Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/97e51edc-22c5-4cb0-846c-06d6751df3b4.roa
File: 97e51edc-22c5-4cb0-846c-06d6751df3b4.roa (raw, json)
Hash identifier: eBwZqCUDwWygzaIf+AkoUdcu+bxu9FdQBG5I1VJaFs4=
Subject key identifier: 95:99:75:01:77:21:F0:62:27:67:BF:A6:3E:24:6C:BD:18:2B:F4:5D
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 15D668535E11A0B6C738DDDDBF3DE1307FDC0D64
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/97e51edc-22c5-4cb0-846c-06d6751df3b4.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80ff:8000::/40 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:d6:68:53:5e:11:a0:b6:c7:38:dd:dd:bf:3d:e1:30:7f:dc:0d:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ff:fd:3b:9f:c3:7b:55:36:bc:11:8e:2f:c9:
c1:44:33:41:4c:5f:a9:0f:81:20:8b:60:be:63:51:
71:04:03:61:f9:60:2b:22:59:66:45:d4:ac:69:f0:
f5:fb:26:9e:db:61:ab:56:b7:84:7a:af:0e:25:cf:
9c:31:61:13:4d:3d:de:1a:88:1c:5d:f8:5a:2a:4e:
31:9f:0f:a9:f9:9d:fa:6f:6d:06:ab:66:e9:36:8a:
a6:f9:93:78:1c:3b:af:f8:a9:61:41:df:1e:e7:80:
bf:80:46:32:ad:cb:9c:1c:52:13:8b:2e:23:d6:b3:
7c:97:c4:77:26:bb:b4:2f:79:8d:e1:70:a9:22:c0:
a7:4a:ca:2b:b1:7d:62:c9:de:08:ae:b2:81:18:87:
1d:ee:b2:46:f7:44:d7:80:ae:0d:72:fc:a8:52:db:
23:e7:48:ee:59:21:36:6b:45:9d:c7:eb:49:26:09:
fb:9e:df:8b:77:a1:0e:4c:d1:86:0e:56:4a:06:e4:
79:9c:15:43:d9:8b:9e:61:79:b1:9d:15:7b:ee:6d:
a8:67:d8:19:2a:e9:4d:96:83:52:26:69:28:af:d9:
04:13:e6:61:9b:e5:90:97:ea:f1:52:49:62:54:f7:
8e:26:75:16:48:98:98:a6:95:36:75:1e:40:23:ea:
49:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:99:75:01:77:21:F0:62:27:67:BF:A6:3E:24:6C:BD:18:2B:F4:5D
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/97e51edc-22c5-4cb0-846c-06d6751df3b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80ff:8000::/40
Signature Algorithm: sha256WithRSAEncryption
6c:83:12:9b:98:ed:46:07:cc:11:ee:a4:fb:2b:8d:06:c5:9f:
00:b3:a2:c7:4c:b5:9d:85:d9:3a:57:fa:80:93:62:0d:d2:55:
93:b0:68:81:80:71:59:ae:29:95:ce:ad:34:de:c4:21:93:e9:
73:28:e7:bf:79:63:5b:ab:97:da:d2:c6:68:44:e1:87:1f:38:
ea:c5:d3:4e:00:52:6a:cc:69:af:5a:dc:59:e2:7d:c1:72:75:
52:55:27:4a:8a:40:88:28:7a:69:01:2f:07:57:80:38:df:58:
9e:f0:9f:ac:64:a0:e2:26:72:75:01:f8:5f:57:e9:8a:45:5c:
2c:7e:f4:0c:71:5f:99:2d:1a:70:8e:e6:5e:d5:56:3a:0d:19:
c2:6f:8c:57:6a:ab:13:da:22:18:f4:da:51:5f:ab:cc:fd:10:
e1:ad:89:4e:f0:ce:04:81:38:fc:4f:d4:44:7c:3e:42:dd:26:
67:4b:e1:4d:5e:90:37:d2:b8:bd:27:70:4d:6b:4d:41:ef:0b:
22:a6:0f:1d:a3:6d:e2:b3:79:67:60:54:ad:fe:cc:ea:9f:93:
e9:a2:3f:9a:dd:76:eb:dc:55:49:03:6e:ef:7c:ab:e3:13:b7:
88:0d:b7:b0:e1:79:9a:a8:71:05:d1:0d:74:82:cb:94:9f:61:
c4:61:a2:c0
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFdZoU14RoLbHON3dvz3hMH/cDWQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNAOWQ3YzE0OTdlMDFhNmEyZDVhZmFi
YzhmZGE1MjA0ZjcwMzFhNWY4NzdlNTM1MzFmMjZmNzY0MzQyNzAzMzUyZTEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr//9O5/De1U2vBGOL8nBRDNBTF+p
D4Egi2C+Y1FxBANh+WArIllmRdSsafD1+yae22GrVreEeq8OJc+cMWETTT3eGogc
XfhaKk4xnw+p+Z36b20Gq2bpNoqm+ZN4HDuv+KlhQd8e54C/gEYyrcucHFITiy4j
1rN8l8R3Jru0L3mN4XCpIsCnSsorsX1iyd4IrrKBGIcd7rJG90TXgK4NcvyoUtsj
50juWSE2a0Wdx+tJJgn7nt+Ld6EOTNGGDlZKBuR5nBVD2YueYXmxnRV77m2oZ9gZ
KulNloNSJmkor9kEE+Zhm+WQl+rxUkliVPeOJnUWSJiYppU2dR5AI+pJvQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJWZdQF3IfBiJ2e/pj4kbL0YK/RdMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
Lzk3ZTUxZWRjLTIyYzUtNGNiMC04NDZjLTA2ZDY3NTFkZjNiNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+A/4AwDQYJKoZIhvcNAQELBQADggEBAGyDEpuY7UYHzBHupPsr
jQbFnwCzosdMtZ2F2TpX+oCTYg3SVZOwaIGAcVmuKZXOrTTexCGT6XMo5795Y1ur
l9rSxmhE4YcfOOrF004AUmrMaa9a3FnifcFydVJVJ0qKQIgoemkBLwdXgDjfWJ7w
n6xkoOImcnUB+F9X6YpFXCx+9AxxX5ktGnCO5l7VVjoNGcJvjFdqqxPaIhj02lFf
q8z9EOGtiU7wzgSBOPxP1ER8PkLdJmdL4U1ekDfSuL0ncE1rTUHvCyKmDx2jbeKz
eWdgVK3+zOqfk+miP5rdduvcVUkDbu98q+MTt4gNt7DheZqocQXRDXSCy5SfYcRh
osA=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:24:36 2025 by rpki-client