Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be3ae0bc-3495-4bfa-b381-e76d86fa8fe3.roa
File: be3ae0bc-3495-4bfa-b381-e76d86fa8fe3.roa (raw, json)
Hash identifier: fHxIVipqXDAgNHtizsK7wGDdt2zmE8ElZBA3P9uwXPw=
Subject key identifier: 3A:D9:79:E3:31:3E:6A:4C:B3:D7:29:38:9C:BB:8A:3C:7F:51:97:4D
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5FC65E0027AC64962F4D3FDDEA2C8AA23880A3BA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be3ae0bc-3495-4bfa-b381-e76d86fa8fe3.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:8000::/40 maxlen: 40
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:c6:5e:00:27:ac:64:96:2f:4d:3f:dd:ea:2c:8a:a2:38:80:a3:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=42acc8297591762d371c7388f62096ff52c4b60aa4c947ceab353b72d3ecea9f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:36:53:07:5b:d9:e5:ae:2f:4d:80:68:87:f7:
bc:51:e6:1f:c4:eb:ea:4a:93:1d:d7:23:8b:de:2c:
6b:62:49:89:eb:5e:a9:47:ee:7d:75:91:3e:b4:73:
41:f5:85:f9:f8:33:d5:df:2f:de:cf:2d:c7:c8:ce:
a6:8a:38:84:dd:69:93:1e:c2:10:1b:a6:ad:11:32:
3d:45:e6:2d:4f:29:65:cb:a7:bf:a3:36:45:2d:4e:
8e:6c:ba:25:5d:5f:2f:b3:4c:65:44:a0:24:7e:2a:
87:df:ed:d4:b3:fd:64:78:64:57:b3:a8:d4:2d:de:
1b:19:e0:bd:a1:fa:94:a8:db:c8:e9:03:70:7c:1c:
c1:c4:2c:85:23:0d:44:d8:ef:47:09:12:a8:ce:2f:
b1:d6:94:c0:79:6c:33:50:b2:f5:1e:2a:18:92:9a:
83:6e:70:2b:7f:9d:c9:2f:2d:f8:74:10:07:1d:6a:
ec:98:17:88:a8:19:ae:ef:da:37:59:7f:6f:95:6a:
26:48:49:2e:49:73:30:63:39:c8:e0:69:a0:cb:7a:
d4:a0:af:90:df:31:10:cd:a8:4b:0e:4f:ab:f3:14:
35:67:fc:f6:fe:21:29:f2:b9:b4:52:de:dc:d6:79:
7e:b5:69:61:d0:2e:a7:13:fd:90:83:d5:5c:56:95:
d7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:D9:79:E3:31:3E:6A:4C:B3:D7:29:38:9C:BB:8A:3C:7F:51:97:4D
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/be3ae0bc-3495-4bfa-b381-e76d86fa8fe3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:8000::/40
Signature Algorithm: sha256WithRSAEncryption
a7:1f:10:58:6f:c9:f6:46:45:cf:31:8f:98:ea:4d:28:c6:7e:
1c:39:5e:64:6a:e7:20:cd:47:05:80:c5:40:05:46:2a:c8:ff:
c0:cf:88:9f:d4:a9:d5:48:a1:28:fa:ae:52:72:63:83:06:11:
e7:b3:f7:b8:fb:e8:00:80:af:56:81:56:9f:55:ce:f3:e8:93:
0d:3c:fd:04:0f:ca:40:92:91:87:6f:ff:17:26:14:44:e6:3a:
2d:12:13:0a:52:47:75:f1:54:15:55:8d:ce:28:70:b0:62:33:
de:38:e3:ba:33:f6:af:b6:15:2e:c3:f0:cb:e5:d6:b4:47:bd:
53:13:7d:a7:ad:ab:d0:9c:90:7b:56:10:78:2c:f3:d5:93:04:
01:e0:8a:98:61:45:91:f6:24:78:4d:fc:df:df:c7:98:32:c2:
89:21:6c:b0:21:db:3c:12:4f:bf:ba:71:ce:f6:53:cd:96:55:
45:c5:07:de:f7:eb:f7:26:09:8b:dc:b2:9f:ab:cd:bc:b7:db:
8a:7e:8b:c7:6f:ba:66:1a:dd:59:87:a2:f9:0d:ba:a8:c4:31:
c6:b4:b2:d8:30:47:b2:10:3d:bf:a9:e5:ef:6d:1c:b5:ab:67:
79:5b:42:31:63:81:5a:41:fc:e3:63:a5:47:eb:0a:c2:4a:8a:
de:24:4f:77
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUX8ZeACesZJYvTT/d6iyKojiAo7owDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNANDJhY2M4Mjk3NTkxNzYyZDM3MWM3
Mzg4ZjYyMDk2ZmY1MmM0YjYwYWE0Yzk0N2NlYWIzNTNiNzJkM2VjZWE5ZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApDZTB1vZ5a4vTYBoh/e8UeYfxOvq
SpMd1yOL3ixrYkmJ616pR+59dZE+tHNB9YX5+DPV3y/ezy3HyM6mijiE3WmTHsIQ
G6atETI9ReYtTylly6e/ozZFLU6ObLolXV8vs0xlRKAkfiqH3+3Us/1keGRXs6jU
Ld4bGeC9ofqUqNvI6QNwfBzBxCyFIw1E2O9HCRKozi+x1pTAeWwzULL1HioYkpqD
bnArf53JLy34dBAHHWrsmBeIqBmu79o3WX9vlWomSEkuSXMwYznI4Gmgy3rUoK+Q
3zEQzahLDk+r8xQ1Z/z2/iEp8rm0Ut7c1nl+tWlh0C6nE/2Qg9VcVpXXHQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDrZeeMxPmpMs9cpOJy7ijx/UZdNMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JlM2FlMGJjLTM0OTUtNGJmYS1iMzgxLWU3NmQ4NmZhOGZlMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYIAwDQYJKoZIhvcNAQELBQADggEBAKcfEFhvyfZGRc8xj5jq
TSjGfhw5XmRq5yDNRwWAxUAFRirI/8DPiJ/UqdVIoSj6rlJyY4MGEeez97j76ACA
r1aBVp9VzvPokw08/QQPykCSkYdv/xcmFETmOi0SEwpSR3XxVBVVjc4ocLBiM944
47oz9q+2FS7D8Mvl1rRHvVMTfaetq9CckHtWEHgs89WTBAHgiphhRZH2JHhN/N/f
x5gywokhbLAh2zwST7+6cc72U82WVUXFB9736/cmCYvcsp+rzby324p+i8dvumYa
3VmHovkNuqjEMca0stgwR7IQPb+p5e9tHLWrZ3lbQjFjgVpB/ONjpUfrCsJKit4k
T3c=
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:09:27 2025 by rpki-client