Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0dfd6e20-2823-4f68-ae48-725fe4ee2f81.roa
File: 0dfd6e20-2823-4f68-ae48-725fe4ee2f81.roa (raw, json)
Hash identifier: /Ew6sw97hu6Ykbb66U+/fbqQKn3I5sJdmsLruZnmHFg=
Subject key identifier: 3C:CF:17:01:3E:90:33:E0:4E:D6:C9:90:60:B0:99:B7:2C:64:31:D8
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 2C5E6C449049193A6B166790F306D6F1409AEF99
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0dfd6e20-2823-4f68-ae48-725fe4ee2f81.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300:1080::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:5e:6c:44:90:49:19:3a:6b:16:67:90:f3:06:d6:f1:40:9a:ef:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=a20f6833e2109e048277083a09906dc95c9a889e6289bb58741bbb8ffd0ce9ce, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:02:45:44:a5:db:f3:1b:3d:57:3b:a4:10:3e:
e5:54:1e:52:c6:d4:71:64:9f:5d:8d:36:f7:37:a8:
1d:e9:7b:6b:98:f7:72:9d:b7:d8:c9:66:68:fc:03:
29:15:ab:77:db:55:b6:ce:b2:f0:99:e2:e3:7d:a9:
45:74:05:ed:1e:35:10:39:92:fe:c1:a0:ba:4a:57:
b4:63:31:d0:af:a4:6e:68:c3:09:21:86:c7:80:64:
58:f2:b9:ab:ff:6e:0e:89:0f:14:53:ad:08:b7:a3:
be:23:2f:1f:7c:cc:4d:3b:1b:4b:41:7d:be:95:1c:
2a:8f:89:88:8f:04:a8:76:8c:2b:03:f3:07:aa:09:
8b:14:ad:88:92:63:df:74:75:76:a3:f4:70:d9:95:
37:52:03:6b:3e:25:91:f1:6b:70:ad:c2:b6:ea:de:
6a:63:44:16:11:92:ce:70:d2:b7:e0:6e:0b:29:23:
7e:d2:19:ab:44:bd:23:dd:aa:d7:a3:aa:0e:e6:ae:
77:e8:de:e6:db:fa:8d:36:b8:8a:76:a8:6c:3d:30:
3a:7c:c2:40:0c:a7:8c:0d:33:15:c2:35:43:e8:e2:
0d:cd:46:10:36:53:d7:60:0c:40:8e:f3:1e:5e:3b:
79:f5:5e:31:79:81:35:78:7c:92:15:33:fa:e4:00:
cb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:CF:17:01:3E:90:33:E0:4E:D6:C9:90:60:B0:99:B7:2C:64:31:D8
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/0dfd6e20-2823-4f68-ae48-725fe4ee2f81.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300:1080::/48
Signature Algorithm: sha256WithRSAEncryption
0b:1d:28:b4:af:62:74:8c:03:92:a5:57:b3:4a:06:1a:72:71:
45:c1:ae:c3:64:d4:55:a9:82:70:8f:c6:7d:bb:d0:dd:2e:cb:
db:53:89:fe:5b:9e:69:cb:48:72:7e:6d:e4:04:56:6b:be:d8:
17:53:89:a5:d2:f5:22:fc:3b:55:3a:48:1d:2b:c0:e6:bf:e3:
58:29:50:75:c2:c5:f5:ba:6d:3f:82:ec:95:d9:b8:68:14:50:
cf:51:a2:fb:2e:b6:b7:76:09:59:61:d1:d6:fc:fe:4f:a8:a2:
2e:f4:07:9c:f1:1f:ea:3c:d9:24:b2:f0:b6:fe:83:ca:49:74:
39:3b:24:3d:b8:0a:14:23:ad:e9:6d:54:5e:98:95:66:54:d9:
c7:25:26:99:31:ff:8f:16:15:72:ee:30:b4:d3:a9:4a:f7:0b:
b1:da:87:c6:41:a7:64:73:bc:7f:b5:d0:d1:42:a9:d3:cc:c2:
09:a3:e8:66:76:32:1e:94:52:b4:d1:57:29:3f:26:7c:ab:b1:
9f:5f:82:d5:7e:28:71:4e:9a:1a:43:11:1a:2c:85:10:55:a6:
4a:7c:3e:5b:f5:be:96:ef:be:5f:a5:5b:89:e6:dc:b9:d3:bf:
d5:f2:28:c4:a5:1e:3e:ea:cd:43:48:9b:93:dc:b9:0b:3a:97:
c1:19:c9:f0
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIULF5sRJBJGTprFmeQ8wbW8UCa75kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNAYTIwZjY4MzNlMjEwOWUwNDgyNzcw
ODNhMDk5MDZkYzk1YzlhODg5ZTYyODliYjU4NzQxYmJiOGZmZDBjZTljZTEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwJFRKXb8xs9VzukED7lVB5SxtRx
ZJ9djTb3N6gd6XtrmPdynbfYyWZo/AMpFat321W2zrLwmeLjfalFdAXtHjUQOZL+
waC6Sle0YzHQr6RuaMMJIYbHgGRY8rmr/24OiQ8UU60It6O+Iy8ffMxNOxtLQX2+
lRwqj4mIjwSodowrA/MHqgmLFK2IkmPfdHV2o/Rw2ZU3UgNrPiWR8WtwrcK26t5q
Y0QWEZLOcNK34G4LKSN+0hmrRL0j3arXo6oO5q536N7m2/qNNriKdqhsPTA6fMJA
DKeMDTMVwjVD6OINzUYQNlPXYAxAjvMeXjt59V4xeYE1eHySFTP65ADLvQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDzPFwE+kDPgTtbJkGCwmbcsZDHYMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzBkZmQ2ZTIwLTI4MjMtNGY2OC1hZTQ4LTcyNWZlNGVlMmY4MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAOzABCAMA0GCSqGSIb3DQEBCwUAA4IBAQALHSi0r2J0jAOSpVez
SgYacnFFwa7DZNRVqYJwj8Z9u9DdLsvbU4n+W55py0hyfm3kBFZrvtgXU4ml0vUi
/DtVOkgdK8Dmv+NYKVB1wsX1um0/guyV2bhoFFDPUaL7Lra3dglZYdHW/P5PqKIu
9Aec8R/qPNkksvC2/oPKSXQ5OyQ9uAoUI63pbVRemJVmVNnHJSaZMf+PFhVy7jC0
06lK9wux2ofGQadkc7x/tdDRQqnTzMIJo+hmdjIelFK00VcpPyZ8q7GfX4LVfihx
TpoaQxEaLIUQVaZKfD5b9b6W775fpVuJ5ty507/V8ijEpR4+6s1DSJuT3LkLOpfB
Gcnw
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:01:14 2025 by rpki-client