Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7a6f7040-7b17-4c45-a9a7-e714d64a300b.roa
File: 7a6f7040-7b17-4c45-a9a7-e714d64a300b.roa (raw, json)
Hash identifier: c5SrtysQbWh1B+I6VhNmXJx/PoqffKXFIqUoC1jfEZk=
Subject key identifier: 82:13:74:42:A6:AA:28:3C:05:D8:48:49:70:1D:92:30:8A:9A:4E:A2
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 177B78C16144949961F405F83EC6D0BE667AC8E5
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7a6f7040-7b17-4c45-a9a7-e714d64a300b.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:10c0::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:7b:78:c1:61:44:94:99:61:f4:05:f8:3e:c6:d0:be:66:7a:c8:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=2646f206c82182af778fc91137882d254bd811e8a56c3c66e9cf7e81737992dc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bc:7d:b1:09:e0:54:d8:1a:b0:49:44:fe:95:
03:14:81:aa:d5:ce:ca:ce:be:b9:83:5b:4d:83:d2:
04:5e:db:f5:d4:af:7c:96:75:5f:9a:66:af:59:a9:
fc:cd:db:8f:a3:e7:50:b7:44:f9:ec:66:06:2a:ee:
57:ec:eb:67:fd:24:2b:74:54:c1:0d:23:72:89:58:
73:89:f4:e0:45:89:8d:aa:be:65:40:42:7e:30:87:
22:10:a1:5f:9d:d7:6e:d3:4e:d6:a5:9d:9a:a5:77:
43:18:47:25:b5:9d:ce:66:04:55:14:55:8b:33:b1:
c5:c3:55:95:98:b8:ea:4d:00:e8:f9:75:2b:8d:3e:
5b:95:8b:27:12:47:e7:b3:ca:c2:21:a5:2d:cd:2d:
fb:ed:1f:be:0d:27:8d:91:2f:1e:a7:fe:f8:26:88:
36:4e:c8:62:d5:34:a9:8f:37:74:7f:dc:b8:e4:cb:
76:c0:f6:b3:23:36:ab:ab:f4:0f:77:86:d5:83:d8:
29:6b:e1:4f:54:4b:11:2b:f1:0d:fa:61:09:df:b4:
4c:03:54:d0:bd:54:36:1f:d9:d8:46:08:fa:62:ac:
d0:5a:d5:c5:ce:e5:dc:c7:b0:c1:fb:bc:e5:d4:69:
da:3f:ea:c9:04:4a:5c:4c:70:f5:30:20:59:88:82:
79:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:13:74:42:A6:AA:28:3C:05:D8:48:49:70:1D:92:30:8A:9A:4E:A2
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7a6f7040-7b17-4c45-a9a7-e714d64a300b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:10c0::/46
Signature Algorithm: sha256WithRSAEncryption
83:79:8e:d8:87:ea:cd:e2:df:ff:69:8d:db:f0:38:12:83:18:
aa:dc:5d:4c:b9:be:c3:69:7b:47:39:4f:d1:ed:27:81:ba:1f:
1d:46:0c:cf:3a:78:73:87:d1:40:b4:c3:95:4f:97:06:08:54:
f6:40:53:2a:ee:a8:90:90:bb:67:ba:21:45:20:3c:e2:29:56:
db:88:77:47:0a:81:52:67:3c:10:43:f9:1c:9c:30:65:32:70:
fe:c6:4b:b2:31:d0:22:63:d0:77:cf:51:82:99:a4:3a:03:07:
04:d3:5f:80:fe:a8:a9:b6:22:a8:2a:ae:c4:63:82:37:f2:b2:
08:49:da:b6:9f:83:89:f3:62:6e:fd:9b:c3:d7:f9:0f:66:9a:
3e:2f:a8:1e:aa:ca:af:fb:e9:b7:2d:e5:83:43:37:bb:f1:f9:
37:f0:1b:f3:fc:01:7d:cf:bc:24:eb:6c:2c:ec:6a:dd:75:c2:
c0:5a:fd:05:fe:bf:7d:e6:3a:eb:38:c6:5a:a2:81:11:2c:9f:
d9:50:16:af:99:d0:27:ae:f5:aa:99:62:c7:ee:2f:68:cd:a0:
5b:d0:67:52:aa:92:03:b6:26:ba:86:26:1b:c3:4c:00:4e:ad:
43:62:f8:e5:0a:1c:06:45:65:68:1b:ee:14:28:a0:b1:e7:bb:
04:51:00:53
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUF3t4wWFElJlh9AX4PsbQvmZ6yOUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMjY0NmYyMDZjODIxODJhZjc3OGZj
OTExMzc4ODJkMjU0YmQ4MTFlOGE1NmMzYzY2ZTljZjdlODE3Mzc5OTJkYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7x9sQngVNgasElE/pUDFIGq1c7K
zr65g1tNg9IEXtv11K98lnVfmmavWan8zduPo+dQt0T57GYGKu5X7Otn/SQrdFTB
DSNyiVhzifTgRYmNqr5lQEJ+MIciEKFfnddu007WpZ2apXdDGEcltZ3OZgRVFFWL
M7HFw1WVmLjqTQDo+XUrjT5blYsnEkfns8rCIaUtzS377R++DSeNkS8ep/74Jog2
Tshi1TSpjzd0f9y45Mt2wPazIzarq/QPd4bVg9gpa+FPVEsRK/EN+mEJ37RMA1TQ
vVQ2H9nYRgj6YqzQWtXFzuXcx7DB+7zl1GnaP+rJBEpcTHD1MCBZiIJ5swIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFIITdEKmqig8BdhISXAdkjCKmk6iMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdhNmY3MDQwLTdiMTctNGM0NS1hOWE3LWU3MTRkNjRhMzAwYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaYBDAMA0GCSqGSIb3DQEBCwUAA4IBAQCDeY7Yh+rN4t//aY3b
8DgSgxiq3F1Mub7DaXtHOU/R7SeBuh8dRgzPOnhzh9FAtMOVT5cGCFT2QFMq7qiQ
kLtnuiFFIDziKVbbiHdHCoFSZzwQQ/kcnDBlMnD+xkuyMdAiY9B3z1GCmaQ6AwcE
01+A/qiptiKoKq7EY4I38rIISdq2n4OJ82Ju/ZvD1/kPZpo+L6geqsqv++m3LeWD
Qze78fk38Bvz/AF9z7wk62ws7GrddcLAWv0F/r995jrrOMZaooERLJ/ZUBavmdAn
rvWqmWLH7i9ozaBb0GdSqpIDtia6hiYbw0wATq1DYvjlChwGRWVoG+4UKKCx57sE
UQBT
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:38:46 2025 by rpki-client