Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2d2af952-35e6-43e7-b07a-74956b69b4a0.roa
File: 2d2af952-35e6-43e7-b07a-74956b69b4a0.roa (raw, json)
Hash identifier: +QwvPU3tn2OP4g3yvYwNZPtTbfpVuJmse1pHu2qzjRo=
Subject key identifier: 41:1E:F4:2A:B2:29:9A:C9:8C:ED:0E:41:BB:B2:21:F6:02:38:DE:05
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 56A084A1B96CC1F286DBA0A6F7FCF9CE9C3FEAF1
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2d2af952-35e6-43e7-b07a-74956b69b4a0.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2403:b300::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:a0:84:a1:b9:6c:c1:f2:86:db:a0:a6:f7:fc:f9:ce:9c:3f:ea:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=6b1f948d57979dfe46d70530fe356e0d3ef2f249973baab9fb6ece4f68e2c47c, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:39:9b:52:fc:c9:e7:6f:6c:87:40:e9:a2:44:
bf:84:53:b3:8d:18:35:b4:66:48:b7:c0:85:61:56:
00:0e:bb:c8:2e:7e:08:02:a4:96:e4:58:ec:08:02:
cf:03:a6:4a:ad:6a:07:94:89:f5:44:75:65:92:82:
35:48:a1:a5:42:95:aa:23:57:64:8e:f6:18:3c:4c:
a4:4d:27:bf:cd:08:bd:14:e1:0b:25:52:76:17:d4:
2d:a7:7e:3c:58:ce:8d:8e:f3:90:09:fb:a7:cc:dd:
9b:7a:86:2e:47:18:bd:92:e8:de:40:09:cf:37:c7:
d1:51:40:48:1a:6f:f5:f4:b6:2b:bf:65:ac:c4:0a:
22:a6:e9:75:83:2e:8b:d5:83:12:dd:76:8e:d1:80:
6b:a1:20:f8:18:21:ac:ea:74:76:fe:36:01:89:3b:
fd:0c:9d:73:da:ee:32:b4:d4:0b:f3:eb:5e:98:94:
fa:80:4c:ca:2d:70:64:67:8f:b6:67:2d:87:92:81:
48:2d:f6:06:08:0c:77:61:5c:dd:e7:6f:e1:b0:48:
dc:da:15:7e:67:67:a5:5a:e8:99:cd:36:a1:9a:b2:
f0:f2:86:60:5f:71:e5:35:2b:9c:53:cd:af:6c:bc:
b1:f5:46:60:76:70:fa:5f:f8:86:fa:a9:3d:1e:6b:
28:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:1E:F4:2A:B2:29:9A:C9:8C:ED:0E:41:BB:B2:21:F6:02:38:DE:05
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2d2af952-35e6-43e7-b07a-74956b69b4a0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300::/32
Signature Algorithm: sha256WithRSAEncryption
86:cb:f6:0b:d0:4c:cc:0f:76:49:9d:6f:d4:39:07:79:a4:44:
37:7d:af:19:65:42:d8:14:9d:8b:5d:99:a7:53:68:87:06:ac:
c8:3f:6f:e1:65:30:4c:e6:fc:b1:46:2a:3d:f6:a7:f8:66:68:
2c:9d:ed:fd:dc:f3:3b:e5:e3:36:81:2f:63:bf:ea:69:79:85:
9f:00:fa:ea:a5:8c:25:cd:85:0b:f8:1c:8b:bc:b5:f1:b4:fa:
15:e6:58:64:c0:86:8a:b1:84:65:4e:21:6c:06:62:81:dc:65:
a5:ef:22:3e:9d:34:6e:bc:8f:1c:d8:4f:3c:06:cf:1c:b1:ba:
ee:29:bd:91:cc:39:c4:b7:13:50:33:4e:e8:ca:d4:f8:9b:8b:
11:fb:53:37:7a:09:f3:19:0b:b6:1e:4d:48:f1:90:9d:56:3c:
b4:63:83:00:a5:9b:b5:8f:14:9a:e2:e9:30:f1:f5:c2:0e:9d:
81:db:6d:22:6c:9c:a3:ff:b3:a2:2f:ae:b2:a9:1e:97:0f:b4:
d6:85:93:a0:4a:29:64:90:a4:0f:b3:aa:85:45:11:d6:fe:23:
b7:b1:2b:1d:20:42:93:34:8c:ee:32:08:78:4a:1e:17:cf:9e:
79:90:11:11:6f:a4:45:d7:0a:b8:ef:40:b1:84:08:fa:65:2b:
28:38:b0:e3
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUVqCEoblswfKG26Cm9/z5zpw/6vEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNANmIxZjk0OGQ1Nzk3OWRmZTQ2ZDcw
NTMwZmUzNTZlMGQzZWYyZjI0OTk3M2JhYWI5ZmI2ZWNlNGY2OGUyYzQ3YzEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkzmbUvzJ529sh0DpokS/hFOzjRg1
tGZIt8CFYVYADrvILn4IAqSW5FjsCALPA6ZKrWoHlIn1RHVlkoI1SKGlQpWqI1dk
jvYYPEykTSe/zQi9FOELJVJ2F9Qtp348WM6NjvOQCfunzN2beoYuRxi9kujeQAnP
N8fRUUBIGm/19LYrv2WsxAoipul1gy6L1YMS3XaO0YBroSD4GCGs6nR2/jYBiTv9
DJ1z2u4ytNQL8+temJT6gEzKLXBkZ4+2Zy2HkoFILfYGCAx3YVzd52/hsEjc2hV+
Z2elWuiZzTahmrLw8oZgX3HlNSucU82vbLyx9UZgdnD6X/iG+qk9HmsopwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFEEe9CqyKZrJjO0OQbuyIfYCON4FMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzJkMmFmOTUyLTM1ZTYtNDNlNy1iMDdhLTc0OTU2YjY5YjRhMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAOzADANBgkqhkiG9w0BAQsFAAOCAQEAhsv2C9BMzA92SZ1v1DkH
eaREN32vGWVC2BSdi12Zp1NohwasyD9v4WUwTOb8sUYqPfan+GZoLJ3t/dzzO+Xj
NoEvY7/qaXmFnwD66qWMJc2FC/gci7y18bT6FeZYZMCGirGEZU4hbAZigdxlpe8i
Pp00bryPHNhPPAbPHLG67im9kcw5xLcTUDNO6MrU+JuLEftTN3oJ8xkLth5NSPGQ
nVY8tGODAKWbtY8UmuLpMPH1wg6dgdttImyco/+zoi+usqkelw+01oWToEopZJCk
D7OqhUUR1v4jt7ErHSBCkzSM7jIIeEoeF8+eeZAREW+kRdcKuO9AsYQI+mUrKDiw
4w==
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:57:53 2025 by rpki-client