Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa
File: 9a94ee8c-7029-4ffb-af7f-435e161333de.roa (raw, json)
Hash identifier: 0uUPz19NMheCClTQDDuYZezNSEWuT2XRuBlE07u3a+c=
Subject key identifier: 01:5B:E7:27:19:73:DD:8D:A4:6D:77:52:AF:39:BF:6A:95:29:A0:88
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 54CAD390A6D5261EA8CEBB303097C56662A1F110
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa
Signing time: Wed 05 Mar 2025 00:10:46 +0000
ROA not before: Wed 05 Mar 2025 00:10:46 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:8000:8000::/40 maxlen: 40
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:ca:d3:90:a6:d5:26:1e:a8:ce:bb:30:30:97:c5:66:62:a1:f1:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 5 00:10:46 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:1b:d2:c2:9d:aa:fe:9f:e5:82:b1:ef:1e:99:
dd:fe:5a:44:50:b6:ca:e6:ca:0c:2b:c7:6e:59:52:
bc:4b:db:8c:16:c0:f9:85:9d:70:8b:a4:07:b8:3f:
b0:6e:1d:ae:24:22:fb:1c:8f:13:30:c9:f0:61:83:
1c:f4:bc:0b:7c:9f:dc:0a:87:bb:ea:9e:6e:e4:bf:
bd:10:3f:94:b1:da:bc:5b:be:07:b7:2d:c2:0e:3e:
f8:66:c0:48:09:99:18:9d:29:25:35:21:59:a3:c2:
a6:1e:94:36:00:f9:c7:14:c4:ea:00:20:7f:9b:b4:
dd:de:56:02:f9:6a:e3:89:77:e7:26:9c:0a:50:46:
ed:00:bb:94:09:0f:2d:a7:e5:91:84:59:fa:e1:05:
65:c7:8f:ec:80:33:53:db:6c:72:f8:c1:24:83:ae:
a7:44:5e:31:b4:16:02:3c:1f:7b:db:5f:14:8e:9f:
57:0a:62:75:2c:e3:98:cc:c5:cf:37:87:0a:bd:3d:
e8:37:2a:00:df:d4:c7:56:3a:03:ac:90:5b:32:60:
b9:86:d9:44:0f:96:54:a3:dd:47:fc:df:ce:f7:8d:
fd:c9:c7:7b:71:98:d2:61:0f:1f:d6:e7:b2:cb:39:
64:5a:ea:e3:0f:7b:c2:a0:ba:5b:4e:ef:9e:86:d9:
ec:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:5B:E7:27:19:73:DD:8D:A4:6D:77:52:AF:39:BF:6A:95:29:A0:88
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9a94ee8c-7029-4ffb-af7f-435e161333de.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:8000:8000::/40
Signature Algorithm: sha256WithRSAEncryption
44:7e:fc:00:b7:19:84:fb:9e:6b:42:d3:4a:2b:45:fa:31:c4:
33:2a:c9:b4:c8:57:34:c1:d7:a4:04:6f:6d:d9:b8:05:34:d9:
1d:8e:da:a7:33:72:16:d3:48:c6:27:c9:48:35:0f:e6:2e:a7:
ef:d0:ea:99:2a:f0:90:fb:ac:cc:86:5a:72:12:07:e8:4f:51:
7a:b8:ad:5e:f1:52:71:52:fe:3a:d6:51:a6:45:9e:a0:42:d2:
22:21:fc:46:95:47:a1:ce:51:af:65:88:3b:0f:79:20:7a:9b:
9b:af:f6:2e:4f:0a:75:32:3a:fc:e2:d7:2d:17:84:e4:a7:57:
37:2f:8c:e5:e9:bb:51:92:17:84:d9:c1:60:8c:2a:42:f2:96:
55:d0:e6:7a:4f:de:a5:1e:b3:5d:e8:15:77:33:91:45:28:4c:
42:4b:2e:42:ce:53:db:bc:1a:e9:7f:e4:3f:50:d0:6b:e3:8a:
87:a3:6a:7d:5f:91:8e:3e:d2:a3:ed:41:89:77:82:f1:c2:03:
4f:d5:2a:d5:8a:a5:65:c3:15:30:0d:7c:cc:27:f3:2e:27:50:
3a:af:2a:e3:8d:c3:da:89:05:ec:e9:86:88:f7:31:04:4a:05:
7f:e4:32:3d:10:87:f8:4e:e2:a8:f1:8f:9a:c6:fc:62:b5:0a:
60:a9:f5:f5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUVMrTkKbVJh6ozrswMJfFZmKh8RAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMwNTAwMTA0NloX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNANTVjNjMwZmI5MGZmZTRmZDIwNjdm
MzVhOGFiNTZiOGJkZWEzNTRmMmY0NzdlNzVhNDY0N2QwMDk4OWViYWIyYzEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlxvSwp2q/p/lgrHvHpnd/lpEULbK
5soMK8duWVK8S9uMFsD5hZ1wi6QHuD+wbh2uJCL7HI8TMMnwYYMc9LwLfJ/cCoe7
6p5u5L+9ED+Usdq8W74Hty3CDj74ZsBICZkYnSklNSFZo8KmHpQ2APnHFMTqACB/
m7Td3lYC+WrjiXfnJpwKUEbtALuUCQ8tp+WRhFn64QVlx4/sgDNT22xy+MEkg66n
RF4xtBYCPB97218Ujp9XCmJ1LOOYzMXPN4cKvT3oNyoA39THVjoDrJBbMmC5htlE
D5ZUo91H/N/O9439ycd7cZjSYQ8f1ueyyzlkWurjD3vCoLpbTu+ehtnsiwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAFb5ycZc92NpG13Uq85v2qVKaCIMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzlhOTRlZThjLTcwMjktNGZmYi1hZjdmLTQzNWUxNjEzMzNkZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+AAIAwDQYJKoZIhvcNAQELBQADggEBAER+/AC3GYT7nmtC00or
RfoxxDMqybTIVzTB16QEb23ZuAU02R2O2qczchbTSMYnyUg1D+Yup+/Q6pkq8JD7
rMyGWnISB+hPUXq4rV7xUnFS/jrWUaZFnqBC0iIh/EaVR6HOUa9liDsPeSB6m5uv
9i5PCnUyOvzi1y0XhOSnVzcvjOXpu1GSF4TZwWCMKkLyllXQ5npP3qUes13oFXcz
kUUoTEJLLkLOU9u8Gul/5D9Q0Gvjioejan1fkY4+0qPtQYl3gvHCA0/VKtWKpWXD
FTANfMwn8y4nUDqvKuONw9qJBezphoj3MQRKBX/kMj0Qh/hO4qjxj5rG/GK1CmCp
9fU=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:23:44 2025 by rpki-client