Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa
File: a3f80673-8b1b-4af1-ae60-e74663f3df69.roa (raw, json)
Hash identifier: HYKFKoGcFDN8Tdix7UvhnqxiZy+Fj+qlZjIU3hXEDOk=
Subject key identifier: 14:76:D7:2B:72:3B:7F:CA:1B:B7:CD:45:C8:A0:3B:DE:5A:D7:DC:3F
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 05D96F780BD648910FEB1A34116BB55A92C003A2
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa
Signing time: Wed 05 Mar 2025 00:10:13 +0000
ROA not before: Wed 05 Mar 2025 00:10:13 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:8000:4000::/40 maxlen: 40
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:d9:6f:78:0b:d6:48:91:0f:eb:1a:34:11:6b:b5:5a:92:c0:03:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 5 00:10:13 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:57:78:78:4c:f7:69:fc:27:e1:bc:78:f4:53:
ef:03:4d:fa:29:57:88:d5:89:f5:52:9b:4d:31:e3:
6a:23:c8:e2:37:54:a0:1d:86:9e:c5:94:50:b6:0d:
d9:64:c8:2b:24:11:c8:c5:dd:5e:77:2c:5b:c2:14:
46:26:8c:f3:4e:cf:2a:9f:f8:70:28:a5:56:f4:bc:
29:e8:f3:d7:24:98:53:f6:ad:40:26:05:09:7d:cd:
2f:42:fd:c5:ed:ec:18:d0:1b:62:6a:71:f5:4e:0c:
b5:51:07:d4:f9:d7:d6:f9:ab:5e:cc:69:ee:20:4b:
e1:1a:4d:d9:ae:6e:7f:41:41:54:eb:7a:15:bb:a1:
de:bf:06:e4:8d:39:38:4a:c2:a5:84:dd:f1:32:22:
43:0f:f2:c7:97:e7:1f:73:61:c0:7c:a1:51:8a:e0:
fc:6f:1e:c8:79:45:93:da:3f:53:70:0b:e4:03:3c:
04:ed:5c:12:01:f8:1f:d4:7a:96:a7:68:ee:e0:d8:
db:e3:f0:43:80:bd:4e:b3:09:19:91:8d:92:00:42:
57:db:81:62:6c:26:20:4b:f3:1b:b6:d0:de:f6:ea:
63:cf:23:66:02:b4:9e:d7:e3:94:cc:cf:e0:8e:f7:
24:80:85:ec:9e:91:05:74:97:95:17:04:8f:a0:76:
73:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:76:D7:2B:72:3B:7F:CA:1B:B7:CD:45:C8:A0:3B:DE:5A:D7:DC:3F
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/a3f80673-8b1b-4af1-ae60-e74663f3df69.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:8000:4000::/40
Signature Algorithm: sha256WithRSAEncryption
34:55:30:5a:cc:9b:27:a7:4f:b3:a2:1c:d3:ba:3c:aa:fc:5b:
4f:09:6f:1f:8f:7c:f4:f1:6b:39:c5:93:bf:a9:ee:93:8d:cc:
c3:d7:b8:78:44:ff:02:a0:2a:b7:10:e4:f8:f1:29:57:f8:fd:
4a:d6:09:df:4c:36:42:40:30:e8:59:42:05:66:0b:d0:4f:04:
fd:d0:8e:78:5d:69:76:a1:1a:a5:78:63:cf:75:06:ad:9c:27:
24:e9:e4:1f:f9:33:e9:27:cf:da:a6:50:34:43:a3:53:c1:1c:
95:20:2c:c8:4b:42:46:fa:0e:a8:d1:7c:1b:04:2e:32:05:c6:
74:e6:9f:94:63:22:85:9c:bf:c2:ca:7e:f8:6b:c5:72:d4:7f:
b4:21:41:1d:84:dd:e0:e9:6d:60:c4:ae:da:97:8b:78:fe:47:
75:56:52:3d:30:22:6e:73:a1:0e:aa:22:e0:c3:91:3e:ba:dd:
65:a4:68:22:5d:fd:de:46:4c:25:94:78:db:cc:e1:17:fb:03:
fc:d9:d0:d7:8c:aa:35:09:97:f9:6a:aa:7d:a3:a1:62:79:dc:
30:68:78:a7:da:c2:c3:f2:96:b0:38:eb:80:bc:29:00:3e:69:
dc:a8:ef:40:8d:24:18:24:d6:ac:fa:00:c3:ae:39:35:2b:c2:
1d:b8:01:3c
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUBdlveAvWSJEP6xo0EWu1WpLAA6IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMwNTAwMTAxM1oX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNAYzkyYmE3M2QxYTFkYWRiNjdlMzZl
NmJiNzFlN2JlYzI3ZTc2YWMyMGI5OTg5NGU3NjE1NTEzZWJiMDk4MmU1YzEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy1d4eEz3afwn4bx49FPvA036KVeI
1Yn1UptNMeNqI8jiN1SgHYaexZRQtg3ZZMgrJBHIxd1edyxbwhRGJozzTs8qn/hw
KKVW9Lwp6PPXJJhT9q1AJgUJfc0vQv3F7ewY0BtianH1Tgy1UQfU+dfW+atezGnu
IEvhGk3Zrm5/QUFU63oVu6HevwbkjTk4SsKlhN3xMiJDD/LHl+cfc2HAfKFRiuD8
bx7IeUWT2j9TcAvkAzwE7VwSAfgf1HqWp2ju4Njb4/BDgL1OswkZkY2SAEJX24Fi
bCYgS/MbttDe9upjzyNmArSe1+OUzM/gjvckgIXsnpEFdJeVFwSPoHZz2QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBR21ytyO3/KG7fNRcigO95a19w/MB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2EzZjgwNjczLThiMWItNGFmMS1hZTYwLWU3NDY2M2YzZGY2OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+AAEAwDQYJKoZIhvcNAQELBQADggEBADRVMFrMmyenT7OiHNO6
PKr8W08Jbx+PfPTxaznFk7+p7pONzMPXuHhE/wKgKrcQ5PjxKVf4/UrWCd9MNkJA
MOhZQgVmC9BPBP3QjnhdaXahGqV4Y891Bq2cJyTp5B/5M+knz9qmUDRDo1PBHJUg
LMhLQkb6DqjRfBsELjIFxnTmn5RjIoWcv8LKfvhrxXLUf7QhQR2E3eDpbWDErtqX
i3j+R3VWUj0wIm5zoQ6qIuDDkT663WWkaCJd/d5GTCWUeNvM4Rf7A/zZ0NeMqjUJ
l/lqqn2joWJ53DBoeKfawsPylrA464C8KQA+adyo70CNJBgk1qz6AMOuOTUrwh24
ATw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:29:05 2025 by rpki-client