Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa
File: a3080b31-8684-4ce8-b4e6-33db63d13627.roa (raw, json)
Hash identifier: DLMGYFOzKjV2HUPFCLMLRwhJARg97KQmB27yXdet/MQ=
Subject key identifier: 56:80:22:F9:3D:2F:84:22:42:67:BE:EA:47:56:54:41:25:4A:7C:2D
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 730D90906A50FDAA2EF61BCF655922779C688013
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa
Signing time: Wed 05 Mar 2025 00:10:38 +0000
ROA not before: Wed 05 Mar 2025 00:10:38 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:8060::/32 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:0d:90:90:6a:50:fd:aa:2e:f6:1b:cf:65:59:22:77:9c:68:80:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 5 00:10:38 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ad:8d:a4:74:e6:d8:3a:e1:ad:fc:fe:e4:5c:
24:7d:6e:94:ae:cf:82:04:bc:cd:fc:ae:73:e2:7a:
dd:10:c0:5a:7a:25:c3:a1:2a:7c:60:37:a3:46:57:
1f:12:a5:49:6b:68:d8:72:48:b2:9d:3e:e0:8a:d4:
3c:c4:82:e1:15:45:23:80:1e:43:3e:4f:ea:cf:76:
8d:4c:19:40:40:83:3a:97:6f:b6:88:01:47:45:df:
7a:07:12:6b:77:28:59:5d:54:45:c3:49:23:16:2c:
75:81:84:4f:a1:7e:16:67:1e:da:2c:44:23:79:08:
c7:ce:bb:89:54:5a:ef:e9:28:ec:d6:f0:87:5f:65:
bb:52:27:9c:26:42:39:50:2b:90:26:77:b9:94:5b:
e0:71:08:68:b6:29:99:df:e0:88:ba:69:9d:70:59:
9a:a3:77:54:14:43:a3:c9:7c:7b:fa:65:01:24:a7:
9a:b5:b8:4d:37:9d:cd:e6:89:aa:02:7d:8b:a0:c7:
74:1c:e8:69:c6:37:d5:5c:9b:84:a6:81:e0:62:d8:
b9:85:f1:2b:fa:81:1d:96:f3:94:49:17:44:32:0c:
f3:1d:aa:c1:a5:d5:2c:f0:15:d5:6c:e9:31:ab:24:
1e:a9:a0:4b:38:bd:f2:c2:01:b3:ce:3b:33:3d:d8:
42:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:80:22:F9:3D:2F:84:22:42:67:BE:EA:47:56:54:41:25:4A:7C:2D
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3080b31-8684-4ce8-b4e6-33db63d13627.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:8060::/32
Signature Algorithm: sha256WithRSAEncryption
a6:f8:a2:b5:3d:a6:e4:4a:40:a1:8c:37:cb:db:ce:83:c7:1e:
de:fd:f7:46:03:7c:3d:79:7c:94:34:40:22:7c:84:7e:b1:af:
dc:cf:05:ca:c3:24:71:bc:b9:c8:05:89:23:bd:46:91:1e:43:
74:c8:ab:2f:56:6e:34:80:fd:b4:5c:3f:48:f7:1f:67:76:85:
54:86:aa:22:39:1a:22:6e:c2:92:7a:52:17:c2:cb:39:fd:1c:
2a:5a:03:c3:73:cd:a1:27:ed:bb:34:87:ae:65:78:6c:11:5b:
de:7c:4d:a9:78:a8:76:85:67:4b:7f:10:39:a4:5b:6a:75:aa:
30:92:2c:99:60:55:74:65:d4:a9:9a:30:6d:7c:e8:4f:01:7c:
b9:33:7c:8b:a7:80:7a:a3:87:e2:df:08:89:20:1a:0b:4c:06:
89:ef:0c:05:df:26:27:5b:37:12:a8:f5:1b:4a:ea:bf:05:26:
fa:08:13:4d:a8:08:89:a6:25:c0:6b:80:28:0d:37:2f:e9:ab:
04:00:23:29:87:48:d9:5c:75:67:95:02:14:71:a3:2a:d7:af:
b6:ee:ce:1d:3c:3a:a6:16:c9:e3:bf:16:a3:19:ad:39:b3:57:
72:d6:19:bf:69:c6:77:5e:41:df:eb:07:ec:c2:7a:5f:a7:70:
69:32:52:89
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUcw2QkGpQ/aou9hvPZVkid5xogBMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMwNTAwMTAzOFoX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNAYzc2NzI3ODc0ODNlM2U1Njk3ODU3
Njg5ZTBmNjMxODNjODQwNDJiZGFhMTRkNDZmMTQ1ZGI0MmE1NzVmOGJmODEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAra2NpHTm2Drhrfz+5FwkfW6Urs+C
BLzN/K5z4nrdEMBaeiXDoSp8YDejRlcfEqVJa2jYckiynT7gitQ8xILhFUUjgB5D
Pk/qz3aNTBlAQIM6l2+2iAFHRd96BxJrdyhZXVRFw0kjFix1gYRPoX4WZx7aLEQj
eQjHzruJVFrv6Sjs1vCHX2W7UiecJkI5UCuQJne5lFvgcQhotimZ3+CIummdcFma
o3dUFEOjyXx7+mUBJKeatbhNN53N5omqAn2LoMd0HOhpxjfVXJuEpoHgYti5hfEr
+oEdlvOUSRdEMgzzHarBpdUs8BXVbOkxqyQeqaBLOL3ywgGzzjszPdhCJwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFFaAIvk9L4QiQme+6kdWVEElSnwtMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2EzMDgwYjMxLTg2ODQtNGNlOC1iNGU2LTMzZGI2M2QxMzYyNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJA+AYDANBgkqhkiG9w0BAQsFAAOCAQEApviitT2m5EpAoYw3y9vO
g8ce3v33RgN8PXl8lDRAInyEfrGv3M8FysMkcby5yAWJI71GkR5DdMirL1ZuNID9
tFw/SPcfZ3aFVIaqIjkaIm7CknpSF8LLOf0cKloDw3PNoSftuzSHrmV4bBFb3nxN
qXiodoVnS38QOaRbanWqMJIsmWBVdGXUqZowbXzoTwF8uTN8i6eAeqOH4t8IiSAa
C0wGie8MBd8mJ1s3Eqj1G0rqvwUm+ggTTagIiaYlwGuAKA03L+mrBAAjKYdI2Vx1
Z5UCFHGjKtevtu7OHTw6phbJ478WoxmtObNXctYZv2nGd15B3+sH7MJ6X6dwaTJS
iQ==
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:34:12 2025 by rpki-client