Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/357bcde9-1734-401d-800e-ca18b9c62b8c.roa
File: 357bcde9-1734-401d-800e-ca18b9c62b8c.roa (raw, json)
Hash identifier: CB3uTZu7hCR9uF5e59E2BzwPPwLP5oYuxpKbS4XATYk=
Subject key identifier: D8:73:8A:5A:18:F5:C4:5B:C6:83:76:6F:ED:FD:69:48:17:6D:4A:92
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5995B8FC2B58BA59B1AE4A9208585AE2EDB3343E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/357bcde9-1734-401d-800e-ca18b9c62b8c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:e040::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:95:b8:fc:2b:58:ba:59:b1:ae:4a:92:08:58:5a:e2:ed:b3:34:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=46c39f278d8cc8100ae7c2436783650071b4ab531e7f833e108d3b1c23eeaafa, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:16:4e:2b:f9:bb:de:2b:8e:8c:0e:86:6b:4e:
46:6a:cf:5d:dd:20:3e:22:ce:14:bc:86:42:a3:d2:
34:00:b8:67:6d:e3:9b:99:e1:6f:0a:2f:a6:a6:3a:
3e:12:c4:6d:2d:a7:39:c9:70:22:30:6c:9a:58:30:
50:20:50:f9:e6:37:a2:91:ec:05:42:83:a4:11:b4:
8a:99:da:d4:1f:ec:07:50:34:38:46:4f:0e:d9:30:
da:c5:37:e1:23:df:0f:33:27:64:ad:fb:92:b3:7f:
67:45:cb:78:3f:ff:2f:b0:b1:a8:6e:50:96:a5:06:
39:f5:86:c2:26:0d:0e:0b:1e:27:cf:d0:a2:28:16:
da:d5:91:95:42:4d:38:fe:68:45:b5:4c:7c:38:21:
c8:70:e8:37:4f:27:70:74:b0:95:5c:dd:47:7b:1d:
9f:03:55:32:6a:18:28:f9:51:69:a7:52:d2:ab:90:
78:f5:9c:f6:e3:2a:1c:ca:f5:ed:28:e6:a0:ee:04:
81:e4:30:b9:7d:85:db:34:76:55:e4:5f:b5:2f:14:
99:9c:e0:09:7a:38:fe:76:53:65:16:d4:4c:f5:47:
8f:93:f9:40:57:e3:9d:e2:ca:65:32:31:43:f4:d7:
48:00:77:52:f4:f2:46:f1:43:f1:ba:73:c1:59:69:
03:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:73:8A:5A:18:F5:C4:5B:C6:83:76:6F:ED:FD:69:48:17:6D:4A:92
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/357bcde9-1734-401d-800e-ca18b9c62b8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:e040::/46
Signature Algorithm: sha256WithRSAEncryption
06:26:d0:37:49:8c:19:09:6b:0e:53:1b:8c:72:e2:be:52:8d:
c6:f1:8e:4d:7a:90:78:df:92:86:cf:90:e6:c4:97:f7:40:8d:
48:ab:d0:00:2e:22:b4:d7:24:54:09:4d:09:c1:c4:e4:83:be:
16:a9:3e:c7:06:51:f6:41:a8:4a:41:b9:08:77:d7:ec:c0:fe:
b3:42:eb:80:34:10:cc:d3:6a:08:ee:21:f7:13:ab:53:4e:fa:
11:b6:ac:44:ac:36:97:01:19:31:d8:27:b1:8b:1c:dd:c3:f5:
e1:2e:08:cb:41:e8:6c:ca:0e:70:66:ee:86:b0:d8:5f:2c:83:
c5:74:2a:43:4f:c1:66:50:3a:76:04:94:e4:92:d4:64:a3:92:
48:90:db:bc:34:e9:9e:cc:97:46:a2:32:c2:f2:09:1d:00:69:
8e:6b:2e:38:42:34:89:5a:40:43:df:c4:2d:80:4a:70:cd:7c:
44:28:4f:4b:81:6e:67:d0:65:f1:89:b8:1f:95:1b:a8:cd:32:
ae:9d:40:64:e2:54:2a:40:5a:4e:b7:0f:69:f7:8c:2a:90:b8:
e3:14:74:53:54:b1:4e:30:f6:2a:11:f7:8b:10:5d:db:09:fd:
cd:c2:5d:b7:47:3b:32:44:e2:e0:15:8c:6a:bc:63:5d:f6:11:
79:d8:af:90
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUWZW4/CtYulmxrkqSCFha4u2zND4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANDZjMzlmMjc4ZDhjYzgxMDBhZTdj
MjQzNjc4MzY1MDA3MWI0YWI1MzFlN2Y4MzNlMTA4ZDNiMWMyM2VlYWFmYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqRZOK/m73iuOjA6Ga05Gas9d3SA+
Is4UvIZCo9I0ALhnbeObmeFvCi+mpjo+EsRtLac5yXAiMGyaWDBQIFD55jeikewF
QoOkEbSKmdrUH+wHUDQ4Rk8O2TDaxTfhI98PMydkrfuSs39nRct4P/8vsLGoblCW
pQY59YbCJg0OCx4nz9CiKBba1ZGVQk04/mhFtUx8OCHIcOg3TydwdLCVXN1Hex2f
A1Uyahgo+VFpp1LSq5B49Zz24yocyvXtKOag7gSB5DC5fYXbNHZV5F+1LxSZnOAJ
ejj+dlNlFtRM9UePk/lAV+Od4splMjFD9NdIAHdS9PJG8UPxunPBWWkDHwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFNhziloY9cRbxoN2b+39aUgXbUqSMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzM1N2JjZGU5LTE3MzQtNDAxZC04MDBlLWNhMThiOWM2MmI4Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaYOBAMA0GCSqGSIb3DQEBCwUAA4IBAQAGJtA3SYwZCWsOUxuM
cuK+Uo3G8Y5NepB435KGz5DmxJf3QI1Iq9AALiK01yRUCU0JwcTkg74WqT7HBlH2
QahKQbkId9fswP6zQuuANBDM02oI7iH3E6tTTvoRtqxErDaXARkx2Cexixzdw/Xh
LgjLQehsyg5wZu6GsNhfLIPFdCpDT8FmUDp2BJTkktRko5JIkNu8NOmezJdGojLC
8gkdAGmOay44QjSJWkBD38QtgEpwzXxEKE9LgW5n0GXxibgflRuozTKunUBk4lQq
QFpOtw9p94wqkLjjFHRTVLFOMPYqEfeLEF3bCf3Nwl23RzsyROLgFYxqvGNd9hF5
2K+Q
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:45:58 2025 by rpki-client