Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0b839f01-283b-4c23-b8a7-3697b9583ee1.roa
File: 0b839f01-283b-4c23-b8a7-3697b9583ee1.roa (raw, json)
Hash identifier: rRxdMzOvTSNzTq731hIc5FtoqRTpIedLpIyD8kerp1k=
Subject key identifier: C0:A3:E9:98:BD:79:2E:B5:5F:44:83:A1:85:31:FE:B2:C4:94:BE:EB
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 2237AA17369CF4F33568A2313AF6EE69A37BA8CE
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0b839f01-283b-4c23-b8a7-3697b9583ee1.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300:100c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:37:aa:17:36:9c:f4:f3:35:68:a2:31:3a:f6:ee:69:a3:7b:a8:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=5853838678ea235bad7acec40e6243ed17a6ad8558174df888a5bbf0bfa7d27b, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:74:5c:7a:0e:19:d7:5d:75:52:42:38:51:34:
cd:17:57:db:5f:fb:8e:b5:fe:43:f5:ab:49:06:a7:
eb:1d:87:27:82:db:44:7f:33:9a:82:01:d3:43:51:
3b:8b:3b:01:38:b4:4f:3e:7f:1c:b5:25:d9:af:81:
8c:04:0e:5e:b6:ed:cb:4c:6f:2d:e6:02:ff:ce:60:
69:00:b2:93:97:37:e7:74:38:84:c6:fa:9f:17:30:
8e:50:7d:b6:43:6e:e0:ee:45:38:3b:28:b8:bb:e7:
20:5d:39:ef:e2:cf:3d:85:bf:66:75:a4:e2:c7:49:
c4:86:7a:fa:ef:7f:17:e9:9b:99:85:e3:dd:ab:b0:
61:fc:ea:ab:c5:b8:18:95:e9:43:a3:c2:77:17:5d:
79:75:c7:bd:28:76:e5:6b:8b:8d:aa:84:c3:14:0e:
56:9c:f9:3a:70:d9:93:24:51:94:ed:44:66:db:24:
f2:d2:b6:cb:02:fc:c2:84:c9:b9:52:49:a1:12:65:
19:db:fd:cc:6c:bb:c9:61:d6:0b:29:39:5e:52:c1:
40:0f:b4:54:ae:c0:7d:38:dd:2d:0d:c1:63:21:ff:
55:cb:20:42:ff:be:04:e9:2d:51:ce:90:5d:e8:0b:
64:87:b8:67:21:4e:5c:b9:a0:dc:8d:e7:0d:53:5e:
89:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:A3:E9:98:BD:79:2E:B5:5F:44:83:A1:85:31:FE:B2:C4:94:BE:EB
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0b839f01-283b-4c23-b8a7-3697b9583ee1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300:100c::/48
Signature Algorithm: sha256WithRSAEncryption
37:7d:f0:d4:bd:42:eb:9d:47:18:b7:fa:f1:cb:0b:bb:e6:15:
ce:12:1c:1e:21:6f:81:31:27:33:32:0a:2e:3e:00:f5:01:c8:
71:f4:a5:85:3d:fa:06:d5:42:73:27:63:09:3b:c4:9a:bb:5c:
9b:58:78:78:d7:60:13:be:70:9b:bd:fb:c0:bb:b5:c4:22:0e:
03:6b:e8:9e:8b:8c:60:fa:26:84:ec:35:9f:3e:fc:af:97:04:
08:c6:43:ff:c0:31:e8:4d:96:01:fc:74:6e:07:a5:6b:be:85:
2a:fa:1b:45:64:d0:b8:0a:5d:ed:7f:a3:7d:aa:76:0d:f7:83:
f0:aa:ef:e9:4f:8a:ee:3f:91:04:11:83:a4:3e:79:bc:a0:28:
86:86:bf:26:28:6a:2c:af:48:5d:53:51:b5:7c:01:0a:69:da:
35:fe:eb:5b:6a:3d:cc:25:48:2c:d8:28:75:d1:9a:ba:03:9e:
1a:71:ee:b9:0d:94:76:f1:83:81:81:70:21:e6:7e:95:56:95:
8f:4e:4a:a7:43:49:de:07:e5:c0:e6:9b:1c:6f:e6:10:a6:0c:
8f:d5:71:5d:7f:6b:11:2f:65:5e:a0:a8:28:99:5a:4e:a1:07:
06:62:ab:61:b2:1b:43:14:89:e9:ce:fd:1f:b4:e6:19:f5:f6:
23:8a:7f:1b
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUIjeqFzac9PM1aKIxOvbuaaN7qM4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNANTg1MzgzODY3OGVhMjM1YmFkN2Fj
ZWM0MGU2MjQzZWQxN2E2YWQ4NTU4MTc0ZGY4ODhhNWJiZjBiZmE3ZDI3YjEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqXRceg4Z1111UkI4UTTNF1fbX/uO
tf5D9atJBqfrHYcngttEfzOaggHTQ1E7izsBOLRPPn8ctSXZr4GMBA5etu3LTG8t
5gL/zmBpALKTlzfndDiExvqfFzCOUH22Q27g7kU4Oyi4u+cgXTnv4s89hb9mdaTi
x0nEhnr6738X6ZuZhePdq7Bh/OqrxbgYlelDo8J3F115dce9KHbla4uNqoTDFA5W
nPk6cNmTJFGU7URm2yTy0rbLAvzChMm5UkmhEmUZ2/3MbLvJYdYLKTleUsFAD7RU
rsB9ON0tDcFjIf9VyyBC/74E6S1RzpBd6Atkh7hnIU5cuaDcjecNU16JpwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFMCj6Zi9eS61X0SDoYUx/rLElL7rMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzBiODM5ZjAxLTI4M2ItNGMyMy1iOGE3LTM2OTdiOTU4M2VlMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAOzABAMMA0GCSqGSIb3DQEBCwUAA4IBAQA3ffDUvULrnUcYt/rx
ywu75hXOEhweIW+BMSczMgouPgD1Achx9KWFPfoG1UJzJ2MJO8Sau1ybWHh412AT
vnCbvfvAu7XEIg4Da+iei4xg+iaE7DWfPvyvlwQIxkP/wDHoTZYB/HRuB6VrvoUq
+htFZNC4Cl3tf6N9qnYN94Pwqu/pT4ruP5EEEYOkPnm8oCiGhr8mKGosr0hdU1G1
fAEKado1/utbaj3MJUgs2Ch10Zq6A54ace65DZR28YOBgXAh5n6VVpWPTkqnQ0ne
B+XA5pscb+YQpgyP1XFdf2sRL2VeoKgomVpOoQcGYqthshtDFInpzv0ftOYZ9fYj
in8b
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:01:17 2025 by rpki-client