Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa
File: 5484d331-446c-4042-9500-dd3002e6a910.roa (raw, json)
Hash identifier: q7zuF4q+yP9hs2cxF0yiFZxURv1d1IQwsC96aQwx48w=
Subject key identifier: C3:F2:46:C4:8A:73:C9:BF:E1:20:62:4A:85:16:07:71:16:F2:BB:15
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 2016F1D06785FA0BCC13647E11852E1C201F2075
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa
Signing time: Wed 05 Mar 2025 00:10:53 +0000
ROA not before: Wed 05 Mar 2025 00:10:53 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:8014:c00::/38 maxlen: 38
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:16:f1:d0:67:85:fa:0b:cc:13:64:7e:11:85:2e:1c:20:1f:20:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 5 00:10:53 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6f:38:e1:63:4e:db:51:e9:40:52:5f:cb:f7:
f5:2e:a0:4b:29:31:d0:f1:70:fc:81:ac:90:af:f4:
25:0e:bf:99:06:9d:3e:49:15:e0:a7:4d:96:08:f8:
9c:b7:5f:8a:a3:8f:9a:f2:d7:76:71:f9:ac:a0:80:
81:15:76:2f:72:6c:64:ea:07:b0:fe:cd:2c:67:59:
63:f0:87:c8:c1:e2:d5:29:40:85:59:2e:68:67:62:
21:9a:4d:0c:e0:d0:d1:45:45:84:5b:4a:6b:0b:c6:
55:7a:53:2c:f8:b9:61:62:05:e4:3f:24:28:be:50:
48:64:b9:ba:38:84:36:0d:44:4c:1c:9b:e7:25:f7:
18:0b:79:3c:49:00:3e:e1:e4:d8:08:d6:80:6c:4f:
26:05:ed:ea:99:f8:43:c9:bb:d3:0e:d7:3b:c4:61:
0d:05:16:94:ad:f3:9d:49:94:16:0d:18:96:e3:1f:
2e:bc:51:b9:57:af:fa:51:04:32:65:40:7e:e7:db:
00:9e:66:93:44:41:8a:c7:eb:ed:33:d4:99:f3:7c:
d3:b1:c2:4c:f3:21:e8:cc:41:ad:0a:40:11:44:1c:
ad:d4:92:e7:22:cc:40:ff:41:dd:ff:78:b3:7b:67:
50:7f:9d:44:00:41:e3:8d:5e:c8:26:d0:7b:5d:79:
26:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:F2:46:C4:8A:73:C9:BF:E1:20:62:4A:85:16:07:71:16:F2:BB:15
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/5484d331-446c-4042-9500-dd3002e6a910.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:8014:c00::/38
Signature Algorithm: sha256WithRSAEncryption
91:1c:b6:06:c9:4a:69:6a:91:b8:55:f6:af:e4:51:11:09:1b:
56:4e:56:8d:28:78:a6:99:a2:ed:bd:fe:46:d2:d2:d3:72:77:
8c:7e:e6:8a:6d:43:89:af:b3:53:f0:b1:9d:0e:ec:47:83:01:
e8:c6:81:80:65:55:98:3e:61:2c:bf:34:00:d4:63:b2:f7:ea:
30:cf:3c:7a:4f:e3:55:ae:55:06:7e:68:db:2b:ed:ab:8f:6a:
39:72:cf:3a:a4:6f:56:4f:b1:15:36:17:4a:29:f1:66:59:a9:
18:af:f6:32:95:fe:37:77:e1:0e:b6:f0:04:65:52:d0:87:b0:
0b:c0:4b:e7:92:33:7a:db:7d:72:e3:52:9e:f3:9a:a2:a7:b6:
8f:3a:91:18:f7:ec:2b:df:5d:cd:b2:b7:66:67:32:bc:bd:41:
8a:d3:40:bb:5f:61:36:6a:09:1a:6c:37:cc:09:b7:64:c7:28:
09:64:dd:c9:df:a9:69:7d:81:8e:3e:00:24:5e:a4:79:cb:87:
dc:20:e5:ad:d8:5d:50:8c:3a:e2:42:b6:da:4d:e5:ef:df:d0:
e6:1f:15:ac:07:b6:55:26:d4:a2:4f:cb:0a:51:0d:8b:b2:6d:
7c:aa:d7:ea:b4:d1:17:d0:ea:a1:73:6d:d9:eb:c4:8e:8d:10:
66:8a:0b:0e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUIBbx0GeF+gvME2R+EYUuHCAfIHUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMwNTAwMTA1M1oX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNAMWMzNmU2NTE4NjAzYjE1NWQ4YTli
MmNjYzY2NjZlZTQ4ZDA0YTdlMzM3NjYxY2I1NjYwZjYyNGNjOTczNzNlZDEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs2844WNO21HpQFJfy/f1LqBLKTHQ
8XD8gayQr/QlDr+ZBp0+SRXgp02WCPict1+Ko4+a8td2cfmsoICBFXYvcmxk6gew
/s0sZ1lj8IfIweLVKUCFWS5oZ2Ihmk0M4NDRRUWEW0prC8ZVelMs+LlhYgXkPyQo
vlBIZLm6OIQ2DURMHJvnJfcYC3k8SQA+4eTYCNaAbE8mBe3qmfhDybvTDtc7xGEN
BRaUrfOdSZQWDRiW4x8uvFG5V6/6UQQyZUB+59sAnmaTREGKx+vtM9SZ83zTscJM
8yHozEGtCkARRByt1JLnIsxA/0Hd/3ize2dQf51EAEHjjV7IJtB7XXkm+wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMPyRsSKc8m/4SBiSoUWB3EW8rsVMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzU0ODRkMzMxLTQ0NmMtNDA0Mi05NTAwLWRkMzAwMmU2YTkxMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJA+AFAwwDQYJKoZIhvcNAQELBQADggEBAJEctgbJSmlqkbhV9q/k
UREJG1ZOVo0oeKaZou29/kbS0tNyd4x+5optQ4mvs1PwsZ0O7EeDAejGgYBlVZg+
YSy/NADUY7L36jDPPHpP41WuVQZ+aNsr7auPajlyzzqkb1ZPsRU2F0op8WZZqRiv
9jKV/jd34Q628ARlUtCHsAvAS+eSM3rbfXLjUp7zmqKnto86kRj37CvfXc2yt2Zn
Mry9QYrTQLtfYTZqCRpsN8wJt2THKAlk3cnfqWl9gY4+ACRepHnLh9wg5a3YXVCM
OuJCttpN5e/f0OYfFawHtlUm1KJPywpRDYuybXyq1+q00RfQ6qFzbdnrxI6NEGaK
Cw4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:36:03 2025 by rpki-client