Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/335e2dc4-285b-42f2-b98c-1c4f96794cb6.roa
File: 335e2dc4-285b-42f2-b98c-1c4f96794cb6.roa (raw, json)
Hash identifier: DE1WcEMoDxIyyHdH04Q0phvUSi/IqyTqodi8JZIoypc=
Subject key identifier: 4B:DD:FD:C7:32:1A:E1:C0:06:12:6B:BF:05:8C:52:6A:6D:05:01:7F
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5E9E369D4B40FF6C883CB519A147ACF87C29BC7A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/335e2dc4-285b-42f2-b98c-1c4f96794cb6.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:4800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:9e:36:9d:4b:40:ff:6c:88:3c:b5:19:a1:47:ac:f8:7c:29:bc:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=5bc37926e0ef18b67c7637b2599417daa47178926b69d2e100e882c6913ef323, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:1e:9a:ff:e0:5b:70:03:64:e3:42:c5:c1:c4:
55:07:f5:0f:ea:3b:24:51:1b:2a:83:43:53:63:3b:
4b:d2:51:82:89:a6:b2:40:49:8c:7d:00:2b:36:dd:
26:a7:0d:3c:b2:90:2a:14:ee:aa:37:23:2b:94:46:
e1:a8:55:b8:d3:be:3f:17:ba:49:4d:ec:4c:7e:be:
8e:37:7f:5f:2b:3a:33:17:42:a5:ad:27:33:39:cc:
b1:f8:ed:e1:1e:07:a2:c9:de:ec:7f:70:cd:ce:34:
9b:9f:52:3b:67:35:56:a4:2e:a6:cb:4d:c7:7c:38:
fb:8e:eb:a6:c7:9c:ed:89:e0:7e:bd:37:ed:4c:5d:
e7:d7:68:91:3c:3f:86:9a:db:82:03:3a:aa:78:4f:
25:85:d7:60:0b:e8:48:23:c3:fa:7c:70:0c:ab:1d:
2d:63:76:00:7c:6d:4c:24:a1:bf:8b:24:6a:b8:53:
84:fd:6a:d2:92:02:aa:51:13:40:25:2c:a8:02:37:
b3:e9:df:29:39:9f:f1:e7:a6:73:58:14:82:f6:71:
6c:67:84:ef:0e:87:2c:7f:78:c6:e2:da:96:6d:5a:
81:0e:27:17:56:8f:55:88:0c:5d:e6:6e:c0:66:ac:
42:07:90:25:4e:2f:4c:2e:9c:5b:8a:0b:e1:bd:87:
71:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:DD:FD:C7:32:1A:E1:C0:06:12:6B:BF:05:8C:52:6A:6D:05:01:7F
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/335e2dc4-285b-42f2-b98c-1c4f96794cb6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:4800::/40
Signature Algorithm: sha256WithRSAEncryption
0a:6d:57:0f:60:e1:b9:a9:00:76:01:fc:47:d1:87:59:b6:bc:
fa:08:39:41:8e:8f:51:a8:c6:10:96:c9:98:43:18:84:04:74:
3e:21:16:5b:45:8d:b1:d2:8b:4d:bd:b9:19:fc:08:43:73:b3:
97:41:cf:b5:3e:d1:34:bb:3a:42:27:c0:32:2d:3a:28:1b:38:
2e:47:dc:9b:03:38:4f:7a:9f:d7:cf:36:5c:93:b2:9d:57:43:
0b:d1:39:99:2a:95:9c:72:ff:63:4f:f0:9f:0e:ae:44:d1:01:
a6:4f:da:e7:ce:e7:f8:19:63:cd:e8:52:6f:3e:59:d3:f1:c6:
78:fb:e4:04:40:b6:11:21:1f:22:d1:1a:89:e0:86:8c:86:36:
3b:c8:d6:8d:9e:da:56:08:c4:2e:b5:5c:27:62:f1:87:9f:00:
31:30:6e:eb:05:5d:9e:48:f7:ed:38:7e:53:74:7c:c4:bc:b0:
16:ad:30:91:58:d2:e0:cf:11:3d:cd:25:4f:c1:e2:04:f1:da:
33:3b:9c:8e:1a:ca:9d:c7:b0:42:d0:97:c7:71:11:a7:76:2c:
aa:df:83:54:8b:43:4b:d1:f8:e3:ca:1c:10:9d:98:69:9f:c7:
db:01:db:6e:a8:06:0b:89:09:5d:d4:95:5b:14:f8:dd:cc:93:
19:d3:ca:5e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUXp42nUtA/2yIPLUZoUes+HwpvHowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANWJjMzc5MjZlMGVmMThiNjdjNzYz
N2IyNTk5NDE3ZGFhNDcxNzg5MjZiNjlkMmUxMDBlODgyYzY5MTNlZjMyMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArh6a/+BbcANk40LFwcRVB/UP6jsk
URsqg0NTYztL0lGCiaayQEmMfQArNt0mpw08spAqFO6qNyMrlEbhqFW4074/F7pJ
TexMfr6ON39fKzozF0KlrSczOcyx+O3hHgeiyd7sf3DNzjSbn1I7ZzVWpC6my03H
fDj7juumx5ztieB+vTftTF3n12iRPD+GmtuCAzqqeE8lhddgC+hII8P6fHAMqx0t
Y3YAfG1MJKG/iyRquFOE/WrSkgKqURNAJSyoAjez6d8pOZ/x56ZzWBSC9nFsZ4Tv
Docsf3jG4tqWbVqBDicXVo9ViAxd5m7AZqxCB5AlTi9MLpxbigvhvYdxqQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEvd/ccyGuHABhJrvwWMUmptBQF/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzMzNWUyZGM0LTI4NWItNDJmMi1iOThjLTFjNGY5Njc5NGNiNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaAEgwDQYJKoZIhvcNAQELBQADggEBAAptVw9g4bmpAHYB/EfR
h1m2vPoIOUGOj1GoxhCWyZhDGIQEdD4hFltFjbHSi029uRn8CENzs5dBz7U+0TS7
OkInwDItOigbOC5H3JsDOE96n9fPNlyTsp1XQwvROZkqlZxy/2NP8J8OrkTRAaZP
2ufO5/gZY83oUm8+WdPxxnj75ARAthEhHyLRGonghoyGNjvI1o2e2lYIxC61XCdi
8YefADEwbusFXZ5I9+04flN0fMS8sBatMJFY0uDPET3NJU/B4gTx2jM7nI4ayp3H
sELQl8dxEad2LKrfg1SLQ0vR+OPKHBCdmGmfx9sB226oBguJCV3UlVsU+N3MkxnT
yl4=
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:31:39 2025 by rpki-client