Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7841c4-1ada-4347-bba8-314c574d398d.roa
File: ff7841c4-1ada-4347-bba8-314c574d398d.roa (raw, json)
Hash identifier: 08i9A48EkRlEV1DZ2EC2kCPlX71i7OvQe29FYOClhLE=
Subject key identifier: A9:CF:E9:10:A7:B0:AA:76:9A:65:40:54:9E:5E:85:6B:B5:BD:94:AD
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2F1B2C39D8CBA6202F54D67A42F9903D2028D3E2
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7841c4-1ada-4347-bba8-314c574d398d.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab8:4800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:1b:2c:39:d8:cb:a6:20:2f:54:d6:7a:42:f9:90:3d:20:28:d3:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=dbfd6baedd768789925cfadc59ddb984a40b733341c70710e4f65c1ea4b4b7b6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:55:71:54:60:fd:b8:cf:c8:22:76:cc:ef:d7:
19:13:2a:8c:6e:96:34:63:75:8b:48:61:4d:2a:9f:
23:b6:d1:19:33:48:02:e8:96:e9:65:66:16:71:69:
22:e5:f3:e9:14:e0:7f:ac:98:95:b7:19:dc:5b:ef:
cd:8c:59:db:22:0c:63:68:f5:fb:34:8d:ee:7f:3e:
45:5d:c0:48:98:fd:76:45:10:23:c6:28:35:59:f4:
be:9f:20:2c:3d:a5:09:32:e7:72:5c:4a:80:16:cb:
79:41:64:36:81:aa:1b:56:36:16:ea:cb:5a:af:c2:
45:7a:a0:bc:90:04:23:bb:14:97:ed:4f:ec:4c:11:
68:ed:35:91:6d:e3:35:f9:40:e1:3d:0d:58:03:e5:
46:47:f2:4e:59:78:93:fa:50:60:00:21:7f:91:c8:
2d:d3:59:49:ab:60:59:9d:57:3f:3e:f3:a6:95:c4:
22:26:09:64:28:d9:b1:c7:71:23:9c:ac:be:5e:e0:
e5:17:87:86:67:31:93:78:c7:85:fb:61:c7:63:a0:
f0:fa:2d:93:18:83:92:76:78:df:23:2e:f9:47:7b:
94:97:5a:f6:42:33:77:83:a3:ed:19:51:da:2a:a1:
d2:bd:86:10:bb:9c:a6:fb:ce:21:02:e2:45:9f:30:
3b:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:CF:E9:10:A7:B0:AA:76:9A:65:40:54:9E:5E:85:6B:B5:BD:94:AD
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ff7841c4-1ada-4347-bba8-314c574d398d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab8:4800::/40
Signature Algorithm: sha256WithRSAEncryption
33:82:42:0f:dc:ef:96:d1:02:c0:45:70:12:9e:de:76:be:f3:
bd:71:8c:09:20:74:d2:ac:f5:6a:2c:97:3d:a0:32:3c:53:3f:
50:5b:f7:da:b3:cf:e2:1f:56:f2:7a:0c:00:4c:cf:b8:39:97:
ae:45:a8:a7:55:f1:42:b6:da:5b:cd:44:54:cf:bd:d9:7e:a4:
a6:53:69:b8:7b:47:cc:2d:18:74:43:cb:4f:36:1f:97:f2:5b:
1c:bb:48:af:a6:97:52:68:6a:14:4b:a9:09:77:49:ff:66:3f:
38:47:e6:5c:28:22:7c:17:cb:da:2e:cb:77:1e:60:36:60:dc:
d2:ab:0e:2b:8c:f4:a5:e0:d6:42:84:4f:5a:c3:59:05:1d:8c:
21:be:47:40:1c:c4:78:68:e0:96:6d:b4:6f:b5:c2:4b:ad:3c:
99:95:f6:36:ef:82:7a:96:c0:10:5d:38:19:70:41:e6:a1:ff:
1c:90:2e:c0:3b:bf:04:8f:70:06:a4:42:0a:23:b2:0c:a9:0a:
db:80:a2:97:08:92:42:81:3f:d1:55:e4:19:35:98:c7:22:4e:
10:23:81:4b:2a:d3:5d:c9:0f:8c:03:b8:29:4c:9b:18:38:ca:
e8:29:66:98:7d:16:0c:d6:3f:72:c7:2c:88:6a:06:60:b9:c4:
76:63:f1:12
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIULxssOdjLpiAvVNZ6QvmQPSAo0+IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAZGJmZDZiYWVkZDc2ODc4OTkyNWNm
YWRjNTlkZGI5ODRhNDBiNzMzMzQxYzcwNzEwZTRmNjVjMWVhNGI0YjdiNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1VxVGD9uM/IInbM79cZEyqMbpY0
Y3WLSGFNKp8jttEZM0gC6JbpZWYWcWki5fPpFOB/rJiVtxncW+/NjFnbIgxjaPX7
NI3ufz5FXcBImP12RRAjxig1WfS+nyAsPaUJMudyXEqAFst5QWQ2gaobVjYW6sta
r8JFeqC8kAQjuxSX7U/sTBFo7TWRbeM1+UDhPQ1YA+VGR/JOWXiT+lBgACF/kcgt
01lJq2BZnVc/PvOmlcQiJglkKNmxx3EjnKy+XuDlF4eGZzGTeMeF+2HHY6Dw+i2T
GIOSdnjfIy75R3uUl1r2QjN3g6PtGVHaKqHSvYYQu5ym+84hAuJFnzA7/QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKnP6RCnsKp2mmVAVJ5ehWu1vZStMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZmNzg0MWM0LTFhZGEtNDM0Ny1iYmE4LTMxNGM1NzRkMzk4ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauEgwDQYJKoZIhvcNAQELBQADggEBADOCQg/c75bRAsBFcBKe
3na+871xjAkgdNKs9Woslz2gMjxTP1Bb99qzz+IfVvJ6DABMz7g5l65FqKdV8UK2
2lvNRFTPvdl+pKZTabh7R8wtGHRDy082H5fyWxy7SK+ml1JoahRLqQl3Sf9mPzhH
5lwoInwXy9ouy3ceYDZg3NKrDiuM9KXg1kKET1rDWQUdjCG+R0AcxHho4JZttG+1
wkutPJmV9jbvgnqWwBBdOBlwQeah/xyQLsA7vwSPcAakQgojsgypCtuAopcIkkKB
P9FV5Bk1mMciThAjgUsq013JD4wDuClMmxg4yugpZph9FgzWP3LHLIhqBmC5xHZj
8RI=
-----END CERTIFICATE-----
Generated at Thu Apr 17 18:04:51 2025 by rpki-client