99:42:7a:
da:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:6B:45:E2:9D:22:15:3C:99:BD:BC:D4:6C:AD:73:E1:D3:96:2B:91
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/f37407f7-85a8-40b9-bf04-6649fb6b61b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d030:8c0::/46
Signature Algorithm: sha256WithRSAEncryption
a4:6f:95:8a:50:b6:8b:43:09:aa:24:a1:79:40:07:4d:a8:af:
7c:53:61:46:69:2e:cb:22:4a:e0:8f:43:27:62:26:23:c6:08:
5c:13:01:69:55:c1:21:7a:a2:c3:9a:5a:bb:63:fe:b5:46:b8:
db:ce:00:a8:65:7d:7c:63:fb:79:40:19:28:2c:73:7f:df:63:
f2:65:04:a6:14:6b:d2:59:a7:2e:03:c9:22:00:17:fc:42:19:
2a:c7:f8:58:11:1a:05:5b:64:29:89:4e:ae:0c:4c:69:5f:e1:
f8:77:0e:90:13:cb:be:95:86:69:b1:f9:61:73:20:72:d9:83:
e7:1d:60:ba:c3:0b:b5:19:d8:4a:e3:16:66:a1:94:c8:17:a0:
58:2c:6a:2a:4c:77:f8:7a:b9:a5:74:64:3a:8f:1c:6d:30:a2:
b0:95:86:29:ff:81:fc:a7:be:a1:6b:6c:be:b5:01:eb:67:04:
4a:6a:7d:c7:96:81:ae:be:6d:fa:c1:c2:88:c1:fa:9e:5d:a1:
a6:67:64:90:27:77:66:20:eb:09:2d:9c:68:5e:09:18:b9:0d:
4a:f8:08:cb:00:56:0c:44:1b:7a:6c:11:00:0a:3e:e5:4f:dd:
dd:9d:e9:b1:0a:1b:02:dc:32:68:f7:19:16:c8:0e:27:ce:25:
62:94:07:6e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUKA23PNO/X6NDwEIn9GZc92O2bFUwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MDIxODUyMDhaFw0yNTA1MDcyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0YWZiZGJmNDNmZDQ2NGZiZTc5ZjdkMGMxYzk4MGJiNTRjNDgzZDg1OTA0
NzFkYWNmOWRjMTcxNGFiNTY4M2QxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALHVE+W6IJlWV7utfiZDiDklQVqc+71n43IjtLgP7hJhITVRKZmmcTWZ2oUu
u1pDc9ZlFP5kZ6TvPtRKNNtYSphN0Mj06Kkj99ZBsfMEZCD0dmIoX3fl+5muB8uN
T2iaUSEZj40/MbALdgjLUdSS1vCtaehmm3WdhPouqVyGPeRvgyOFJyiikbH5v6dn
Ko2LkfZTz9BMkXesKhOijDhbhZe5524lbhQ+m8G5g5C2R7UdV7EB+1ecJFq37sKj
AH6bHoIPjTJ9WiZLhAbb0TSQKiBacsorRUHkc2SWeggM65J2VOiYEL9XPpvWBIVg
IV/ynSzROfOvILE5Bjo4mUJ62lMCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBSka0Xi
nSIVPJm9vNRsrXPh05YrkTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
ZjM3NDA3ZjctODVhOC00MGI5LWJmMDQtNjY0OWZiNmI2MWI5LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHAioF0DAI
wDANBgkqhkiG9w0BAQsFAAOCAQEApG+VilC2i0MJqiSheUAHTaivfFNhRmkuyyJK
4I9DJ2ImI8YIXBMBaVXBIXqiw5pau2P+tUa4284AqGV9fGP7eUAZKCxzf99j8mUE
phRr0lmnLgPJIgAX/EIZKsf4WBEaBVtkKYlOrgxMaV/h+HcOkBPLvpWGabH5YXMg
ctmD5x1gusMLtRnYSuMWZqGUyBegWCxqKkx3+Hq5pXRkOo8cbTCisJWGKf+B/Ke+
oWtsvrUB62cESmp9x5aBrr5t+sHCiMH6nl2hpmdkkCd3ZiDrCS2caF4JGLkNSvgI
ywBWDEQbemwRAAo+5U/d3Z3psQobAtwyaPcZFsgOJ84lYpQHbg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:21 2025 by rpki-client