Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd8bb927-2445-4a8c-afa9-cc9fd2839c51.roa
File: dd8bb927-2445-4a8c-afa9-cc9fd2839c51.roa (raw, json)
Hash identifier: 1P74lJCFwF5YrfZrwlXgDQz5OWt4NVfqW/vmc/5lKnM=
Subject key identifier: 11:C1:9F:6F:3E:03:19:AB:4B:3A:15:BE:1D:50:73:C2:91:08:81:26
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 682D67DF8199357F48DAE4790F6FEA5B35509BC1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd8bb927-2445-4a8c-afa9-cc9fd2839c51.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafc:800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:2d:67:df:81:99:35:7f:48:da:e4:79:0f:6f:ea:5b:35:50:9b:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: serialNumber=7e01b4f3569406e144bfd9688d8063c579a504febf0b2aab0274bcad473b694d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:17:fd:b5:8f:8b:67:ae:c7:c9:bf:46:c9:80:
74:20:54:8f:32:3d:41:3a:96:73:26:62:72:84:24:
6a:38:b7:64:0b:c8:8d:b2:2f:87:83:06:0c:71:1c:
bf:83:a8:c9:e8:db:c5:7c:bf:3c:3c:e3:2a:76:25:
32:1f:e2:8b:59:85:65:24:61:9e:e0:24:b2:ab:80:
a0:f5:9e:40:36:e4:c0:db:f0:64:4a:d4:f9:9c:9a:
22:b6:86:95:eb:ef:b7:82:de:c1:20:a0:60:87:4e:
79:00:ec:03:ea:39:e3:ef:fa:8f:d6:2b:f5:fd:f9:
ab:41:91:3f:bf:bd:78:3e:10:08:bc:14:b1:20:af:
fe:bd:aa:68:6a:79:1d:97:dc:bc:5b:b4:b3:a2:ae:
0d:c3:dc:44:d2:a8:4f:98:c5:a5:6b:22:a8:79:8d:
3a:46:ad:7d:b2:d5:38:7e:11:01:41:bd:f9:59:5a:
70:f9:d5:89:7b:73:08:da:b7:e7:50:ab:31:cf:7d:
cf:96:06:04:22:42:09:6f:ee:75:2b:50:aa:f6:11:
5a:5b:1b:40:e3:ff:13:f8:0b:08:ea:d4:8c:40:75:
77:80:29:47:15:64:eb:ea:2c:dd:81:63:a2:b3:4e:
b3:f8:40:c6:71:24:bb:47:32:33:1c:7e:a4:8d:4c:
ad:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:C1:9F:6F:3E:03:19:AB:4B:3A:15:BE:1D:50:73:C2:91:08:81:26
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd8bb927-2445-4a8c-afa9-cc9fd2839c51.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafc:800::/40
Signature Algorithm: sha256WithRSAEncryption
4c:c3:91:c9:a4:49:7a:f4:6c:b7:c2:0c:c1:31:0a:d1:9b:f8:
46:df:0d:42:28:1a:a7:54:62:3e:70:e0:da:25:fb:19:29:b7:
e1:a6:cc:6c:0a:4d:90:96:ce:1e:b6:d1:67:06:e9:94:de:03:
86:71:48:1f:1a:3e:24:c7:70:11:c6:e8:ab:39:36:74:67:e8:
2a:96:82:42:97:48:72:39:8e:01:13:2b:ae:15:8a:9d:55:65:
d8:b0:6f:e9:38:0a:b3:aa:c1:d8:84:86:b3:da:04:b5:2a:78:
fe:a4:fb:b9:ad:b7:2c:75:64:36:21:34:0b:f6:f2:29:f3:18:
8a:a6:1d:7f:c0:25:6f:b2:11:dd:8f:d0:ab:a8:a2:9b:da:dd:
8d:cb:68:93:2d:4f:af:61:66:e9:2a:6b:43:79:99:69:36:cd:
3e:dc:d7:94:58:b8:6f:ec:36:d5:9d:26:26:27:df:84:3a:24:
84:b4:0c:b0:19:fe:e9:d2:a0:85:83:09:64:29:9c:ac:17:b5:
49:01:f3:82:00:fa:c6:91:db:fe:0c:87:83:ff:46:60:8f:85:
52:d1:36:c0:e8:6b:f1:c3:58:ca:92:4b:46:c4:a7:55:35:f0:
cf:7b:c3:a4:f4:d3:d9:b1:a3:4b:97:d7:5c:5a:fa:73:e6:7d:
5a:2a:22:9f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUaC1n34GZNX9I2uR5D2/qWzVQm8EwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAN2UwMWI0ZjM1Njk0MDZlMTQ0YmZk
OTY4OGQ4MDYzYzU3OWE1MDRmZWJmMGIyYWFiMDI3NGJjYWQ0NzNiNjk0ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvhf9tY+LZ67Hyb9GyYB0IFSPMj1B
OpZzJmJyhCRqOLdkC8iNsi+HgwYMcRy/g6jJ6NvFfL88POMqdiUyH+KLWYVlJGGe
4CSyq4Cg9Z5ANuTA2/BkStT5nJoitoaV6++3gt7BIKBgh055AOwD6jnj7/qP1iv1
/fmrQZE/v714PhAIvBSxIK/+vapoankdl9y8W7Szoq4Nw9xE0qhPmMWlayKoeY06
Rq19stU4fhEBQb35WVpw+dWJe3MI2rfnUKsxz33PlgYEIkIJb+51K1Cq9hFaWxtA
4/8T+AsI6tSMQHV3gClHFWTr6izdgWOis06z+EDGcSS7RzIzHH6kjUyt5QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBHBn28+AxmrSzoVvh1Qc8KRCIEmMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RkOGJiOTI3LTI0NDUtNGE4Yy1hZmE5LWNjOWZkMjgzOWM1MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/AgwDQYJKoZIhvcNAQELBQADggEBAEzDkcmkSXr0bLfCDMEx
CtGb+EbfDUIoGqdUYj5w4Nol+xkpt+GmzGwKTZCWzh620WcG6ZTeA4ZxSB8aPiTH
cBHG6Ks5NnRn6CqWgkKXSHI5jgETK64Vip1VZdiwb+k4CrOqwdiEhrPaBLUqeP6k
+7mttyx1ZDYhNAv28inzGIqmHX/AJW+yEd2P0Kuoopva3Y3LaJMtT69hZukqa0N5
mWk2zT7c15RYuG/sNtWdJiYn34Q6JIS0DLAZ/unSoIWDCWQpnKwXtUkB84IA+saR
2/4Mh4P/RmCPhVLRNsDoa/HDWMqSS0bEp1U18M97w6T009mxo0uX11xa+nPmfVoq
Ip8=
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:36:27 2025 by rpki-client