Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/ba324b4e-d4cd-4df6-a846-89610642c7ba.roa
File: ba324b4e-d4cd-4df6-a846-89610642c7ba.roa (raw, json)
Hash identifier: F2tpEzk6/nSMRTYCwhIcSnmluHgWZfggo56Oxb+jccQ=
Subject key identifier: C5:CE:57:79:70:B6:89:57:9D:89:34:0D:58:EC:22:34:42:70:84:24
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 3A590DBFC706B63B64AA1F394DD724A4AAD33F49
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/ba324b4e-d4cd-4df6-a846-89610642c7ba.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80fc:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:59:0d:bf:c7:06:b6:3b:64:aa:1f:39:4d:d7:24:a4:aa:d3:3f:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:44:09:e2:f3:29:4d:af:66:06:4b:6e:43:0a:
fa:43:97:1e:f0:c9:79:5e:bb:1c:80:a5:1c:4c:d1:
c9:9d:39:d4:11:06:9c:e4:02:5b:db:c1:ec:88:bc:
06:ec:ef:0d:56:16:a9:aa:be:1d:94:cb:d9:05:d3:
2f:fe:2a:ae:c4:b0:14:07:df:e5:38:9b:fe:1e:e9:
01:9b:37:48:cd:e4:29:91:d7:1a:55:63:23:d3:ad:
e6:68:4f:3f:77:3f:4c:48:ee:27:e7:28:b8:4b:db:
cd:3f:9e:fc:83:37:61:47:31:49:41:df:95:aa:49:
20:9a:9d:bf:ad:bc:34:02:c7:ed:70:4b:5d:3e:08:
cb:3a:e2:ec:e9:cc:90:38:e3:25:9f:2d:4b:83:bb:
da:c8:73:9f:69:2c:09:31:49:37:db:54:d9:d3:40:
c4:da:fa:1f:49:91:ca:b9:ae:0c:46:89:98:d6:7f:
99:72:2a:5e:92:e6:8e:af:47:db:f7:00:1a:22:81:
b6:62:0c:db:f4:e7:ec:c0:46:30:95:59:19:64:65:
44:b9:ff:dd:f9:49:3d:14:ff:76:e4:1d:65:6f:f6:
10:b3:1e:1e:26:5d:82:db:1d:2e:eb:49:45:e6:94:
46:c2:20:84:53:b1:ba:69:fe:04:d2:13:fd:82:f6:
a5:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:CE:57:79:70:B6:89:57:9D:89:34:0D:58:EC:22:34:42:70:84:24
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/ba324b4e-d4cd-4df6-a846-89610642c7ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80fc:4000::/40
Signature Algorithm: sha256WithRSAEncryption
20:ae:73:96:99:aa:74:ab:d9:0c:e6:ab:4b:37:42:ab:67:fc:
88:a6:8f:a5:fc:ae:e2:35:9c:94:7d:b0:08:49:37:c0:8f:f6:
48:a5:6c:e0:de:d1:c5:24:d7:88:0e:f3:1d:51:d0:5c:de:0b:
f6:7d:4c:6b:15:39:77:7a:09:3c:c8:6b:9e:bd:fb:ce:39:6d:
5b:ee:13:b8:cc:fb:2f:ca:f6:17:4c:60:87:2e:1b:e5:c9:78:
1d:d0:3b:0a:dd:19:f2:ea:be:a6:f4:ce:d6:ca:06:98:21:6e:
e8:ac:d4:80:10:1f:b4:93:9f:d2:63:ca:ce:39:37:ba:e0:5e:
54:08:6b:ed:c1:65:e0:a2:a8:3d:50:24:de:26:fd:c2:0e:da:
4c:a6:62:3a:2f:1e:04:0e:35:69:2a:0d:b1:80:2a:16:87:4b:
02:22:51:9f:9f:62:c3:f2:f9:ba:f2:be:2e:6a:41:4d:57:26:
70:c9:9d:ea:5b:6a:39:09:39:7e:08:1f:b9:87:01:15:0b:2f:
8a:3c:d0:35:42:3c:cf:df:04:65:e9:56:a4:a4:c6:5d:87:a2:
92:79:28:dd:80:63:40:3e:4c:09:6f:7e:47:93:ce:e8:e4:07:
5d:67:fb:97:f1:49:35:f4:ed:11:45:23:a1:cc:13:bc:a5:82:
28:ff:0b:f7
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUOlkNv8cGtjtkqh85TdckpKrTP0kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTIxNzAwMDAwMFoX
DTI1MDEyMTIzNTk1OVowejFJMEcGA1UEBRNAOGE3OWQwYTBjZWExMDgyOGIzY2Ew
ZDg3ZDE0NDExYWIxYjhiNTlmY2I2NzIwODE0ZThlMWJlYWIwMjU4MTcyYzEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmUQJ4vMpTa9mBktuQwr6Q5ce8Ml5
XrscgKUcTNHJnTnUEQac5AJb28HsiLwG7O8NVhapqr4dlMvZBdMv/iquxLAUB9/l
OJv+HukBmzdIzeQpkdcaVWMj063maE8/dz9MSO4n5yi4S9vNP578gzdhRzFJQd+V
qkkgmp2/rbw0AsftcEtdPgjLOuLs6cyQOOMlny1Lg7vayHOfaSwJMUk321TZ00DE
2vofSZHKua4MRomY1n+ZcipekuaOr0fb9wAaIoG2Ygzb9OfswEYwlVkZZGVEuf/d
+Uk9FP925B1lb/YQsx4eJl2C2x0u60lF5pRGwiCEU7G6af4E0hP9gvaljwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMXOV3lwtolXnYk0DVjsIjRCcIQkMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2JhMzI0YjRlLWQ0Y2QtNGRmNi1hODQ2LTg5NjEwNjQyYzdiYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+A/EAwDQYJKoZIhvcNAQELBQADggEBACCuc5aZqnSr2Qzmq0s3
Qqtn/Iimj6X8ruI1nJR9sAhJN8CP9kilbODe0cUk14gO8x1R0FzeC/Z9TGsVOXd6
CTzIa569+845bVvuE7jM+y/K9hdMYIcuG+XJeB3QOwrdGfLqvqb0ztbKBpghbuis
1IAQH7STn9Jjys45N7rgXlQIa+3BZeCiqD1QJN4m/cIO2kymYjovHgQONWkqDbGA
KhaHSwIiUZ+fYsPy+bryvi5qQU1XJnDJnepbajkJOX4IH7mHARULL4o80DVCPM/f
BGXpVqSkxl2HopJ5KN2AY0A+TAlvfkeTzujkB11n+5fxSTX07RFFI6HME7ylgij/
C/c=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:26:49 2025 by rpki-client