Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c1d8e8d-582a-4cac-86e1-f27d0bc3d7b6.roa
File: 4c1d8e8d-582a-4cac-86e1-f27d0bc3d7b6.roa (raw, json)
Hash identifier: k9Xtv5uAKgjQdn7Zif8H0bTwoqUUkbvk+RSO9ITLPzA=
Subject key identifier: 69:75:C4:14:A8:DE:11:BF:05:26:6B:1C:98:8E:BB:8B:C9:84:71:03
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 7450E4C4F1A962B31E718863A0D52E832C096859
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c1d8e8d-582a-4cac-86e1-f27d0bc3d7b6.roa
Signing time: Mon 31 Mar 2025 19:00:11 +0000
ROA not before: Mon 31 Mar 2025 19:00:11 +0000
ROA not after: Mon 05 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:8080::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:50:e4:c4:f1:a9:62:b3:1e:71:88:63:a0:d5:2e:83:2c:09:68:59
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Mar 31 19:00:11 2025 GMT
Not After : May 5 23:59:59 2025 GMT
Subject: serialNumber=a9299a1c672ec51a64ea85b670bfafafaf26c522441d50cd033b546dbc19529c, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:5c:fa:76:90:a2:fa:36:94:ea:ad:27:5d:68:
13:46:a1:ec:77:d6:47:2c:34:67:cf:93:fc:8e:0b:
f0:62:1f:79:85:70:a3:a1:02:81:c7:10:00:7b:29:
6b:15:dd:24:b8:ca:30:1b:67:98:8c:7f:08:60:bd:
a9:a6:95:f8:be:8a:96:d5:6d:27:58:db:42:f9:18:
0e:ae:bd:ed:41:8a:dd:8b:2e:e9:81:12:f3:7a:0d:
1f:a1:ee:fc:83:34:b7:69:e7:37:f7:95:62:ba:8a:
e3:7d:31:51:78:48:aa:9a:c5:95:94:cc:ec:00:91:
13:3f:27:d6:7c:90:36:24:c1:8f:0b:d3:2e:22:a4:
bd:ab:45:fc:12:13:83:68:96:2d:6f:4d:d5:ba:d5:
a9:04:0b:02:56:22:13:90:68:ef:59:38:3f:8c:d1:
cc:f9:5f:05:cd:0c:0b:3b:5e:6e:8c:26:ed:f7:3f:
e6:01:c9:fe:cd:a7:d6:7a:72:92:1c:bd:da:28:24:
67:95:a0:e8:ce:cf:6c:c9:1e:e3:fe:60:e4:5c:94:
42:d6:fe:c6:83:61:76:09:b6:df:7d:8c:5c:d3:d9:
27:a5:58:4c:9c:8f:d6:55:15:b4:83:04:5e:79:0e:
8c:b1:39:c3:29:50:34:4e:1a:ee:d9:6f:f7:6b:1e:
f4:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:75:C4:14:A8:DE:11:BF:05:26:6B:1C:98:8E:BB:8B:C9:84:71:03
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/4c1d8e8d-582a-4cac-86e1-f27d0bc3d7b6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:8080::/48
Signature Algorithm: sha256WithRSAEncryption
14:98:d7:11:19:53:04:57:9a:74:d0:de:c8:35:02:dd:f5:84:
71:e2:95:21:79:69:4d:01:e4:e0:d6:5c:4f:0d:4f:53:13:dd:
a7:c3:23:2f:94:13:bf:88:e5:c8:31:f0:35:ae:ac:04:ae:e3:
63:d9:02:93:3f:43:99:b1:04:5d:12:ce:ea:5d:40:78:d3:85:
a4:d1:e6:97:eb:13:ca:56:72:d8:f4:40:f3:d8:55:a2:e7:7d:
df:be:79:ca:98:8d:bb:6a:f6:c2:35:9d:a8:5f:4c:30:48:96:
a8:16:9b:75:d3:69:0a:66:55:d6:f8:ef:b4:74:67:bc:ce:26:
1e:27:03:84:45:2a:7c:8d:32:a6:a4:ff:92:0a:99:0f:0e:d1:
d4:ae:81:7d:d2:4b:f8:97:35:4e:7c:b4:14:1a:e7:a9:2f:ff:
db:de:91:15:2a:60:bd:4e:1e:dc:94:1f:5e:08:26:65:65:b1:
b4:2a:fe:4e:a6:2b:84:d0:0a:5a:ad:43:e3:d9:6a:2f:a9:ba:
2f:87:5a:f7:a6:75:19:ba:45:e0:39:cb:02:b3:f1:23:71:8c:
7a:ce:de:2f:eb:a7:5c:97:4e:e9:05:ae:a9:0e:fe:36:ee:58:
da:99:9e:0b:0d:58:54:3a:0d:47:c0:c9:c0:3a:3d:39:83:67:
64:86:fa:e0
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUdFDkxPGpYrMecYhjoNUugywJaFkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTAzMzExOTAwMTFaFw0yNTA1MDUyMzU5NTlaMHoxSTBHBgNV
BAUTQGE5Mjk5YTFjNjcyZWM1MWE2NGVhODViNjcwYmZhZmFmYWYyNmM1MjI0NDFk
NTBjZDAzM2I1NDZkYmMxOTUyOWMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAN9c+naQovo2lOqtJ11oE0ah7HfWRyw0Z8+T/I4L8GIfeYVwo6ECgccQAHsp
axXdJLjKMBtnmIx/CGC9qaaV+L6KltVtJ1jbQvkYDq697UGK3Ysu6YES83oNH6Hu
/IM0t2nnN/eVYrqK430xUXhIqprFlZTM7ACREz8n1nyQNiTBjwvTLiKkvatF/BIT
g2iWLW9N1brVqQQLAlYiE5Bo71k4P4zRzPlfBc0MCztebowm7fc/5gHJ/s2n1npy
khy92igkZ5Wg6M7PbMke4/5g5FyUQtb+xoNhdgm2332MXNPZJ6VYTJyP1lUVtIME
XnkOjLE5wylQNE4a7tlv92se9JkCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRpdcQU
qN4RvwUmaxyYjruLyYRxAzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NGMxZDhlOGQtNTgyYS00Y2FjLTg2ZTEtZjI3ZDBiYzNkN2I2LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSA
gDANBgkqhkiG9w0BAQsFAAOCAQEAFJjXERlTBFeadNDeyDUC3fWEceKVIXlpTQHk
4NZcTw1PUxPdp8MjL5QTv4jlyDHwNa6sBK7jY9kCkz9DmbEEXRLO6l1AeNOFpNHm
l+sTylZy2PRA89hVoud93755ypiNu2r2wjWdqF9MMEiWqBabddNpCmZV1vjvtHRn
vM4mHicDhEUqfI0ypqT/kgqZDw7R1K6BfdJL+Jc1Tny0FBrnqS//296RFSpgvU4e
3JQfXggmZWWxtCr+TqYrhNAKWq1D49lqL6m6L4da96Z1GbpF4DnLArPxI3GMes7e
L+unXJdO6QWuqQ7+Nu5Y2pmeCw1YVDoNR8DJwDo9OYNnZIb64A==
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:10:54 2025 by rpki-client