Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27412ae8-c8fe-41ee-a660-f1790d3806e7.roa
File: 27412ae8-c8fe-41ee-a660-f1790d3806e7.roa (raw, json)
Hash identifier: QDUrTiv9w+vAg2Iuw/Mko2k45dueYvXq700tkwDE6wI=
Subject key identifier: 19:F3:AA:AE:BF:F5:71:8C:45:2E:F1:A9:96:89:6C:59:80:3F:5A:D6
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 564AB194805C18C0DBE4C698B88CCB0990B679EC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27412ae8-c8fe-41ee-a660-f1790d3806e7.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:f000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:4a:b1:94:80:5c:18:c0:db:e4:c6:98:b8:8c:cb:09:90:b6:79:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=4e4ab17c10bee6245ebb6edb19bde4c97c5368c5e69003a32edeb0e679ac1ed0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:47:72:9c:ae:26:cc:a7:c3:cf:23:8d:5e:f6:
1a:d2:f2:be:0e:ff:d5:11:05:52:6c:a1:3d:7f:af:
a2:50:5b:70:dc:49:69:13:72:57:ce:0a:4b:b6:77:
48:31:ee:e4:49:03:74:30:35:ff:a7:2b:34:d3:87:
5d:d1:95:91:0f:e8:d7:cb:3b:87:c2:90:45:2b:a9:
f0:73:ae:44:3a:d9:4f:83:88:74:36:eb:ce:52:d7:
e6:fe:4e:47:b0:8d:a7:82:33:6a:95:b5:85:b2:9f:
81:13:36:df:d4:10:ab:45:1d:42:55:3c:77:44:c0:
71:fa:ab:bd:4a:eb:37:f6:f5:f4:0d:f2:b7:e0:6e:
b2:c8:3b:66:3e:f2:12:4a:12:e8:9e:26:8e:ca:ea:
38:f1:5f:a8:df:a1:91:4a:32:f9:83:fc:27:30:63:
0a:6a:c3:9c:7c:a9:2b:c9:3d:3f:f1:b1:eb:cd:3b:
f5:28:5c:3e:3a:8f:59:28:4c:97:95:65:8d:a6:96:
f0:2d:aa:a4:95:91:08:3c:8e:a8:35:59:16:6f:14:
af:16:77:56:f5:eb:db:20:20:11:36:1e:6b:f3:e9:
25:75:55:be:a7:37:7d:ed:67:b2:24:36:0b:01:cc:
21:48:b3:a4:ac:3b:77:14:8e:32:e0:44:c4:d1:3e:
fa:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:F3:AA:AE:BF:F5:71:8C:45:2E:F1:A9:96:89:6C:59:80:3F:5A:D6
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/27412ae8-c8fe-41ee-a660-f1790d3806e7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:f000::/40
Signature Algorithm: sha256WithRSAEncryption
77:0b:de:cd:7a:58:ca:22:4c:04:c2:12:4f:19:5e:58:87:bf:
13:97:87:7b:4e:1c:85:85:9c:84:fb:28:e6:36:f5:0d:2a:62:
7b:e5:58:cb:ea:70:1a:bd:f1:27:e7:70:be:82:19:e3:96:79:
bb:26:a2:f8:64:70:8e:e6:0b:f3:e8:ff:f8:fb:d7:fc:25:de:
10:65:47:96:5f:8b:4e:73:19:53:86:25:9c:78:06:c3:88:f7:
a7:00:15:69:4f:60:b5:df:fc:38:b3:f0:67:90:c2:92:af:af:
33:9c:83:7f:36:6c:4a:7f:ea:6b:38:c1:5b:65:7d:42:e8:46:
1d:90:6b:7a:25:3b:6c:3d:fd:1f:a5:70:74:f4:8a:46:d8:89:
d6:1e:bc:bd:4a:d0:9d:3f:d2:60:96:7e:7d:d1:78:5c:81:97:
72:32:11:ab:68:05:8a:42:fe:68:48:6e:b9:8b:45:7b:16:46:
98:07:4d:b1:a8:5b:f4:d6:a7:e0:3f:89:44:78:3c:d9:66:95:
73:e0:95:83:89:a1:78:14:cb:d9:4b:00:07:05:4d:f5:10:e9:
a5:55:60:b3:55:cc:85:01:48:94:e4:e2:81:08:a1:a0:53:23:
35:14:d4:39:1c:64:cd:0a:7c:6b:dd:c8:11:19:4a:39:16:4f:
cd:54:21:fb
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUVkqxlIBcGMDb5MaYuIzLCZC2eewwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNANGU0YWIxN2MxMGJlZTYyNDVlYmI2
ZWRiMTliZGU0Yzk3YzUzNjhjNWU2OTAwM2EzMmVkZWIwZTY3OWFjMWVkMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq0dynK4mzKfDzyONXvYa0vK+Dv/V
EQVSbKE9f6+iUFtw3ElpE3JXzgpLtndIMe7kSQN0MDX/pys004dd0ZWRD+jXyzuH
wpBFK6nwc65EOtlPg4h0NuvOUtfm/k5HsI2ngjNqlbWFsp+BEzbf1BCrRR1CVTx3
RMBx+qu9Sus39vX0DfK34G6yyDtmPvISShLoniaOyuo48V+o36GRSjL5g/wnMGMK
asOcfKkryT0/8bHrzTv1KFw+Oo9ZKEyXlWWNppbwLaqklZEIPI6oNVkWbxSvFndW
9evbICARNh5r8+kldVW+pzd97WeyJDYLAcwhSLOkrDt3FI4y4ETE0T76aQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBnzqq6/9XGMRS7xqZaJbFmAP1rWMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI3NDEyYWU4LWM4ZmUtNDFlZS1hNjYwLWYxNzkwZDM4MDZlNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYfAwDQYJKoZIhvcNAQELBQADggEBAHcL3s16WMoiTATCEk8Z
XliHvxOXh3tOHIWFnIT7KOY29Q0qYnvlWMvqcBq98SfncL6CGeOWebsmovhkcI7m
C/Po//j71/wl3hBlR5Zfi05zGVOGJZx4BsOI96cAFWlPYLXf/Diz8GeQwpKvrzOc
g382bEp/6ms4wVtlfULoRh2Qa3olO2w9/R+lcHT0ikbYidYevL1K0J0/0mCWfn3R
eFyBl3IyEatoBYpC/mhIbrmLRXsWRpgHTbGoW/TWp+A/iUR4PNlmlXPglYOJoXgU
y9lLAAcFTfUQ6aVVYLNVzIUBSJTk4oEIoaBTIzUU1DkcZM0KfGvdyBEZSjkWT81U
Ifs=
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:31:39 2025 by rpki-client