Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89dfb340-f170-4c0d-aeed-6d61c8af1b4a.roa
File: 89dfb340-f170-4c0d-aeed-6d61c8af1b4a.roa (raw, json)
Hash identifier: uw3NOttANr2jiLuqRzgDQw6bAU9O+4mwqPeSJKf2Y40=
Subject key identifier: 2B:60:ED:EE:AE:A4:DA:AE:AF:49:F0:65:16:5A:C4:DC:18:46:9C:24
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 53CD1CF10314284BF19C96B903AD2A1CCC830804
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89dfb340-f170-4c0d-aeed-6d61c8af1b4a.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:4040::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:cd:1c:f1:03:14:28:4b:f1:9c:96:b9:03:ad:2a:1c:cc:83:08:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=0020484161312b99674d39a9c144638f532fe7dbb9f8430263354c51de04b1c4, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:a8:42:af:c8:ea:e6:04:70:0c:1a:df:b3:94:
8a:fb:99:6b:c3:50:b1:5a:0c:86:e0:64:f4:79:7f:
b5:d7:8f:64:f9:d3:a4:4a:01:03:59:09:70:c3:e0:
be:4a:cd:a1:39:a3:67:b5:0b:f6:41:dc:15:db:c1:
3d:b7:f2:f4:87:ae:40:96:60:b7:b9:96:93:a0:6d:
58:cf:65:20:87:ad:8b:06:a8:0f:db:16:11:fb:10:
f5:6e:0c:ff:c7:f6:84:5e:f4:7d:f7:3c:7e:4d:fb:
a5:3e:7d:db:01:1a:a7:13:32:6a:13:a9:3c:d6:36:
fb:5e:02:5f:2a:6c:0f:66:2a:52:a3:93:c1:7d:a5:
a8:44:90:8f:8e:4e:fe:cd:c3:7a:3a:90:b1:5c:87:
8e:68:28:37:fa:3e:b2:f4:91:f6:d3:6d:d6:a4:f0:
63:47:b2:d7:28:de:48:48:c6:9a:25:a4:48:2a:e0:
7c:72:62:5a:64:39:5f:d5:f2:eb:2b:d4:b1:9d:60:
b5:40:c3:00:a8:89:fb:e9:e7:a3:36:9b:86:d5:46:
8c:7e:22:ac:c0:ae:a3:83:26:86:0d:b7:fb:f0:2c:
f9:1f:e0:b6:9f:91:fb:69:3a:b1:26:91:a7:7c:9e:
16:46:7c:56:e3:ad:51:3c:cf:be:26:17:73:09:c4:
36:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:60:ED:EE:AE:A4:DA:AE:AF:49:F0:65:16:5A:C4:DC:18:46:9C:24
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/89dfb340-f170-4c0d-aeed-6d61c8af1b4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:4040::/46
Signature Algorithm: sha256WithRSAEncryption
72:c9:35:4a:66:c1:db:ba:d5:26:a3:eb:e0:56:7b:5d:90:2c:
a0:99:17:b8:e5:01:3d:ca:08:d5:5c:72:76:e9:53:82:5b:55:
2d:a6:20:89:d5:02:27:d7:19:4c:b7:c8:8b:fe:41:bb:ca:37:
14:ba:6d:d8:df:b2:c5:0c:70:3a:c9:ce:8f:08:9c:ed:10:1c:
cb:ca:3e:99:9e:48:b8:16:30:9b:0e:47:75:35:c4:ba:f1:f0:
a7:b0:67:69:03:35:dc:bf:f3:0a:9d:c8:8a:40:92:a5:ea:d8:
3a:9c:da:e1:cf:af:e8:20:d0:72:4d:51:1a:fb:73:c8:2d:44:
6b:b4:3f:89:4c:7d:1a:3c:02:f8:17:a5:88:ec:de:3a:f4:28:
77:4e:a2:f3:9d:41:2f:42:a4:3e:d9:aa:31:80:8c:97:a7:a5:
cd:50:89:40:f4:fb:ea:76:b6:17:cd:f0:e0:ea:0f:07:69:2e:
e2:08:3d:ce:e0:92:f0:14:e6:bf:1c:c8:5e:b7:b8:88:bd:af:
67:85:80:84:cd:47:89:61:08:63:c5:73:26:ca:7f:ea:a7:7c:
3c:a2:69:34:dc:ba:36:35:76:93:48:03:3d:61:5f:bc:85:31:
1b:b3:a6:ae:4c:cf:21:0d:d5:29:b0:8c:7c:c5:32:60:8f:78:
ad:97:f1:08
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUU80c8QMUKEvxnJa5A60qHMyDCAQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMDAyMDQ4NDE2MTMxMmI5OTY3NGQz
OWE5YzE0NDYzOGY1MzJmZTdkYmI5Zjg0MzAyNjMzNTRjNTFkZTA0YjFjNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKhCr8jq5gRwDBrfs5SK+5lrw1Cx
WgyG4GT0eX+1149k+dOkSgEDWQlww+C+Ss2hOaNntQv2QdwV28E9t/L0h65AlmC3
uZaToG1Yz2Ugh62LBqgP2xYR+xD1bgz/x/aEXvR99zx+TfulPn3bARqnEzJqE6k8
1jb7XgJfKmwPZipSo5PBfaWoRJCPjk7+zcN6OpCxXIeOaCg3+j6y9JH2023WpPBj
R7LXKN5ISMaaJaRIKuB8cmJaZDlf1fLrK9SxnWC1QMMAqIn76eejNpuG1UaMfiKs
wK6jgyaGDbf78Cz5H+C2n5H7aTqxJpGnfJ4WRnxW461RPM++JhdzCcQ2vwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFCtg7e6upNqur0nwZRZaxNwYRpwkMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzg5ZGZiMzQwLWYxNzAtNGMwZC1hZWVkLTZkNjFjOGFmMWI0YS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaYEBAMA0GCSqGSIb3DQEBCwUAA4IBAQByyTVKZsHbutUmo+vg
VntdkCygmRe45QE9ygjVXHJ26VOCW1UtpiCJ1QIn1xlMt8iL/kG7yjcUum3Y37LF
DHA6yc6PCJztEBzLyj6Znki4FjCbDkd1NcS68fCnsGdpAzXcv/MKnciKQJKl6tg6
nNrhz6/oINByTVEa+3PILURrtD+JTH0aPAL4F6WI7N469Ch3TqLznUEvQqQ+2aox
gIyXp6XNUIlA9PvqdrYXzfDg6g8HaS7iCD3O4JLwFOa/HMhet7iIva9nhYCEzUeJ
YQhjxXMmyn/qp3w8omk03Lo2NXaTSAM9YV+8hTEbs6auTM8hDdUpsIx8xTJgj3it
l/EI
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:46:01 2025 by rpki-client