Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/90e88caa-70b7-406a-a161-a6118790ffdb.roa
File: 90e88caa-70b7-406a-a161-a6118790ffdb.roa (raw, json)
Hash identifier: 3ekF3fgLWRK/OQnAYnXHsDgTa4mKQPPGMQf30MAhjZ0=
Subject key identifier: ED:04:69:E5:8B:8A:7A:78:37:AE:3B:F7:FA:64:D0:F5:59:89:92:7B
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 3BE5B27E046AF162483338E833222D1A52B7EC9C
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/90e88caa-70b7-406a-a161-a6118790ffdb.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300:1008::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:e5:b2:7e:04:6a:f1:62:48:33:38:e8:33:22:2d:1a:52:b7:ec:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=81b8e410f672f6b0143b133feb0a002c3b0a65f8b345223576ec32b7cadefea2, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:c4:97:e1:54:03:ae:67:77:a8:ba:5b:e3:24:
15:ab:81:b1:99:30:4b:eb:cb:a8:73:4b:bc:23:fe:
24:0b:95:19:ea:3a:8c:4f:da:c5:14:da:61:3d:20:
e9:94:fa:6b:05:ce:51:60:66:bd:64:24:7a:2f:31:
4c:bd:94:37:95:93:b8:ea:47:9b:58:17:6e:e8:3d:
64:56:a0:53:2c:c2:f1:58:35:3e:0d:a6:dc:0c:d1:
91:3f:2c:d8:8c:bc:b4:ea:52:80:9d:78:2f:18:60:
11:62:5b:10:0d:e2:5f:42:c3:db:05:b1:25:30:4e:
d1:47:68:e6:df:30:a0:71:3b:b2:ba:1e:65:a1:57:
c3:6b:78:8c:e5:2c:23:88:e3:ca:e7:41:87:9d:19:
5c:8a:99:80:a3:55:a8:c1:9d:09:12:15:6c:0a:a2:
87:ef:0d:25:87:a4:fe:64:19:a2:9f:fa:81:e0:00:
6c:ca:bb:96:79:e0:5e:f5:7f:2e:6d:21:2b:fb:9b:
1d:3b:74:2b:0a:6a:72:21:0c:8b:f6:cc:65:e4:d0:
ed:d9:78:24:5d:d0:42:64:a8:f9:e1:1c:f9:1a:dd:
01:70:1a:77:44:03:1e:f3:7e:19:66:77:a8:1f:2b:
65:57:42:0f:46:01:7f:44:42:37:a2:e0:b3:c1:05:
1e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:04:69:E5:8B:8A:7A:78:37:AE:3B:F7:FA:64:D0:F5:59:89:92:7B
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/90e88caa-70b7-406a-a161-a6118790ffdb.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300:1008::/48
Signature Algorithm: sha256WithRSAEncryption
66:f0:ef:18:52:b6:51:77:08:40:52:8d:15:e3:ae:76:dc:a5:
ba:cf:fc:e9:19:13:a0:c3:1c:39:a8:cc:29:a7:e1:6a:ae:17:
1d:a8:6e:a3:5b:d5:82:5b:19:d1:6b:e8:2d:6a:cd:f6:28:53:
de:c3:fc:90:64:04:e9:79:49:b0:38:0d:d6:04:d2:76:91:0b:
51:58:3a:13:f8:09:bf:74:7c:96:0f:82:a1:41:dc:31:e8:a4:
c4:f5:93:82:4f:71:3c:2c:4f:33:2b:4a:41:85:0b:db:e6:69:
64:b7:67:7b:8e:ef:b4:cc:e4:9d:b7:4f:fe:b2:f1:96:7e:57:
84:42:d0:4c:bf:76:9f:3a:cd:1d:9f:62:6f:8a:21:4d:95:eb:
f7:89:83:a4:eb:06:4e:2b:5d:b3:d7:ad:e1:5f:78:47:d2:90:
fb:c6:37:dc:cd:b4:b0:01:9c:69:23:e1:d6:3b:ff:39:d4:86:
f6:fe:06:44:f6:55:bb:c3:8e:47:43:c6:56:2c:a9:64:54:29:
5b:0a:65:7d:b0:db:7c:b1:68:f8:d6:18:ff:50:b2:66:a5:4f:
5a:3f:c7:09:3d:63:cf:0a:3e:6e:aa:d2:72:2e:d5:64:e5:b9:
43:b9:17:11:92:a0:67:f8:6e:c5:ba:36:74:14:9e:00:cd:40:
20:2a:3f:f6
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUO+WyfgRq8WJIMzjoMyItGlK37JwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNAODFiOGU0MTBmNjcyZjZiMDE0M2Ix
MzNmZWIwYTAwMmMzYjBhNjVmOGIzNDUyMjM1NzZlYzMyYjdjYWRlZmVhMjEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqMSX4VQDrmd3qLpb4yQVq4GxmTBL
68uoc0u8I/4kC5UZ6jqMT9rFFNphPSDplPprBc5RYGa9ZCR6LzFMvZQ3lZO46keb
WBdu6D1kVqBTLMLxWDU+DabcDNGRPyzYjLy06lKAnXgvGGARYlsQDeJfQsPbBbEl
ME7RR2jm3zCgcTuyuh5loVfDa3iM5SwjiOPK50GHnRlcipmAo1WowZ0JEhVsCqKH
7w0lh6T+ZBmin/qB4ABsyruWeeBe9X8ubSEr+5sdO3QrCmpyIQyL9sxl5NDt2Xgk
XdBCZKj54Rz5Gt0BcBp3RAMe834ZZneoHytlV0IPRgF/REI3ouCzwQUe4wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFO0EaeWLinp4N6479/pk0PVZiZJ7MB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzkwZTg4Y2FhLTcwYjctNDA2YS1hMTYxLWE2MTE4NzkwZmZkYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAOzABAIMA0GCSqGSIb3DQEBCwUAA4IBAQBm8O8YUrZRdwhAUo0V
46523KW6z/zpGROgwxw5qMwpp+FqrhcdqG6jW9WCWxnRa+gtas32KFPew/yQZATp
eUmwOA3WBNJ2kQtRWDoT+Am/dHyWD4KhQdwx6KTE9ZOCT3E8LE8zK0pBhQvb5mlk
t2d7ju+0zOSdt0/+svGWfleEQtBMv3afOs0dn2JviiFNlev3iYOk6wZOK12z163h
X3hH0pD7xjfczbSwAZxpI+HWO/851Ib2/gZE9lW7w45HQ8ZWLKlkVClbCmV9sNt8
sWj41hj/ULJmpU9aP8cJPWPPCj5uqtJyLtVk5blDuRcRkqBn+G7FujZ0FJ4AzUAg
Kj/2
-----END CERTIFICATE-----
Generated at Thu Apr 17 08:03:46 2025 by rpki-client