Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c820f01-3562-4b93-8081-8c9b4d28a11c.roa
File: 1c820f01-3562-4b93-8081-8c9b4d28a11c.roa (raw, json)
Hash identifier: CyNmcin30PI+j4ed7xFyymc1JMFIUPMZeosIx+9FSSg=
Subject key identifier: 3C:CE:42:96:BA:41:D3:87:22:7C:80:92:9A:00:BA:3D:5C:C8:9C:1F
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1F5D0F43D54348F20B9F2714AB0EAB925A1FE138
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c820f01-3562-4b93-8081-8c9b4d28a11c.roa
Signing time: Mon 28 Apr 2025 15:40:36 +0000
ROA not before: Mon 28 Apr 2025 15:40:36 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:1000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1f:5d:0f:43:d5:43:48:f2:0b:9f:27:14:ab:0e:ab:92:5a:1f:e1:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:40:36 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=560117a76fb3aa5cd8d01ef9cf306f28b7f83eab478f3d87b40bab495687a6dc, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bd:b1:d8:f2:b4:29:c3:77:80:3f:4e:b5:2a:
fc:47:14:bf:bd:96:50:a2:c6:6f:8d:c0:3b:ad:46:
27:bf:f5:73:d3:4e:70:8b:02:ef:48:3e:bc:c7:7f:
77:09:29:fe:68:1c:ed:e0:94:04:bd:69:0d:df:fe:
c0:9e:3b:60:5f:11:41:ae:b9:9c:69:52:1f:2a:17:
4b:4f:3f:11:19:b6:0c:f6:e7:08:9c:32:47:a5:01:
68:68:11:6c:fd:b1:21:5c:da:5f:24:02:d4:6c:59:
b5:90:78:4d:5c:4e:a5:7e:20:21:da:c7:c9:f8:b6:
e6:eb:f0:01:41:23:3d:87:c7:3e:04:0d:50:f9:33:
e4:a9:7a:34:f6:cc:f9:8f:8a:40:f5:a4:31:00:6c:
53:fc:8d:f2:a3:fc:dc:27:a3:d1:55:ef:58:b8:fb:
50:20:9f:47:43:1d:b4:5f:3f:e6:64:19:70:d0:5c:
ab:91:20:3f:79:f8:dc:fa:4e:f0:23:a7:d8:db:6a:
2c:5a:1c:18:04:7e:40:7b:7f:15:7c:df:e0:e2:74:
6b:48:76:9c:30:3f:b5:c7:a2:90:93:a4:bb:71:fe:
cd:62:a2:6d:fa:3a:9b:35:1c:6d:3a:c3:7b:b7:5a:
c4:d7:82:e9:1e:e7:20:03:8f:0b:da:f6:19:ed:d6:
0b:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CE:42:96:BA:41:D3:87:22:7C:80:92:9A:00:BA:3D:5C:C8:9C:1F
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/1c820f01-3562-4b93-8081-8c9b4d28a11c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:1000::/40
Signature Algorithm: sha256WithRSAEncryption
a1:eb:d9:fb:20:08:7f:dd:52:86:89:a7:a8:14:61:4d:71:22:
47:62:55:16:cc:5d:7c:f2:11:b7:23:a6:a2:e7:f1:8f:6e:3f:
80:b0:e2:a8:d6:2a:ab:cf:0a:bc:b1:28:82:75:0b:c2:27:ca:
83:63:d1:41:f9:84:3d:b7:26:6b:b1:e9:8e:48:e7:60:8e:a8:
7e:4b:78:99:a5:e8:58:bb:99:84:98:9f:a7:b8:5f:90:b4:8e:
0b:c1:21:8f:3e:ee:ba:9c:44:fa:f8:b0:c9:a6:cd:ca:1f:66:
43:de:7f:b2:d4:c3:d9:f9:bb:67:ab:ed:9d:3e:c3:ce:f2:c8:
41:d8:45:9c:57:c8:fe:58:f2:0f:77:4e:15:30:1d:fb:b5:c0:
ca:d8:0a:b1:62:a2:30:34:51:b7:6d:c9:25:38:f0:bc:c6:63:
b7:36:52:85:95:7f:8f:c7:50:96:11:d5:30:f3:d9:96:b3:28:
a3:04:43:cb:16:d4:ef:47:df:8d:58:bb:a5:14:23:fa:94:c8:
75:4d:84:5f:66:f9:00:b5:db:a0:0d:b0:0c:a3:4d:6f:3a:f9:
69:32:a8:14:52:94:55:b9:e4:b5:80:c4:7b:b3:19:fa:af:9e:
ca:f4:5e:a6:6d:e6:3c:a3:d7:a2:7a:2e:6b:71:07:86:e8:3c:
b7:be:42:a4
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUH10PQ9VDSPILnycUqw6rklof4TgwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQwMzZaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDU2MDExN2E3NmZiM2FhNWNkOGQwMWVmOWNmMzA2ZjI4YjdmODNlYWI0Nzhm
M2Q4N2I0MGJhYjQ5NTY4N2E2ZGMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMK9sdjytCnDd4A/TrUq/EcUv72WUKLGb43AO61GJ7/1c9NOcIsC70g+vMd/
dwkp/mgc7eCUBL1pDd/+wJ47YF8RQa65nGlSHyoXS08/ERm2DPbnCJwyR6UBaGgR
bP2xIVzaXyQC1GxZtZB4TVxOpX4gIdrHyfi25uvwAUEjPYfHPgQNUPkz5Kl6NPbM
+Y+KQPWkMQBsU/yN8qP83Cej0VXvWLj7UCCfR0MdtF8/5mQZcNBcq5EgP3n43PpO
8COn2NtqLFocGAR+QHt/FXzf4OJ0a0h2nDA/tceikJOku3H+zWKibfo6mzUcbTrD
e7daxNeC6R7nIAOPC9r2Ge3WC50CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBQ8zkKW
ukHThyJ8gJKaALo9XMicHzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MWM4MjBmMDEtMzU2Mi00YjkzLTgwODEtOGM5YjRkMjhhMTFjLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkQ
MA0GCSqGSIb3DQEBCwUAA4IBAQCh69n7IAh/3VKGiaeoFGFNcSJHYlUWzF188hG3
I6ai5/GPbj+AsOKo1iqrzwq8sSiCdQvCJ8qDY9FB+YQ9tyZrsemOSOdgjqh+S3iZ
pehYu5mEmJ+nuF+QtI4LwSGPPu66nET6+LDJps3KH2ZD3n+y1MPZ+btnq+2dPsPO
8shB2EWcV8j+WPIPd04VMB37tcDK2AqxYqIwNFG3bcklOPC8xmO3NlKFlX+Px1CW
EdUw89mWsyijBEPLFtTvR9+NWLulFCP6lMh1TYRfZvkAtdugDbAMo01vOvlpMqgU
UpRVueS1gMR7sxn6r57K9F6mbeY8o9eiei5rcQeG6Dy3vkKk
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:10:49 2025 by rpki-client