Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa
File: 8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa (raw, json)
Hash identifier: 2t+HQpQtmXN0FvJQCp43QGV3AW6zPgd6Rt1qzhE2u8w=
Subject key identifier: 5E:0B:52:89:81:88:46:35:E0:0F:60:5D:27:72:AD:3C:94:31:3E:71
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 2765780DFD65B85AED5E54D8BFD19E5450170FA0
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa
Signing time: Wed 05 Mar 2025 00:10:55 +0000
ROA not before: Wed 05 Mar 2025 00:10:55 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:8014:400::/38 maxlen: 38
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:65:78:0d:fd:65:b8:5a:ed:5e:54:d8:bf:d1:9e:54:50:17:0f:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 5 00:10:55 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:49:39:44:c8:af:22:af:93:7a:c9:66:1c:55:
48:66:56:4f:f7:09:55:0e:af:de:6c:31:69:86:b0:
71:16:ba:b6:82:20:73:0f:87:8e:a2:a9:68:59:fa:
1a:40:6c:b5:b8:c7:90:ec:39:46:5b:91:8a:3e:19:
d5:35:8e:5f:5f:22:89:43:09:22:ea:a3:f1:67:59:
13:e1:7f:71:9b:98:9d:5d:3d:fd:2f:dc:55:a7:08:
26:f7:b3:56:69:4c:64:34:01:9c:26:40:1b:5a:b1:
a2:d9:96:e5:b4:97:1d:0b:a9:de:4f:72:16:90:20:
4d:1c:62:28:19:71:c3:e9:b6:56:7f:bc:c1:45:67:
bd:e0:00:8b:bb:a4:a0:79:c3:d1:e2:a8:ac:e1:58:
9b:32:7f:b4:62:19:0f:19:e1:e9:1f:05:d7:e7:85:
a2:03:c8:6f:b0:1e:1e:64:3b:50:26:85:ee:4b:48:
c2:f3:57:ef:30:48:aa:1e:c3:27:1a:5d:3b:19:7f:
b3:a7:3e:17:a4:3f:c4:10:3d:d4:4f:b4:f1:f5:aa:
95:ac:e5:dc:a8:ec:10:08:f0:93:05:fe:37:c5:50:
09:2d:fc:58:e9:6a:c2:d8:eb:e7:5a:30:99:5f:00:
83:39:fc:70:5e:52:90:26:a2:32:e1:d4:fe:41:24:
c9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:0B:52:89:81:88:46:35:E0:0F:60:5D:27:72:AD:3C:94:31:3E:71
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/8bf311e9-d27f-46fa-8f05-2ed6b176b5b9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:8014:400::/38
Signature Algorithm: sha256WithRSAEncryption
52:a3:60:04:f9:37:d6:4b:ad:7a:55:a4:7a:03:43:da:c6:5b:
01:6f:01:75:29:38:f4:07:e5:7f:9e:c9:12:e0:63:3c:c7:82:
49:75:c9:05:a8:55:5b:8d:2e:0e:48:37:fa:14:a0:b2:50:f3:
81:ec:55:a6:dd:0e:cd:b7:9b:14:cc:60:5e:2d:1f:ac:4f:2d:
83:2c:0d:e4:d6:7e:8e:73:bb:39:70:34:4e:08:73:32:9d:b7:
a5:29:ff:f2:14:1d:aa:db:81:b9:c4:4c:54:a5:be:b4:60:5d:
6a:e3:97:23:3a:be:9f:4b:b7:65:8e:e5:b5:94:31:f3:ae:f1:
24:ea:ce:ea:0d:61:82:d0:c8:c7:d7:bf:f1:40:7f:09:9a:02:
64:c3:f1:26:13:3c:06:5f:5a:5b:5a:43:ba:09:52:57:ab:92:
7e:2d:d7:0c:ed:83:f4:6d:43:d6:96:e0:1a:cc:1c:67:34:10:
e2:9e:ec:57:4f:36:a4:91:2d:f5:36:c5:fb:32:8f:0c:08:c8:
4a:7e:b3:27:1f:63:c0:03:7a:e5:8c:d7:75:85:1f:77:89:7a:
a4:e6:2d:55:c9:90:39:20:73:2b:7c:a9:43:36:b7:9f:09:01:
9e:d3:18:02:74:50:57:a2:87:79:2f:88:0b:3d:1e:e2:b4:4a:
db:95:98:e6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUJ2V4Df1luFrtXlTYv9GeVFAXD6AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMwNTAwMTA1NVoX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNAYzllMTc0MzRjNWJhMWY0YTJhMzU2
MDgxYTgzMWZiMjBkZjIwMGVhMGNiMDc4ZmM3Y2FjY2VkMWQ5NGQ5MmY4NzEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2kk5RMivIq+TeslmHFVIZlZP9wlV
Dq/ebDFphrBxFrq2giBzD4eOoqloWfoaQGy1uMeQ7DlGW5GKPhnVNY5fXyKJQwki
6qPxZ1kT4X9xm5idXT39L9xVpwgm97NWaUxkNAGcJkAbWrGi2ZbltJcdC6neT3IW
kCBNHGIoGXHD6bZWf7zBRWe94ACLu6SgecPR4qis4VibMn+0YhkPGeHpHwXX54Wi
A8hvsB4eZDtQJoXuS0jC81fvMEiqHsMnGl07GX+zpz4XpD/EED3UT7Tx9aqVrOXc
qOwQCPCTBf43xVAJLfxY6WrC2OvnWjCZXwCDOfxwXlKQJqIy4dT+QSTJ0QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFF4LUomBiEY14A9gXSdyrTyUMT5xMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzhiZjMxMWU5LWQyN2YtNDZmYS04ZjA1LTJlZDZiMTc2YjViOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJA+AFAQwDQYJKoZIhvcNAQELBQADggEBAFKjYAT5N9ZLrXpVpHoD
Q9rGWwFvAXUpOPQH5X+eyRLgYzzHgkl1yQWoVVuNLg5IN/oUoLJQ84HsVabdDs23
mxTMYF4tH6xPLYMsDeTWfo5zuzlwNE4IczKdt6Up//IUHarbgbnETFSlvrRgXWrj
lyM6vp9Lt2WO5bWUMfOu8STqzuoNYYLQyMfXv/FAfwmaAmTD8SYTPAZfWltaQ7oJ
Ulerkn4t1wztg/RtQ9aW4BrMHGc0EOKe7FdPNqSRLfU2xfsyjwwIyEp+sycfY8AD
euWM13WFH3eJeqTmLVXJkDkgcyt8qUM2t58JAZ7TGAJ0UFeih3kviAs9HuK0StuV
mOY=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:23:44 2025 by rpki-client