Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa
File: 33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa (raw, json)
Hash identifier: bK4kamcfVAsM81rHZlwx5cGD7L0gxWKzhnUshQwZAg4=
Subject key identifier: E8:66:5E:E2:D3:B8:1E:77:26:20:3A:FB:B0:BF:B6:10:E9:1A:C2:40
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 7FA6F44365F93140E5D314BA1742D117D8827D97
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa
Signing time: Wed 05 Mar 2025 00:10:12 +0000
ROA not before: Wed 05 Mar 2025 00:10:12 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80ff:4080::/48 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:a6:f4:43:65:f9:31:40:e5:d3:14:ba:17:42:d1:17:d8:82:7d:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 5 00:10:12 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:08:70:e0:d0:06:b1:ce:fa:c1:ab:77:dc:61:
cf:71:9d:6f:4c:07:68:7e:32:22:d0:68:ea:0b:93:
c6:22:38:e9:0d:ed:65:9d:bf:da:f8:ac:d5:70:4f:
30:a6:6c:27:21:d4:e2:17:a7:ea:5a:4c:82:09:e8:
22:31:11:4b:9a:cc:9d:c8:09:56:b3:4d:a8:7f:a2:
55:03:2f:ab:3f:72:6d:f8:de:92:53:4b:9c:ad:b5:
5f:1c:f4:d9:a7:d7:80:fb:69:a1:95:08:3e:ad:de:
d4:13:cb:bf:dc:49:e0:66:74:a1:3f:9e:2d:f6:30:
b0:e7:6c:27:d3:da:ed:9e:14:a8:08:ce:2b:05:8b:
57:bc:df:c6:e4:86:ce:31:26:2f:e9:23:21:ae:89:
9b:51:90:ba:82:ec:56:e5:57:e6:bf:21:75:4f:dc:
0f:7a:08:10:0c:37:c0:fc:24:5e:3f:83:6e:6f:4a:
fc:91:7f:45:59:43:85:41:77:69:24:24:ba:5a:38:
bc:b9:08:23:30:50:87:3b:a3:16:c1:f6:1a:28:5b:
78:44:c9:01:c7:ad:de:dc:21:81:a2:af:61:a3:21:
ac:e7:4b:f5:ee:1b:d9:50:27:3b:0c:1e:6f:ed:85:
98:a1:92:9a:c8:82:75:1d:4d:ae:59:d7:60:57:40:
44:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:66:5E:E2:D3:B8:1E:77:26:20:3A:FB:B0:BF:B6:10:E9:1A:C2:40
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/33dd31e0-7039-4ff8-aafe-97f7b95b07d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80ff:4080::/48
Signature Algorithm: sha256WithRSAEncryption
31:3f:ce:ed:9e:99:eb:61:ca:8c:5b:21:13:cd:1e:2b:d1:4b:
3c:8e:24:63:21:b8:68:b0:81:85:5c:41:04:0a:17:9c:80:2e:
50:91:bc:b1:2b:f8:9a:7b:42:c4:d6:2a:77:0f:f8:83:ff:82:
ec:33:2d:6c:c9:a7:1b:5c:51:a8:de:92:4f:7b:e0:eb:e6:6b:
38:bc:3e:9c:2a:75:de:b8:8d:58:1e:02:b0:f5:0b:ae:26:11:
74:64:cd:a0:2c:f9:a3:d0:fe:5c:41:38:42:20:47:b7:d2:c6:
d6:4e:22:ae:c4:d4:1d:25:26:b6:01:e9:d3:a2:bc:1e:c4:d8:
03:46:0e:69:c5:b9:6f:98:0e:42:b6:0f:6f:b1:07:68:54:e9:
c6:44:a2:73:86:71:c6:16:4c:1c:50:14:85:73:f4:77:40:f9:
fe:9f:95:db:56:3f:2a:f1:0b:ea:f9:79:a2:09:91:4c:86:31:
ff:cc:c5:e2:95:9b:85:5a:67:f7:df:75:d5:72:3e:48:a7:9b:
29:b5:07:b2:02:7d:f7:a0:f7:df:96:4d:ab:ca:bd:a2:79:44:
85:8b:74:ab:f5:97:bf:64:ad:d8:a8:52:01:a8:98:33:f8:75:
9e:94:77:c0:13:92:ad:9e:1a:6a:05:c4:e7:02:16:6a:22:91:
cc:bb:cf:3f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUf6b0Q2X5MUDl0xS6F0LRF9iCfZcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMwNTAwMTAxMloX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNAYjA5OWFjMDIzNGYxMmQ2NGVhNzk0
NTRlZjkzOWYwM2QwMzUyN2JjYTUxNTZhZTc1NmNmZDAxZTA0Njc2Y2QyZjEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAswhw4NAGsc76wat33GHPcZ1vTAdo
fjIi0GjqC5PGIjjpDe1lnb/a+KzVcE8wpmwnIdTiF6fqWkyCCegiMRFLmsydyAlW
s02of6JVAy+rP3Jt+N6SU0ucrbVfHPTZp9eA+2mhlQg+rd7UE8u/3EngZnShP54t
9jCw52wn09rtnhSoCM4rBYtXvN/G5IbOMSYv6SMhrombUZC6guxW5VfmvyF1T9wP
eggQDDfA/CReP4Nub0r8kX9FWUOFQXdpJCS6Wji8uQgjMFCHO6MWwfYaKFt4RMkB
x63e3CGBoq9hoyGs50v17hvZUCc7DB5v7YWYoZKayIJ1HU2uWddgV0BEnQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOhmXuLTuB53JiA6+7C/thDpGsJAMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzMzZGQzMWUwLTcwMzktNGZmOC1hYWZlLTk3ZjdiOTViMDdkMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJA+A/0CAMA0GCSqGSIb3DQEBCwUAA4IBAQAxP87tnpnrYcqMWyET
zR4r0Us8jiRjIbhosIGFXEEEChecgC5QkbyxK/iae0LE1ip3D/iD/4LsMy1syacb
XFGo3pJPe+Dr5ms4vD6cKnXeuI1YHgKw9QuuJhF0ZM2gLPmj0P5cQThCIEe30sbW
TiKuxNQdJSa2AenTorwexNgDRg5pxblvmA5Ctg9vsQdoVOnGRKJzhnHGFkwcUBSF
c/R3QPn+n5XbVj8q8Qvq+XmiCZFMhjH/zMXilZuFWmf333XVcj5Ip5sptQeyAn33
oPfflk2ryr2ieUSFi3Sr9Ze/ZK3YqFIBqJgz+HWelHfAE5KtnhpqBcTnAhZqIpHM
u88/
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:23:43 2025 by rpki-client