Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa
File: 31d36ece-9039-43a2-82a2-03e7d8e7f563.roa (raw, json)
Hash identifier: jnnG/RgqZgV/IJvI5uULJkxfOS/dBc4oXw2Oa8Ca678=
Subject key identifier: 5C:97:95:76:D9:99:42:56:AF:11:B0:2F:A9:C1:31:A1:FF:18:1E:A0
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 78B0924BF79274DB184641B64ECE84745F193EB6
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa
Signing time: Wed 05 Mar 2025 00:10:39 +0000
ROA not before: Wed 05 Mar 2025 00:10:39 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80fc::/32 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:b0:92:4b:f7:92:74:db:18:46:41:b6:4e:ce:84:74:5f:19:3e:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 5 00:10:39 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:df:60:6a:22:f0:25:85:3e:2d:f8:cc:ad:80:
f6:cd:fa:f8:2a:c4:ce:9c:01:3e:d2:86:d5:10:af:
bc:64:bf:e1:08:76:d7:a1:85:19:32:b8:f2:6a:8a:
de:a7:d1:a5:91:8a:d2:76:4b:45:58:9d:7b:77:89:
04:59:4c:ae:c5:28:30:47:82:86:31:81:b5:ff:e7:
9d:e5:ed:b7:1b:31:05:36:cc:95:d8:52:65:d9:46:
75:0e:e4:33:44:8d:2b:12:10:d1:c8:21:c3:c4:ba:
c6:d5:aa:e4:76:50:41:3c:f6:b5:6d:84:5b:57:81:
c9:23:b8:46:02:30:9b:65:ed:20:3f:f1:23:14:0c:
98:95:99:a8:ff:e4:d6:39:90:7c:10:68:12:52:bf:
0a:d9:31:cc:ce:c1:a8:a6:a0:b8:dc:0d:78:f4:72:
05:d4:06:06:b5:82:10:94:77:fe:bc:ea:a2:b5:1e:
ed:59:3c:9b:89:48:fd:16:11:25:4c:18:5f:c1:3d:
70:cf:66:20:e1:6d:1a:e8:50:fc:0c:7e:d4:bf:2c:
3a:40:da:c0:04:51:a7:1d:1e:52:4f:b5:0b:ae:b5:
3a:38:4f:2a:f2:fe:ac:40:e0:dd:6e:fe:ce:05:ee:
da:08:55:d3:72:90:0e:b9:91:13:fd:28:00:7d:b5:
14:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:97:95:76:D9:99:42:56:AF:11:B0:2F:A9:C1:31:A1:FF:18:1E:A0
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/31d36ece-9039-43a2-82a2-03e7d8e7f563.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80fc::/32
Signature Algorithm: sha256WithRSAEncryption
76:93:13:df:99:30:d3:e0:f5:d9:46:5f:51:2b:97:3d:ce:01:
a0:20:64:48:cd:98:e9:b3:02:a7:49:98:7e:66:1e:51:3f:9c:
13:3f:c8:5b:31:6f:d0:52:06:dc:8a:f5:00:af:9e:a2:32:2a:
7d:fd:9b:56:06:19:df:b0:2e:2c:af:17:5c:c2:71:2c:d8:7e:
1d:b1:b9:00:fd:15:e2:35:0b:f3:59:13:87:a4:7c:9b:af:31:
09:92:84:a0:b1:ae:45:e3:af:f7:03:ae:50:7e:ab:31:2c:ec:
c5:81:79:4d:5e:f8:6f:4c:cb:e6:33:6f:7e:9d:de:ea:b2:51:
02:56:4c:1c:a7:24:ad:4c:6a:75:5f:a5:c5:93:50:e4:bb:76:
cf:f0:47:98:cd:e9:ac:d8:66:0a:99:01:63:b6:01:9e:ac:6b:
ae:7b:8c:33:de:f3:ca:d0:29:9a:d2:bb:f3:d0:5b:37:9a:e3:
5f:62:0d:5d:2c:37:e3:99:ba:f0:50:a1:ef:5c:00:0e:e3:06:
39:ee:fc:51:7c:68:e7:19:56:e4:82:5b:3c:7e:09:26:f5:33:
e2:69:2b:7b:30:e0:76:b7:96:f6:67:ed:7b:78:0f:fc:5a:53:
f6:71:cf:a8:95:10:29:6e:88:60:01:2d:dc:49:3f:a7:7c:da:
c6:63:84:a4
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUeLCSS/eSdNsYRkG2Ts6EdF8ZPrYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMwNTAwMTAzOVoX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNANTZlYmI2ZDY4YjQ0MzEwNzNjYzk5
OTNmYjRjZDQ3MmVmYTRiYzZiZGEwZDFmZDY3NmNkM2QxMGYzMGI0MTYyYjEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjt9gaiLwJYU+LfjMrYD2zfr4KsTO
nAE+0obVEK+8ZL/hCHbXoYUZMrjyaorep9GlkYrSdktFWJ17d4kEWUyuxSgwR4KG
MYG1/+ed5e23GzEFNsyV2FJl2UZ1DuQzRI0rEhDRyCHDxLrG1arkdlBBPPa1bYRb
V4HJI7hGAjCbZe0gP/EjFAyYlZmo/+TWOZB8EGgSUr8K2THMzsGopqC43A149HIF
1AYGtYIQlHf+vOqitR7tWTybiUj9FhElTBhfwT1wz2Yg4W0a6FD8DH7Uvyw6QNrA
BFGnHR5ST7ULrrU6OE8q8v6sQODdbv7OBe7aCFXTcpAOuZET/SgAfbUUvwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFFyXlXbZmUJWrxGwL6nBMaH/GB6gMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzMxZDM2ZWNlLTkwMzktNDNhMi04MmEyLTAzZTdkOGU3ZjU2My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJA+A/DANBgkqhkiG9w0BAQsFAAOCAQEAdpMT35kw0+D12UZfUSuX
Pc4BoCBkSM2Y6bMCp0mYfmYeUT+cEz/IWzFv0FIG3Ir1AK+eojIqff2bVgYZ37Au
LK8XXMJxLNh+HbG5AP0V4jUL81kTh6R8m68xCZKEoLGuReOv9wOuUH6rMSzsxYF5
TV74b0zL5jNvfp3e6rJRAlZMHKckrUxqdV+lxZNQ5Lt2z/BHmM3prNhmCpkBY7YB
nqxrrnuMM97zytApmtK789BbN5rjX2INXSw345m68FCh71wADuMGOe78UXxo5xlW
5IJbPH4JJvUz4mkrezDgdreW9mfte3gP/FpT9nHPqJUQKW6IYAEt3Ek/p3zaxmOE
pA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:22:31 2025 by rpki-client