Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa
File: c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa (raw, json)
Hash identifier: N6a0Dx7AnVQQ9pDLkCaJmlym2xlA/MTH8K03+zeJsZ8=
Subject key identifier: CF:ED:3E:03:AC:D4:C2:B7:1C:BB:66:9A:A5:A4:4D:19:BC:70:A6:F2
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 4750A130C70742EF663D0D5F844AB1E533509AC8
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa
Signing time: Wed 26 Mar 2025 00:10:05 +0000
ROA not before: Wed 26 Mar 2025 00:10:05 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80fe:4000::/40 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:50:a1:30:c7:07:42:ef:66:3d:0d:5f:84:4a:b1:e5:33:50:9a:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 26 00:10:05 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:6e:a3:4c:a3:6d:93:72:2d:3e:16:60:5d:87:
4e:07:26:6d:b6:23:8a:9d:bc:b2:3f:0a:1f:74:72:
b5:89:fe:cb:f2:c3:0b:e8:f7:54:c5:c3:a8:05:2c:
1a:2d:e2:08:82:46:fb:64:c8:f8:e5:15:d0:41:9d:
c7:63:6f:ec:a4:84:39:94:93:3b:36:d7:1d:63:ad:
35:3e:68:52:58:6b:c5:05:81:b5:b4:f7:4e:3c:5d:
30:bf:99:94:2f:9c:c9:d5:ff:a9:3e:64:34:2e:e1:
39:79:59:b1:2f:d4:bd:13:c8:b9:df:33:93:ec:c1:
b2:1b:b5:10:5d:7f:cb:45:5e:8e:73:57:7e:79:20:
67:c5:3d:f9:e9:2e:7d:76:a2:ca:80:96:cf:30:2a:
cc:bf:3a:9d:ac:17:61:02:91:00:94:1c:6d:8a:63:
9a:4c:a0:38:03:32:66:f3:19:3b:b1:ed:63:ef:e0:
bc:81:4c:a0:d7:97:46:42:1c:c0:8c:61:f7:c0:22:
a4:b9:57:92:f1:c1:87:79:e1:cc:fc:d2:86:b0:2d:
72:71:08:b2:62:6e:22:a0:50:bd:e5:68:41:a0:c5:
4a:c8:6e:78:48:6f:3d:50:10:26:4f:78:16:29:03:
4b:04:03:b3:12:9d:ae:d8:bc:e7:c3:ec:1e:76:21:
e3:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:ED:3E:03:AC:D4:C2:B7:1C:BB:66:9A:A5:A4:4D:19:BC:70:A6:F2
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c886fdcc-d9c4-485a-a941-7aa2c7d093e3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80fe:4000::/40
Signature Algorithm: sha256WithRSAEncryption
7a:95:c8:0e:92:84:13:28:d1:39:dd:9b:1c:03:ce:02:a6:3e:
5d:29:79:15:47:d5:d4:4b:6e:69:cc:09:f0:ce:54:8b:c6:01:
70:2b:10:75:f6:ad:36:c1:80:0f:0e:79:34:b4:c2:92:6e:04:
2d:de:68:8f:2c:e5:4b:3a:6b:85:fc:4e:d3:cf:88:66:80:0c:
eb:8b:d2:a6:f5:28:e1:ff:29:6e:b2:8c:de:c3:91:88:2b:33:
89:82:ec:bf:7f:0e:02:99:e1:62:f7:36:77:e7:8c:32:e1:c6:
7b:2e:e2:36:9a:ee:37:df:ae:38:ad:0b:82:ec:9b:df:2d:3b:
6c:88:9d:13:ff:f3:f7:ff:46:70:d3:00:d9:ab:b8:62:4c:ac:
1a:08:93:e8:ae:13:80:fc:14:d9:4d:a6:c9:e5:46:73:e6:fb:
52:50:0f:de:c0:bb:e1:da:fc:e2:3c:0b:5b:90:36:36:8b:d6:
0f:f6:59:89:df:a1:78:bd:5c:7c:ac:50:13:78:ed:38:fa:ad:
d6:e6:b9:0c:c9:9e:ff:e5:01:12:94:c7:a7:5f:c2:36:db:53:
b6:b6:39:f6:83:c9:e1:c4:2c:fe:3d:a6:93:ad:8d:bb:17:68:
17:0b:0b:16:c2:20:dc:80:e6:28:f3:41:1c:a5:bd:10:b7:42:
a4:fe:9a:4a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUR1ChMMcHQu9mPQ1fhEqx5TNQmsgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMyNjAwMTAwNVoX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNANTlmM2MxNGUyN2E4ZTBiMTBiZmQ0
OWE1MjFkZTgxNDk0ZWU5MGIzNmNlYWE5MDU1NTBiNTIzNTI0NmM5ZGUwMjEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs26jTKNtk3ItPhZgXYdOByZttiOK
nbyyPwofdHK1if7L8sML6PdUxcOoBSwaLeIIgkb7ZMj45RXQQZ3HY2/spIQ5lJM7
NtcdY601PmhSWGvFBYG1tPdOPF0wv5mUL5zJ1f+pPmQ0LuE5eVmxL9S9E8i53zOT
7MGyG7UQXX/LRV6Oc1d+eSBnxT356S59dqLKgJbPMCrMvzqdrBdhApEAlBxtimOa
TKA4AzJm8xk7se1j7+C8gUyg15dGQhzAjGH3wCKkuVeS8cGHeeHM/NKGsC1ycQiy
Ym4ioFC95WhBoMVKyG54SG89UBAmT3gWKQNLBAOzEp2u2Lznw+wediHj+QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFM/tPgOs1MK3HLtmmqWkTRm8cKbyMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2M4ODZmZGNjLWQ5YzQtNDg1YS1hOTQxLTdhYTJjN2QwOTNlMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+A/kAwDQYJKoZIhvcNAQELBQADggEBAHqVyA6ShBMo0TndmxwD
zgKmPl0peRVH1dRLbmnMCfDOVIvGAXArEHX2rTbBgA8OeTS0wpJuBC3eaI8s5Us6
a4X8TtPPiGaADOuL0qb1KOH/KW6yjN7DkYgrM4mC7L9/DgKZ4WL3NnfnjDLhxnsu
4jaa7jffrjitC4Lsm98tO2yInRP/8/f/RnDTANmruGJMrBoIk+iuE4D8FNlNpsnl
RnPm+1JQD97Au+Ha/OI8C1uQNjaL1g/2WYnfoXi9XHysUBN47Tj6rdbmuQzJnv/l
ARKUx6dfwjbbU7a2OfaDyeHELP49ppOtjbsXaBcLCxbCINyA5ijzQRylvRC3QqT+
mko=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:25:47 2025 by rpki-client