Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/92acb65d-8ed6-47b8-8b87-8cec3f14df45.roa
File: 92acb65d-8ed6-47b8-8b87-8cec3f14df45.roa (raw, json)
Hash identifier: Yb2mBoWtzlG0m5drZoIs8UM4xuDUFm4RCKec4bLWcX0=
Subject key identifier: 40:CC:A1:A0:A2:C6:4E:8A:A3:99:C9:A7:72:04:62:41:E2:58:16:50
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 59CC99225A976BC0BF782B5EB094F5F50C2EEF94
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/92acb65d-8ed6-47b8-8b87-8cec3f14df45.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300:1044::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:cc:99:22:5a:97:6b:c0:bf:78:2b:5e:b0:94:f5:f5:0c:2e:ef:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=fae4a6bd76fee14e7c09a3bff60124cc34ce71d756a10b19c8c79349e907f075, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:ca:e8:1d:44:7b:79:46:8c:13:78:c0:50:dc:
dc:50:97:3d:92:93:71:d0:9b:b5:d4:d9:33:27:bc:
e9:ec:a2:31:dc:f4:35:e9:03:73:58:65:4c:b2:e0:
22:b8:33:30:9c:ae:25:b1:a6:7c:b4:89:7e:f0:76:
1f:47:83:0d:2c:34:a5:e0:24:1a:35:31:04:00:3c:
b6:8c:32:07:39:a4:43:bb:54:74:f8:4a:3a:2c:61:
36:46:b0:15:40:0e:7a:ae:16:ec:75:19:a9:a1:44:
f6:ed:44:a6:ea:2a:10:1a:d3:ca:7a:c1:fd:cf:65:
8a:3d:c6:4f:1e:4b:7d:a9:11:66:79:8b:db:4c:a1:
84:f4:8f:89:6d:90:19:b8:5e:92:6b:af:95:a3:47:
8a:da:87:9c:9d:c4:e4:dc:2c:63:95:98:12:60:39:
c4:30:26:20:66:85:fa:3c:28:24:85:ce:66:30:6d:
ff:7b:97:00:29:d1:ea:03:f2:de:f5:37:a4:b6:69:
20:61:e5:80:ab:6b:18:9a:f1:36:4b:cc:ac:c6:43:
ad:2a:9f:6e:2e:b4:9b:2c:bf:a4:08:53:4b:16:b9:
f9:40:a3:f8:0d:54:cc:01:b5:fe:93:42:1e:9d:a3:
69:4d:f7:a6:49:18:eb:95:21:79:10:1d:42:13:e9:
b3:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
40:CC:A1:A0:A2:C6:4E:8A:A3:99:C9:A7:72:04:62:41:E2:58:16:50
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/92acb65d-8ed6-47b8-8b87-8cec3f14df45.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300:1044::/48
Signature Algorithm: sha256WithRSAEncryption
43:36:7a:99:c1:84:dc:65:ea:ed:6b:2b:02:2d:6d:d9:6c:84:
92:cc:c1:ef:66:fb:35:11:ec:3f:db:0b:36:25:05:28:59:c7:
48:05:41:dc:2b:2b:f7:4e:e4:dc:c2:42:4d:a7:9a:ff:e8:11:
cf:64:fb:74:49:76:10:57:aa:a9:07:22:50:80:71:97:a5:4e:
44:02:ff:c0:71:2c:49:b3:a7:89:3f:ee:63:ed:21:9a:93:0d:
98:51:cf:75:aa:d2:38:01:ad:22:db:a3:4b:7a:4d:48:6b:8f:
ec:49:e2:24:09:41:17:d3:c8:bd:aa:cf:19:d2:32:a1:e1:11:
1b:6f:f3:e9:61:27:bc:93:b6:92:1e:ba:c7:b6:48:1f:19:35:
1b:01:a1:b4:6e:d0:3d:c9:61:bb:b1:9e:c4:49:48:ad:11:1d:
77:d6:4f:9c:ad:41:10:11:65:4c:58:59:5f:2e:a8:50:33:a4:
89:e2:94:88:d2:e2:83:0e:87:31:b7:d3:06:3d:5d:c1:1d:f7:
b5:d5:a7:89:23:94:d5:c5:44:63:34:53:42:0d:ec:05:b6:a9:
d0:a3:b4:81:3e:1e:f9:97:03:2b:b4:b3:a9:c5:f1:b1:92:3f:
cc:d3:a7:4e:d5:52:92:61:74:aa:df:57:8d:23:56:5a:8f:3f:
70:72:84:b4
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUWcyZIlqXa8C/eCtesJT19Qwu75QwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNAZmFlNGE2YmQ3NmZlZTE0ZTdjMDlh
M2JmZjYwMTI0Y2MzNGNlNzFkNzU2YTEwYjE5YzhjNzkzNDllOTA3ZjA3NTEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlMroHUR7eUaME3jAUNzcUJc9kpNx
0Ju11NkzJ7zp7KIx3PQ16QNzWGVMsuAiuDMwnK4lsaZ8tIl+8HYfR4MNLDSl4CQa
NTEEADy2jDIHOaRDu1R0+Eo6LGE2RrAVQA56rhbsdRmpoUT27USm6ioQGtPKesH9
z2WKPcZPHkt9qRFmeYvbTKGE9I+JbZAZuF6Sa6+Vo0eK2oecncTk3CxjlZgSYDnE
MCYgZoX6PCgkhc5mMG3/e5cAKdHqA/Le9TektmkgYeWAq2sYmvE2S8ysxkOtKp9u
LrSbLL+kCFNLFrn5QKP4DVTMAbX+k0IenaNpTfemSRjrlSF5EB1CE+mzDwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFEDMoaCixk6Ko5nJp3IEYkHiWBZQMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzkyYWNiNjVkLThlZDYtNDdiOC04Yjg3LThjZWMzZjE0ZGY0NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAOzABBEMA0GCSqGSIb3DQEBCwUAA4IBAQBDNnqZwYTcZertaysC
LW3ZbISSzMHvZvs1Eew/2ws2JQUoWcdIBUHcKyv3TuTcwkJNp5r/6BHPZPt0SXYQ
V6qpByJQgHGXpU5EAv/AcSxJs6eJP+5j7SGakw2YUc91qtI4Aa0i26NLek1Ia4/s
SeIkCUEX08i9qs8Z0jKh4REbb/PpYSe8k7aSHrrHtkgfGTUbAaG0btA9yWG7sZ7E
SUitER131k+crUEQEWVMWFlfLqhQM6SJ4pSI0uKDDocxt9MGPV3BHfe11aeJI5TV
xURjNFNCDewFtqnQo7SBPh75lwMrtLOpxfGxkj/M06dO1VKSYXSq31eNI1Zajz9w
coS0
-----END CERTIFICATE-----
Generated at Thu Apr 17 23:33:20 2025 by rpki-client