Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d6c805-f312-4cce-8017-ebfd2169880d.roa
File: 25d6c805-f312-4cce-8017-ebfd2169880d.roa (raw, json)
Hash identifier: xxI+7eBeJ1pNI4RpQA9dQmM31uUEVLQI8KRT4zhvg7w=
Subject key identifier: C2:EE:40:5B:81:84:95:F3:E5:CE:BA:60:46:BF:61:F3:E5:DE:60:5A
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 56E2286051034334F88B4116BB2195FAC8D400AE
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d6c805-f312-4cce-8017-ebfd2169880d.roa
Signing time: Mon 28 Apr 2025 15:40:28 +0000
ROA not before: Mon 28 Apr 2025 15:40:28 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:6000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:e2:28:60:51:03:43:34:f8:8b:41:16:bb:21:95:fa:c8:d4:00:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Apr 28 15:40:28 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=2f9e8ea2ab217ce014ff1d1213dde349d1b6254d3ed600a832cdf3a3d37eb038, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:e6:64:48:9c:c4:1a:66:ec:2e:03:15:2e:43:
f3:b2:f1:f5:89:3b:fb:7b:1b:ce:56:80:49:e9:a3:
57:d7:82:ad:1f:9b:ee:53:37:56:2e:3f:71:50:27:
69:1f:6d:ab:b7:78:2c:56:b6:f8:7e:45:41:70:42:
5c:f1:ff:b5:89:89:55:89:15:77:1a:00:b7:26:ab:
ee:f8:de:8f:65:07:99:cd:9d:ef:7d:32:f5:bb:d4:
13:75:41:96:17:dd:86:a1:d4:1b:4d:8b:06:18:cb:
a0:5c:40:7d:18:be:31:23:53:89:0d:fe:2e:ae:ed:
2f:39:bf:3e:58:b3:dd:79:be:8a:b4:94:48:47:5d:
e0:23:90:08:b2:18:08:94:5f:72:4f:9f:e9:a3:7c:
89:02:d6:14:e6:c4:9f:36:73:b8:17:b0:36:20:ad:
cf:61:ae:66:e4:78:50:2c:69:c7:9b:d5:ec:b8:32:
22:96:7c:96:56:89:94:10:41:50:9a:f5:46:fc:e3:
3c:5a:3f:7d:d1:2f:0a:81:35:9b:02:0c:f5:e0:3c:
53:cf:72:d1:ec:76:73:34:7d:ce:4d:09:c9:da:82:
51:a4:63:28:cd:cc:fa:de:41:8c:6a:76:fe:4e:fd:
af:eb:67:fb:77:81:0b:29:af:95:a4:0a:7f:2d:c5:
91:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:EE:40:5B:81:84:95:F3:E5:CE:BA:60:46:BF:61:F3:E5:DE:60:5A
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/25d6c805-f312-4cce-8017-ebfd2169880d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:6000::/40
Signature Algorithm: sha256WithRSAEncryption
b2:28:ff:f8:45:f0:d9:49:53:8c:56:fc:50:a9:2e:05:b2:4f:
07:4d:f4:97:c8:89:7b:06:b6:d0:47:74:3c:57:e4:ae:7c:45:
5a:cf:cc:fe:85:b0:d4:76:20:af:0f:49:42:da:0c:3d:27:f4:
00:c2:eb:08:d9:aa:41:cf:01:45:13:c6:35:97:b8:11:8a:58:
77:99:f7:46:4e:59:6b:03:7a:ab:a8:9f:81:45:00:43:0b:55:
90:73:1f:09:26:0f:73:2a:f7:77:ed:a9:e2:cb:ee:98:60:02:
99:a0:7f:78:30:4e:2f:86:fc:bb:e2:b1:6f:63:0c:22:e7:91:
47:6a:8d:58:88:10:49:41:3d:18:d2:ec:92:3b:f4:95:0d:80:
e2:8e:51:15:f0:38:a9:f7:ab:21:f0:76:4c:c1:c1:89:7e:3b:
d8:be:ff:11:21:95:ae:b3:eb:18:a9:4a:0a:14:46:2d:7d:49:
2f:b5:9e:20:ed:5f:55:88:df:bc:50:f3:38:2b:00:83:57:69:
d1:9c:8f:25:37:01:36:e3:0c:a7:b1:96:ab:c1:0d:97:f0:a2:
69:d7:70:77:0c:9e:ad:6d:eb:ba:61:59:69:90:ea:4e:01:1b:
c8:e0:56:7c:ad:61:32:d9:4b:03:e9:02:23:03:5c:d8:c2:e4:
33:84:55:4e
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUVuIoYFEDQzT4i0EWuyGV+sjUAK4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA0MjgxNTQwMjhaFw0yNTA2MDIyMzU5NTlaMHoxSTBHBgNV
BAUTQDJmOWU4ZWEyYWIyMTdjZTAxNGZmMWQxMjEzZGRlMzQ5ZDFiNjI1NGQzZWQ2
MDBhODMyY2RmM2EzZDM3ZWIwMzgxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAIPmZEicxBpm7C4DFS5D87Lx9Yk7+3sbzlaASemjV9eCrR+b7lM3Vi4/cVAn
aR9tq7d4LFa2+H5FQXBCXPH/tYmJVYkVdxoAtyar7vjej2UHmc2d730y9bvUE3VB
lhfdhqHUG02LBhjLoFxAfRi+MSNTiQ3+Lq7tLzm/Pliz3Xm+irSUSEdd4COQCLIY
CJRfck+f6aN8iQLWFObEnzZzuBewNiCtz2GuZuR4UCxpx5vV7LgyIpZ8llaJlBBB
UJr1RvzjPFo/fdEvCoE1mwIM9eA8U89y0ex2czR9zk0JydqCUaRjKM3M+t5BjGp2
/k79r+tn+3eBCymvlaQKfy3FkV8CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBTC7kBb
gYSV8+XOumBGv2Hz5d5gWjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MjVkNmM4MDUtZjMxMi00Y2NlLTgwMTctZWJmZDIxNjk4ODBkLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0Flg
MA0GCSqGSIb3DQEBCwUAA4IBAQCyKP/4RfDZSVOMVvxQqS4Fsk8HTfSXyIl7BrbQ
R3Q8V+SufEVaz8z+hbDUdiCvD0lC2gw9J/QAwusI2apBzwFFE8Y1l7gRilh3mfdG
TllrA3qrqJ+BRQBDC1WQcx8JJg9zKvd37aniy+6YYAKZoH94ME4vhvy74rFvYwwi
55FHao1YiBBJQT0Y0uySO/SVDYDijlEV8Dip96sh8HZMwcGJfjvYvv8RIZWus+sY
qUoKFEYtfUkvtZ4g7V9ViN+8UPM4KwCDV2nRnI8lNwE24wynsZarwQ2X8KJp13B3
DJ6tbeu6YVlpkOpOARvI4FZ8rWEy2UsD6QIjA1zYwuQzhFVO
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:16:35 2025 by rpki-client