Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78b7064f-6eb4-44bb-852c-d10dc30f3069.roa
File: 78b7064f-6eb4-44bb-852c-d10dc30f3069.roa (raw, json)
Hash identifier: p5/fYDtocN9vbyNcybx0XVXKsMSnJQBE+pLdPZz/aWU=
Subject key identifier: 29:0B:98:DE:BD:36:38:A1:C0:F1:32:4C:71:40:1C:85:E7:70:E0:AE
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 01DEE3085591E74B0C03B86DEBA27ADD40858728
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78b7064f-6eb4-44bb-852c-d10dc30f3069.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da68:8880::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:de:e3:08:55:91:e7:4b:0c:03:b8:6d:eb:a2:7a:dd:40:85:87:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=aa52452d8d710736ecf82ab7356383ef384a85aa123bece057975a080468501b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:a8:d6:6c:ab:7e:c0:df:1b:64:33:11:09:f7:
cf:46:91:98:dc:76:8e:c8:bc:df:06:6c:b9:45:b3:
2a:30:b5:87:ed:08:11:78:d0:6b:63:2a:9a:77:c0:
46:80:38:2e:fb:55:d3:56:7d:c9:68:cc:68:02:1f:
9e:ee:a4:53:3a:67:67:d0:ff:0d:ad:32:c1:b1:a6:
d0:39:77:cc:56:e4:a9:a7:1f:55:59:43:1a:14:91:
a6:08:dd:22:cf:df:8f:e2:94:47:cb:de:7e:71:ce:
7d:a0:74:69:98:0d:a8:c9:53:a4:74:1b:51:cf:46:
7b:14:de:11:51:59:24:be:9a:92:89:43:91:03:59:
fc:90:5e:41:9c:b7:eb:4d:92:df:25:4d:17:dd:28:
29:ee:89:42:20:f6:3b:1e:4d:3a:8d:10:c2:3e:b9:
d0:ee:b4:2f:20:53:f2:27:40:cf:16:1c:e8:62:ef:
de:49:43:e2:94:6b:b3:83:11:ff:ff:b0:a7:91:86:
3f:34:e7:30:b4:18:e4:f3:16:d6:b4:d8:18:e1:dc:
af:49:18:9f:63:01:4b:86:06:17:67:d3:42:a3:c2:
9e:69:8e:7c:d6:8f:c7:d1:63:f5:cb:81:38:b6:da:
19:a3:90:b0:19:3f:ac:c1:5e:70:5c:49:38:70:e7:
77:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:0B:98:DE:BD:36:38:A1:C0:F1:32:4C:71:40:1C:85:E7:70:E0:AE
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78b7064f-6eb4-44bb-852c-d10dc30f3069.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da68:8880::/46
Signature Algorithm: sha256WithRSAEncryption
48:96:d6:9f:4c:00:04:c6:a0:1d:ad:12:d9:18:79:57:94:b8:
2c:89:07:2d:45:b7:45:af:a6:31:8f:27:06:66:5e:13:98:f4:
06:b5:73:19:3b:b0:9d:05:5a:66:06:04:5e:71:fa:a2:45:37:
32:0a:ac:1d:da:84:c2:30:19:7a:44:b0:3d:45:44:28:91:62:
3c:5c:e3:5f:1e:b0:05:a9:67:ad:be:de:f2:78:18:1a:c3:b2:
1c:d3:0d:21:4b:67:e5:56:db:1e:af:a7:a8:1d:2d:82:2e:c0:
45:cc:d6:d0:57:14:12:3c:72:c8:32:1b:7a:de:dc:8d:5d:9e:
bb:02:ad:eb:22:e4:a1:9b:71:45:e1:63:0b:2c:c6:85:dd:29:
50:ba:79:15:03:f1:4c:a7:44:46:59:81:3f:91:ce:b2:9d:ec:
08:b3:4e:05:cc:09:ad:b7:ca:b1:b2:c8:5f:9f:ca:3b:2d:2f:
7d:c8:c2:24:92:e4:a1:c1:2a:20:92:75:94:99:7e:9b:ff:6b:
0e:fc:41:25:6f:f3:d2:b0:08:2e:23:e1:8e:ba:0e:c1:04:08:
9b:b1:ae:7c:9f:f6:44:a4:ee:72:c0:7c:0a:c1:5e:7a:25:d2:
e9:59:12:8f:ab:7c:77:86:42:05:0a:1b:e0:93:c0:b1:e3:72:
ba:25:c3:d6
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUAd7jCFWR50sMA7ht66J63UCFhygwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYWE1MjQ1MmQ4ZDcxMDczNmVjZjgy
YWI3MzU2MzgzZWYzODRhODVhYTEyM2JlY2UwNTc5NzVhMDgwNDY4NTAxYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyqjWbKt+wN8bZDMRCffPRpGY3HaO
yLzfBmy5RbMqMLWH7QgReNBrYyqad8BGgDgu+1XTVn3JaMxoAh+e7qRTOmdn0P8N
rTLBsabQOXfMVuSppx9VWUMaFJGmCN0iz9+P4pRHy95+cc59oHRpmA2oyVOkdBtR
z0Z7FN4RUVkkvpqSiUORA1n8kF5BnLfrTZLfJU0X3Sgp7olCIPY7Hk06jRDCPrnQ
7rQvIFPyJ0DPFhzoYu/eSUPilGuzgxH//7CnkYY/NOcwtBjk8xbWtNgY4dyvSRif
YwFLhgYXZ9NCo8KeaY581o/H0WP1y4E4ttoZo5CwGT+swV5wXEk4cOd3EwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCkLmN69NjihwPEyTHFAHIXncOCuMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc4YjcwNjRmLTZlYjQtNDRiYi04NTJjLWQxMGRjMzBmMzA2OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaIiAMA0GCSqGSIb3DQEBCwUAA4IBAQBIltafTAAExqAdrRLZ
GHlXlLgsiQctRbdFr6YxjycGZl4TmPQGtXMZO7CdBVpmBgRecfqiRTcyCqwd2oTC
MBl6RLA9RUQokWI8XONfHrAFqWetvt7yeBgaw7Ic0w0hS2flVtser6eoHS2CLsBF
zNbQVxQSPHLIMht63tyNXZ67Aq3rIuShm3FF4WMLLMaF3SlQunkVA/FMp0RGWYE/
kc6ynewIs04FzAmtt8qxsshfn8o7LS99yMIkkuShwSogknWUmX6b/2sO/EElb/PS
sAguI+GOug7BBAibsa58n/ZEpO5ywHwKwV56JdLpWRKPq3x3hkIFChvgk8Cx43K6
JcPW
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:38:51 2025 by rpki-client