Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d34cbdaf-086e-4183-aab4-bb50f7e05d8c.roa
File: d34cbdaf-086e-4183-aab4-bb50f7e05d8c.roa (raw, json)
Hash identifier: cTmHEbkLWDLPAyFcYNArr+Uwn6vKiEn4dsAw7yRGGpA=
Subject key identifier: F2:2D:CE:24:01:F2:E4:89:DC:02:FD:23:5F:73:07:5E:D9:C6:FF:33
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 15D346E49DBF62A13D0DFF0141D6D2D865BED0CA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d34cbdaf-086e-4183-aab4-bb50f7e05d8c.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:2040::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:d3:46:e4:9d:bf:62:a1:3d:0d:ff:01:41:d6:d2:d8:65:be:d0:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=b80b30825f9f6cbfa3f40a9b80f9e87047b963ecb8789171194ef3725c096e70, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c5:3d:d5:15:20:9c:73:95:ef:24:6d:d2:51:
33:d6:eb:9f:d8:17:ca:b6:9e:6f:be:dc:94:53:f7:
7f:9d:c3:67:cc:43:7a:ec:c3:b4:61:8f:aa:a6:86:
b9:37:30:d1:ec:cd:64:a7:6b:e1:49:67:13:a2:d4:
4e:d7:f3:39:ee:e5:c9:b0:e7:6c:c4:16:4d:09:17:
d1:fc:10:bd:3a:a6:a7:c7:1d:5a:7c:03:91:b6:03:
20:d7:c6:8c:03:65:e0:63:a3:ee:c6:01:16:88:54:
7d:73:a6:10:7a:5e:4b:8d:e8:6d:1b:1c:c3:dc:24:
06:0f:28:e1:d0:f2:dc:81:65:da:67:23:12:7d:c0:
72:e1:de:31:a2:7b:5b:83:77:3f:cf:b1:7f:c4:8c:
3e:46:a0:6d:0b:7d:2d:17:53:b4:d8:9f:42:09:be:
12:6e:65:6c:0c:ae:33:3c:04:73:24:6c:f9:6e:60:
de:0d:08:2d:39:98:83:df:84:1c:9f:7e:c6:1d:21:
bb:1f:37:8d:61:80:18:ee:d7:cd:d7:6d:e0:c6:02:
fd:9d:d3:2b:6b:bd:27:73:d8:ac:b3:2a:1e:7d:55:
7e:49:dd:15:41:ae:dc:67:34:a1:b3:02:0d:8e:c3:
d6:78:ed:33:77:8e:8b:08:e4:c3:52:78:a3:da:d9:
44:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:2D:CE:24:01:F2:E4:89:DC:02:FD:23:5F:73:07:5E:D9:C6:FF:33
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d34cbdaf-086e-4183-aab4-bb50f7e05d8c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:2040::/46
Signature Algorithm: sha256WithRSAEncryption
bc:26:b9:d7:a1:15:89:0e:8a:0f:22:dd:99:e8:a3:b4:01:14:
e4:a6:fa:be:64:ad:1e:64:19:70:09:dd:9c:c8:33:77:d6:5f:
4a:40:44:59:8e:ad:81:9c:ef:d4:4f:f3:cc:be:ed:ef:d0:0e:
a4:49:ee:8d:fd:bd:0b:30:db:6c:6e:da:2a:82:c9:fb:94:50:
fe:92:a2:44:98:5b:ae:2c:08:45:a9:34:1d:c6:dd:20:2d:70:
33:15:0f:1c:a9:93:6a:e5:5b:76:20:59:fd:29:54:a5:5d:c1:
af:28:a7:fc:b8:ab:45:67:dd:77:53:97:ad:1e:5c:e8:05:a0:
e1:76:05:ef:19:2a:89:7f:13:79:22:47:8b:d0:c0:d3:50:f4:
9d:dd:e6:73:36:e3:77:4c:e5:83:ba:49:8d:c8:77:fe:1c:b2:
15:2d:85:42:4a:aa:fb:3d:ab:cf:70:14:c8:aa:16:26:14:76:
7c:19:f9:d8:0d:66:dd:95:7d:f9:36:22:d7:7e:09:a0:33:d1:
40:90:91:b0:de:6c:36:a7:f6:56:a2:5e:fd:6a:ff:4a:41:36:
bd:d9:ce:15:8c:7b:04:18:ad:1f:c3:42:26:5f:b0:f2:db:1e:
92:ba:46:b3:66:28:6f:83:cd:ad:a7:b3:8a:59:69:ad:ac:4f:
af:a1:17:7f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUFdNG5J2/YqE9Df8BQdbS2GW+0MowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYjgwYjMwODI1ZjlmNmNiZmEzZjQw
YTliODBmOWU4NzA0N2I5NjNlY2I4Nzg5MTcxMTk0ZWYzNzI1YzA5NmU3MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMU91RUgnHOV7yRt0lEz1uuf2BfK
tp5vvtyUU/d/ncNnzEN67MO0YY+qpoa5NzDR7M1kp2vhSWcTotRO1/M57uXJsOds
xBZNCRfR/BC9Oqanxx1afAORtgMg18aMA2XgY6PuxgEWiFR9c6YQel5LjehtGxzD
3CQGDyjh0PLcgWXaZyMSfcBy4d4xontbg3c/z7F/xIw+RqBtC30tF1O02J9CCb4S
bmVsDK4zPARzJGz5bmDeDQgtOZiD34Qcn37GHSG7HzeNYYAY7tfN123gxgL9ndMr
a70nc9issyoefVV+Sd0VQa7cZzShswINjsPWeO0zd46LCOTDUnij2tlEYwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPItziQB8uSJ3AL9I19zB17Zxv8zMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2QzNGNiZGFmLTA4NmUtNDE4My1hYWI0LWJiNTBmN2UwNWQ4Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaYCBAMA0GCSqGSIb3DQEBCwUAA4IBAQC8JrnXoRWJDooPIt2Z
6KO0ARTkpvq+ZK0eZBlwCd2cyDN31l9KQERZjq2BnO/UT/PMvu3v0A6kSe6N/b0L
MNtsbtoqgsn7lFD+kqJEmFuuLAhFqTQdxt0gLXAzFQ8cqZNq5Vt2IFn9KVSlXcGv
KKf8uKtFZ913U5etHlzoBaDhdgXvGSqJfxN5IkeL0MDTUPSd3eZzNuN3TOWDukmN
yHf+HLIVLYVCSqr7PavPcBTIqhYmFHZ8GfnYDWbdlX35NiLXfgmgM9FAkJGw3mw2
p/ZWol79av9KQTa92c4VjHsEGK0fw0ImX7Dy2x6SukazZihvg82tp7OKWWmtrE+v
oRd/
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:36:29 2025 by rpki-client