Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/788c3900-e4d5-439b-b231-3a69b5354901.roa
File: 788c3900-e4d5-439b-b231-3a69b5354901.roa (raw, json)
Hash identifier: fqkHR6lqW7vD7q1OqCuRhL5uTU4/CoH1ozS0HNSzyWM=
Subject key identifier: 99:20:3D:B3:D7:AE:B1:0A:4F:49:29:C3:9C:C5:3D:B9:2E:C0:86:1B
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 6769A889676B22C46949B6A5D4C969EC3206DDD4
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/788c3900-e4d5-439b-b231-3a69b5354901.roa
Signing time: Wed 05 Mar 2025 00:10:38 +0000
ROA not before: Wed 05 Mar 2025 00:10:38 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:8014::/38 maxlen: 38
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:69:a8:89:67:6b:22:c4:69:49:b6:a5:d4:c9:69:ec:32:06:dd:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 5 00:10:38 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:fc:ff:62:db:30:52:f6:c8:e6:b7:fd:67:3b:
d0:6f:dc:8a:05:08:7c:23:ab:30:0d:30:ed:d6:74:
25:a8:cf:ee:ec:1e:70:7d:c0:99:76:93:c9:4e:36:
94:90:60:1c:96:a0:5c:1c:18:6e:75:b1:4e:29:88:
a6:3b:da:10:ad:bb:ed:41:78:bb:ae:96:50:7c:a7:
9e:78:bc:66:8a:c2:4d:52:51:f0:d4:54:15:2e:f9:
77:82:0d:c3:95:87:2e:63:ca:02:6d:ee:6a:15:09:
7c:05:e5:94:10:c6:05:93:81:eb:75:06:7f:78:ff:
05:cc:c1:69:25:0d:0d:73:7f:79:13:a8:59:93:9c:
d5:3a:23:b2:1f:41:97:88:4d:29:aa:fa:9c:84:8f:
ae:b5:d5:c5:00:bb:38:b5:ed:e4:8a:6c:8c:5e:1c:
4d:4e:c6:27:48:60:6c:eb:fe:4c:df:8c:ec:1a:b4:
b9:b0:68:27:4e:11:5d:2c:4c:44:4c:04:17:b0:2e:
84:40:01:a7:85:99:9c:93:5d:4a:17:d4:49:90:11:
9c:3a:35:d6:44:38:e7:48:5c:6c:97:a3:6d:10:0f:
22:15:0b:00:f5:9b:86:7a:6e:31:ff:d1:47:90:e6:
c0:73:16:94:69:32:94:5e:f8:09:6f:b6:50:99:f5:
9c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:20:3D:B3:D7:AE:B1:0A:4F:49:29:C3:9C:C5:3D:B9:2E:C0:86:1B
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/788c3900-e4d5-439b-b231-3a69b5354901.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:8014::/38
Signature Algorithm: sha256WithRSAEncryption
85:9a:05:36:fd:e4:09:dc:f5:56:40:46:bd:38:9a:a0:b8:b3:
b0:cd:ae:d0:d1:d6:5b:14:2f:b0:3a:30:4c:9a:9e:a4:d9:21:
54:af:89:02:16:08:fc:7e:df:24:0d:15:cd:a7:45:8a:ed:e0:
d0:a7:a8:56:15:4a:ac:5a:29:1b:4e:78:da:5f:fb:b4:f0:95:
df:94:4d:01:c9:fb:4d:10:1b:c9:73:0b:0b:7b:45:4f:21:48:
dc:12:33:98:3c:a6:a5:c8:57:70:35:80:5f:e2:5a:f3:2e:5b:
fa:1c:8e:2d:04:25:a9:86:7e:07:70:8c:99:c5:b9:08:bc:d6:
16:96:b3:af:9c:71:c2:68:bd:ce:5e:39:f4:4c:76:b4:aa:89:
59:9e:7e:b9:2c:44:93:ac:7b:30:92:d5:ad:46:f6:ca:42:22:
c2:01:80:43:31:a8:b2:d5:49:be:35:06:f6:d8:2d:f2:1c:60:
81:3c:19:12:ef:9b:af:3d:d4:05:c4:46:ce:26:28:83:c7:af:
3d:55:33:62:09:16:2e:94:a5:8b:7e:03:5f:92:fd:2f:8c:0b:
49:76:6c:6d:f7:c4:e0:22:4b:76:d7:05:8f:7c:0c:70:cb:dc:
ff:eb:10:d8:67:bf:31:eb:35:d4:6f:6f:c4:95:6c:03:23:16:
03:25:33:18
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUZ2moiWdrIsRpSbal1Mlp7DIG3dQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMwNTAwMTAzOFoX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNAMTQ5OWVmZDE1ZDY1YmUwMDNkM2Ni
YjZmMDA2MjcxZDE1OWNhNDc4ZjNhY2U0NDJkNGE4OTkzNmU5MmZhZWE1YjEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzPz/YtswUvbI5rf9ZzvQb9yKBQh8
I6swDTDt1nQlqM/u7B5wfcCZdpPJTjaUkGAclqBcHBhudbFOKYimO9oQrbvtQXi7
rpZQfKeeeLxmisJNUlHw1FQVLvl3gg3DlYcuY8oCbe5qFQl8BeWUEMYFk4HrdQZ/
eP8FzMFpJQ0Nc395E6hZk5zVOiOyH0GXiE0pqvqchI+utdXFALs4te3kimyMXhxN
TsYnSGBs6/5M34zsGrS5sGgnThFdLExETAQXsC6EQAGnhZmck11KF9RJkBGcOjXW
RDjnSFxsl6NtEA8iFQsA9ZuGem4x/9FHkObAcxaUaTKUXvgJb7ZQmfWcowIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJkgPbPXrrEKT0kpw5zFPbkuwIYbMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
Lzc4OGMzOTAwLWU0ZDUtNDM5Yi1iMjMxLTNhNjliNTM1NDkwMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJA+AFAAwDQYJKoZIhvcNAQELBQADggEBAIWaBTb95Anc9VZARr04
mqC4s7DNrtDR1lsUL7A6MEyanqTZIVSviQIWCPx+3yQNFc2nRYrt4NCnqFYVSqxa
KRtOeNpf+7Twld+UTQHJ+00QG8lzCwt7RU8hSNwSM5g8pqXIV3A1gF/iWvMuW/oc
ji0EJamGfgdwjJnFuQi81haWs6+cccJovc5eOfRMdrSqiVmefrksRJOsezCS1a1G
9spCIsIBgEMxqLLVSb41BvbYLfIcYIE8GRLvm6891AXERs4mKIPHrz1VM2IJFi6U
pYt+A1+S/S+MC0l2bG33xOAiS3bXBY98DHDL3P/rENhnvzHrNdRvb8SVbAMjFgMl
Mxg=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:28:13 2025 by rpki-client