Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa
File: 64aa0337-4cf9-42c7-b236-4cd36e69005e.roa (raw, json)
Hash identifier: wPGp1MLIe0IWDvlN/uE7TanaRD+uYWg968r67L5M0Dc=
Subject key identifier: A5:9E:C9:A8:C0:04:C1:D1:70:14:D7:7D:DA:4F:AC:62:40:4F:10:3E
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 30D4624B0DDCAF120CE5AEC85EE51A9F355F0A3D
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa
Signing time: Wed 05 Mar 2025 00:10:40 +0000
ROA not before: Wed 05 Mar 2025 00:10:40 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80f1::/32 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:d4:62:4b:0d:dc:af:12:0c:e5:ae:c8:5e:e5:1a:9f:35:5f:0a:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 5 00:10:40 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:a9:ed:36:00:59:eb:af:11:ae:b7:b3:c5:b0:
2b:19:bd:0a:24:d4:00:f7:2a:37:13:4f:50:5a:a9:
88:93:fb:dc:8b:2e:2f:5e:ad:fc:0b:e3:54:03:a1:
d5:bd:c1:40:ed:52:35:0c:58:d7:ea:79:1b:24:2d:
4f:74:c8:36:b4:92:55:a7:6b:99:7c:30:47:0d:0e:
55:51:51:de:67:6d:c6:45:71:4c:c4:d3:72:ad:73:
1f:02:40:24:19:10:39:27:8a:cc:fc:56:38:b8:3d:
a3:3a:85:95:90:41:38:83:7c:32:eb:0e:a9:ff:bf:
42:e9:18:82:af:8a:a9:ba:21:ed:cf:9a:80:af:33:
38:03:37:a5:bb:cb:6d:6a:f4:70:13:b7:e3:fd:ce:
3c:be:86:dc:98:49:b2:d1:ca:ca:d7:cc:43:3a:85:
69:74:f5:40:2a:87:5d:bd:be:ba:1b:e3:57:90:90:
e8:5b:82:c4:f1:db:ca:85:4d:26:6f:e8:1b:a5:1f:
ee:52:5a:d7:c7:72:72:e4:bf:79:d1:99:44:9b:c2:
0b:ca:29:a2:e4:60:79:48:88:8d:d7:e2:76:22:a3:
55:73:62:d0:81:76:b4:5b:00:02:4d:78:05:c1:75:
9c:b4:ee:57:47:f9:49:80:52:38:ba:92:c4:3b:37:
b9:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:9E:C9:A8:C0:04:C1:D1:70:14:D7:7D:DA:4F:AC:62:40:4F:10:3E
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/64aa0337-4cf9-42c7-b236-4cd36e69005e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80f1::/32
Signature Algorithm: sha256WithRSAEncryption
b1:e7:90:13:42:82:d2:83:df:2d:6c:cc:a4:6c:b2:9a:ea:4d:
4e:f6:d8:e5:37:e2:76:6a:41:37:e8:5d:17:96:b4:5d:e4:f9:
1b:14:4d:e2:48:24:9c:88:b6:df:41:a7:ee:53:c6:f0:12:61:
0f:3b:af:72:2f:56:70:42:12:dd:c3:47:9a:77:5a:1f:e7:cd:
8a:f1:ea:5b:55:34:07:23:7b:e8:0b:d1:b4:45:8c:af:c9:76:
3a:fc:af:5a:d3:32:33:4f:f0:cf:e0:92:57:ce:6a:77:ac:80:
d4:a9:b9:11:36:dc:8e:f6:10:de:ca:79:55:47:a7:8a:32:43:
e0:e5:3c:d1:44:70:a1:bc:ae:59:32:18:0d:e8:f6:87:8e:a5:
2b:19:ed:eb:3a:59:b9:11:f9:0c:61:61:2e:a3:ce:67:c6:82:
a4:0c:8f:ca:a9:7a:3a:ed:33:da:74:fa:54:f1:9c:87:41:51:
90:e1:12:1d:6e:29:3c:47:72:84:1d:56:69:eb:3f:79:99:39:
2f:ca:4a:1c:95:26:38:ca:7d:6e:93:22:95:29:92:9c:e7:97:
97:7a:7c:ba:c2:c8:36:78:aa:85:6f:8e:d9:77:e3:91:96:cc:
15:a5:5e:3c:57:12:5b:f8:5e:89:08:bd:62:84:ed:06:1b:77:
ac:4c:63:2c
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUMNRiSw3crxIM5a7IXuUanzVfCj0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMwNTAwMTA0MFoX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNAMjQzZTc2NGE4ZTQ4YzczMGQyOTkz
ZjYxNTEwMDU1MTk4YWE3NGQ4NTcyNjI3OTQxMGY4MjE1MDhhMzgyNmJiMTEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz6ntNgBZ668RrrezxbArGb0KJNQA
9yo3E09QWqmIk/vciy4vXq38C+NUA6HVvcFA7VI1DFjX6nkbJC1PdMg2tJJVp2uZ
fDBHDQ5VUVHeZ23GRXFMxNNyrXMfAkAkGRA5J4rM/FY4uD2jOoWVkEE4g3wy6w6p
/79C6RiCr4qpuiHtz5qArzM4Azelu8ttavRwE7fj/c48vobcmEmy0crK18xDOoVp
dPVAKoddvb66G+NXkJDoW4LE8dvKhU0mb+gbpR/uUlrXx3Jy5L950ZlEm8ILyimi
5GB5SIiN1+J2IqNVc2LQgXa0WwACTXgFwXWctO5XR/lJgFI4upLEOze5SwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFKWeyajABMHRcBTXfdpPrGJATxA+MB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzY0YWEwMzM3LTRjZjktNDJjNy1iMjM2LTRjZDM2ZTY5MDA1ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJA+A8TANBgkqhkiG9w0BAQsFAAOCAQEAseeQE0KC0oPfLWzMpGyy
mupNTvbY5TfidmpBN+hdF5a0XeT5GxRN4kgknIi230Gn7lPG8BJhDzuvci9WcEIS
3cNHmndaH+fNivHqW1U0ByN76AvRtEWMr8l2OvyvWtMyM0/wz+CSV85qd6yA1Km5
ETbcjvYQ3sp5VUenijJD4OU80URwobyuWTIYDej2h46lKxnt6zpZuRH5DGFhLqPO
Z8aCpAyPyql6Ou0z2nT6VPGch0FRkOESHW4pPEdyhB1Waes/eZk5L8pKHJUmOMp9
bpMilSmSnOeXl3p8usLINniqhW+O2XfjkZbMFaVePFcSW/heiQi9YoTtBht3rExj
LA==
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:23:43 2025 by rpki-client