Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ecadad04-3a27-41ee-a687-4b1661f3c07e.roa
File: ecadad04-3a27-41ee-a687-4b1661f3c07e.roa (raw, json)
Hash identifier: nHsv4Mu1leIl4AJM8/wK/azcMbBCf4P2hzvADRXAgdM=
Subject key identifier: 5A:8B:D1:5B:E5:EC:86:C6:67:BB:65:CA:01:0F:FB:2E:5B:B5:BE:5E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 71DF2FF757B249CB0A211AFFF362B33A904C6F3A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ecadad04-3a27-41ee-a687-4b1661f3c07e.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf1:4800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:df:2f:f7:57:b2:49:cb:0a:21:1a:ff:f3:62:b3:3a:90:4c:6f:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: serialNumber=08e45faea57b1a31457f52477acd2868067278f5a9274c43eec2f3367587b0f0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:b8:39:16:40:8c:73:e9:2e:61:de:8f:60:bf:
ce:8f:b4:7d:44:9b:3e:1b:a3:de:3e:50:4a:7b:33:
4d:cf:dd:47:ad:f1:38:b2:e1:e3:75:9a:85:62:b5:
5f:b0:84:5f:d7:d4:bf:df:76:47:4f:75:53:d5:7b:
8e:97:a6:60:a5:9e:fc:b3:c4:b6:1a:50:8b:a6:b4:
1c:1d:99:f1:b9:b5:3d:4b:ac:5d:b8:84:4e:90:85:
b1:ec:72:96:32:67:d9:a3:dc:f5:c1:86:a1:39:93:
84:0f:9e:42:94:02:7f:30:1b:fa:0f:e3:51:0e:dc:
7f:a6:95:37:d8:bf:82:83:49:80:d8:62:69:f0:a5:
0a:40:8a:53:b1:35:92:af:c1:24:f5:32:9d:0e:ff:
af:7e:c6:96:e4:ce:0d:9e:ba:de:4d:dc:d9:c7:13:
71:6e:0a:9b:da:9b:5e:59:19:7c:96:ea:6d:ec:9f:
18:80:dd:c1:9b:3b:cb:08:dc:41:61:c5:4e:da:21:
0c:bc:9f:47:72:bd:38:c3:49:4e:fc:9c:7b:1d:19:
47:e8:ac:f8:fa:e5:1a:20:ad:44:0d:01:85:65:43:
4b:c9:9b:6e:12:1c:bc:0e:b1:a5:88:e9:3f:0c:56:
f5:32:1b:de:72:b7:b2:00:6d:d6:86:15:76:cf:01:
85:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:8B:D1:5B:E5:EC:86:C6:67:BB:65:CA:01:0F:FB:2E:5B:B5:BE:5E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ecadad04-3a27-41ee-a687-4b1661f3c07e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf1:4800::/40
Signature Algorithm: sha256WithRSAEncryption
33:17:1d:a8:42:d8:6e:7d:ee:86:6a:3c:ee:86:a0:8e:ee:4c:
96:02:56:46:80:2c:af:4a:77:cc:c6:6b:92:fd:ec:b9:ae:fb:
ab:05:78:30:59:10:25:ec:4c:a9:97:f7:62:93:85:f6:b2:17:
71:33:f8:bc:f5:97:12:36:a8:32:fe:68:c5:49:80:d8:0f:f4:
78:59:b0:b5:77:c2:7f:fb:87:c1:3f:bf:64:b0:af:45:bc:44:
0e:98:b0:bc:5c:00:0d:95:c2:c8:4b:9e:35:6b:e0:a2:be:3b:
ba:29:a1:cc:52:5b:b9:0b:d7:c5:f0:e9:10:f9:b7:db:62:ec:
d2:58:d2:6f:c3:be:86:8e:ba:77:15:c5:4c:4e:12:0f:58:77:
25:59:3a:f4:6b:af:ea:f1:6f:0c:97:93:95:67:ee:f2:ea:9c:
b1:a9:a0:2d:55:55:b8:3b:83:87:08:13:4f:70:c2:ba:4a:ed:
c7:27:c6:ad:28:a3:a4:1f:50:63:75:64:39:3b:d2:f4:0a:2b:
bd:f2:fa:9a:25:61:76:0e:60:c1:74:c7:bc:44:47:18:87:53:
c5:1b:50:c5:08:f7:c9:a7:67:8d:03:b3:ba:f5:45:d4:51:89:
90:c9:90:5e:95:c3:87:28:61:11:ef:96:a4:44:fa:24:30:23:
ad:01:32:e9
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUcd8v91eyScsKIRr/82KzOpBMbzowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAMDhlNDVmYWVhNTdiMWEzMTQ1N2Y1
MjQ3N2FjZDI4NjgwNjcyNzhmNWE5Mjc0YzQzZWVjMmYzMzY3NTg3YjBmMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp7g5FkCMc+kuYd6PYL/Oj7R9RJs+
G6PePlBKezNNz91HrfE4suHjdZqFYrVfsIRf19S/33ZHT3VT1XuOl6ZgpZ78s8S2
GlCLprQcHZnxubU9S6xduIROkIWx7HKWMmfZo9z1wYahOZOED55ClAJ/MBv6D+NR
Dtx/ppU32L+Cg0mA2GJp8KUKQIpTsTWSr8Ek9TKdDv+vfsaW5M4NnrreTdzZxxNx
bgqb2pteWRl8lupt7J8YgN3BmzvLCNxBYcVO2iEMvJ9Hcr04w0lO/Jx7HRlH6Kz4
+uUaIK1EDQGFZUNLyZtuEhy8DrGliOk/DFb1MhvecreyAG3WhhV2zwGF0QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFqL0Vvl7IbGZ7tlygEP+y5btb5eMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VjYWRhZDA0LTNhMjctNDFlZS1hNjg3LTRiMTY2MWYzYzA3ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8UgwDQYJKoZIhvcNAQELBQADggEBADMXHahC2G597oZqPO6G
oI7uTJYCVkaALK9Kd8zGa5L97Lmu+6sFeDBZECXsTKmX92KThfayF3Ez+Lz1lxI2
qDL+aMVJgNgP9HhZsLV3wn/7h8E/v2Swr0W8RA6YsLxcAA2VwshLnjVr4KK+O7op
ocxSW7kL18Xw6RD5t9ti7NJY0m/DvoaOuncVxUxOEg9YdyVZOvRrr+rxbwyXk5Vn
7vLqnLGpoC1VVbg7g4cIE09wwrpK7ccnxq0oo6QfUGN1ZDk70vQKK73y+polYXYO
YMF0x7xERxiHU8UbUMUI98mnZ40Ds7r1RdRRiZDJkF6Vw4coYRHvlqRE+iQwI60B
Muk=
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:31:40 2025 by rpki-client