Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa
File: 57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa (raw, json)
Hash identifier: C2I5j8mf1vsgUFDNLLd5NJUKonGZK0DSEDo98Gde7s8=
Subject key identifier: 49:78:C4:BA:04:66:53:3D:E2:6F:78:AF:D8:84:77:6E:A7:E9:69:AF
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 6D39BE6E3CCC09E7DC1CD36D1CA51F80E594A287
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa
Signing time: Tue 25 Mar 2025 16:50:06 +0000
ROA not before: Tue 25 Mar 2025 16:50:06 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80f8:8000::/40 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:39:be:6e:3c:cc:09:e7:dc:1c:d3:6d:1c:a5:1f:80:e5:94:a2:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 25 16:50:06 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:b5:e6:22:38:02:46:da:e8:41:f9:48:f5:ee:
25:e5:8b:b3:88:cd:8c:b0:ad:03:53:4b:ff:66:af:
c4:9a:71:d1:6a:8b:fa:3e:1f:01:75:b0:72:27:f6:
39:d9:ee:1c:f3:58:b9:4b:88:3b:b5:89:8d:68:a1:
da:18:ce:39:ba:98:cc:4b:52:85:13:fd:8f:43:d5:
ef:07:cc:7c:26:7b:a7:da:1e:f8:49:82:ec:54:7b:
16:09:a6:ca:16:07:a4:ab:f0:a5:af:f1:04:54:75:
22:73:d2:9c:96:56:36:d8:60:b4:45:f7:4c:eb:f0:
2f:9d:27:34:a4:78:3e:55:f5:cb:ff:1d:b5:4a:db:
02:d6:40:48:b0:ce:e6:4e:08:57:50:66:22:02:27:
8e:14:99:71:b1:da:9b:5e:43:f2:a2:e5:ea:d7:28:
19:ce:86:f2:7a:3f:03:d8:75:8f:9b:cc:a9:6e:1c:
db:52:ce:da:60:48:22:7d:03:c0:6d:c9:22:77:0b:
6b:ce:f6:1b:81:89:0d:6a:3f:f2:e9:e3:b7:1a:33:
f9:e7:15:11:9a:99:9e:2a:6e:20:76:aa:4a:a1:cd:
80:c1:35:0e:ad:ed:7b:c5:d8:c4:57:e9:3c:a0:66:
28:c1:c8:fb:38:7f:b0:05:df:57:5b:45:20:16:a0:
6f:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:78:C4:BA:04:66:53:3D:E2:6F:78:AF:D8:84:77:6E:A7:E9:69:AF
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/57f8433c-f162-4b10-8527-fbf7cdbb6aab.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80f8:8000::/40
Signature Algorithm: sha256WithRSAEncryption
ae:21:d3:44:d2:96:91:de:f6:b4:5d:61:86:11:f0:c0:c0:46:
56:cb:ce:4a:93:8f:7d:9a:4e:a8:d3:aa:b2:a3:48:ad:72:56:
df:67:5d:c5:80:15:52:1a:47:b2:9c:13:fa:25:e7:fa:04:d6:
98:9e:ea:fc:86:2a:b0:2f:2a:02:b8:22:1b:25:33:b4:4e:08:
9d:8c:eb:49:7b:1b:9b:b8:a3:d1:3c:57:2a:7c:1e:98:c9:e1:
fb:3c:eb:b2:f2:18:2b:11:b9:9a:67:23:ac:ca:f2:46:53:8f:
b4:1a:22:27:12:47:f2:c0:f0:6a:88:b4:db:a7:02:a1:17:1f:
ef:0d:22:e3:8d:db:0b:84:3b:a0:b2:02:1d:34:0a:59:79:03:
89:7c:da:f6:44:8a:39:0d:48:6d:59:d9:fd:89:76:62:25:70:
29:3c:13:59:8c:9d:f2:af:22:e1:cb:61:01:08:77:c9:e3:ba:
d6:ec:09:61:0a:e9:1c:8a:e1:6d:7f:25:43:46:71:38:a5:09:
8e:21:d0:9f:bc:36:0d:70:a0:0b:8a:66:c9:74:3a:c9:6f:2e:
3e:ea:8b:bf:90:b0:33:87:5e:6a:81:35:83:9d:cd:96:e9:b2:
95:45:73:51:c2:da:9f:e3:14:e1:d3:89:f3:35:ac:2e:29:1c:
c7:3f:d8:90
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbTm+bjzMCefcHNNtHKUfgOWUoocwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMyNTE2NTAwNloX
DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNAYmIwMDlhYTgyZjA3YjBiYmRhN2Qy
OTc4ZGEyMmJjMDk1YmJmM2UxNDc3M2FmYzExNTE1NWEwZjI1ZTRiMmRkNjEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvLXmIjgCRtroQflI9e4l5YuziM2M
sK0DU0v/Zq/EmnHRaov6Ph8BdbByJ/Y52e4c81i5S4g7tYmNaKHaGM45upjMS1KF
E/2PQ9XvB8x8Jnun2h74SYLsVHsWCabKFgekq/Clr/EEVHUic9KcllY22GC0RfdM
6/AvnSc0pHg+VfXL/x21StsC1kBIsM7mTghXUGYiAieOFJlxsdqbXkPyouXq1ygZ
zobyej8D2HWPm8ypbhzbUs7aYEgifQPAbckidwtrzvYbgYkNaj/y6eO3GjP55xUR
mpmeKm4gdqpKoc2AwTUOre17xdjEV+k8oGYowcj7OH+wBd9XW0UgFqBvkwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEl4xLoEZlM94m94r9iEd26n6WmvMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzU3Zjg0MzNjLWYxNjItNGIxMC04NTI3LWZiZjdjZGJiNmFhYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+A+IAwDQYJKoZIhvcNAQELBQADggEBAK4h00TSlpHe9rRdYYYR
8MDARlbLzkqTj32aTqjTqrKjSK1yVt9nXcWAFVIaR7KcE/ol5/oE1pie6vyGKrAv
KgK4IhslM7ROCJ2M60l7G5u4o9E8Vyp8HpjJ4fs867LyGCsRuZpnI6zK8kZTj7Qa
IicSR/LA8GqItNunAqEXH+8NIuON2wuEO6CyAh00Cll5A4l82vZEijkNSG1Z2f2J
dmIlcCk8E1mMnfKvIuHLYQEId8njutbsCWEK6RyK4W1/JUNGcTilCY4h0J+8Ng1w
oAuKZsl0OslvLj7qi7+QsDOHXmqBNYOdzZbpspVFc1HC2p/jFOHTifM1rC4pHMc/
2JA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:22:31 2025 by rpki-client