Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa
File: fcc4293c-b24f-4fac-9395-546f748b3b13.roa (raw, json)
Hash identifier: AA8vx+TcQWkqpVq5ebetJXYhlyTRCwxU9xG8EMJlc/I=
Subject key identifier: EB:B5:45:BB:01:B5:60:E4:00:D4:D0:E5:20:75:0B:88:15:69:4A:48
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 6E627A1A0092464E3107E634CF5D6872F06682C2
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa
Signing time: Wed 05 Mar 2025 00:10:31 +0000
ROA not before: Wed 05 Mar 2025 00:10:31 +0000
ROA not after: Wed 09 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:8018::/38 maxlen: 38
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:62:7a:1a:00:92:46:4e:31:07:e6:34:cf:5d:68:72:f0:66:82:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 5 00:10:31 2025 GMT
Not After : Apr 9 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:1d:75:11:e2:d1:8b:84:96:2b:6f:41:7b:02:
73:8e:15:ab:03:6f:2d:3c:1d:cb:66:d4:1f:11:a6:
f5:05:1e:2b:59:13:cf:6a:76:43:5a:78:f7:ee:ed:
05:8a:73:35:a5:6c:6a:22:f7:62:30:1f:0f:31:d6:
02:17:4c:31:74:49:39:01:27:7e:b6:6e:7a:74:9d:
27:86:a6:fe:01:c1:a1:b3:92:d2:3f:24:d5:bc:a9:
70:b8:76:45:25:dc:0e:9e:43:e8:b3:bd:12:a2:87:
a9:68:67:73:15:1b:bf:3f:e0:8e:bd:0a:8a:fb:14:
fd:25:e0:76:e1:99:32:7f:9e:e1:9b:3f:a6:81:ca:
d0:5d:e0:ab:fe:ee:cd:0d:f8:15:54:d1:49:ea:75:
e6:07:ab:54:9e:54:b1:0a:e3:2d:ec:08:a4:b3:f5:
23:e1:d2:d3:8a:46:0c:38:be:1e:4f:1d:53:e3:2e:
9b:3e:37:09:07:ea:2d:d9:7d:ba:f9:25:8e:0f:7b:
4c:dd:f1:2d:9d:a6:b4:6c:2f:df:a6:50:8e:c7:c6:
0c:0e:38:93:1b:41:f9:ac:bc:b3:e1:52:df:84:8a:
96:a2:55:99:5c:ce:27:0d:79:44:7c:da:a5:3b:b8:
11:89:e4:fe:96:53:a6:27:56:9e:f7:ef:66:00:fa:
88:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:B5:45:BB:01:B5:60:E4:00:D4:D0:E5:20:75:0B:88:15:69:4A:48
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/fcc4293c-b24f-4fac-9395-546f748b3b13.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:8018::/38
Signature Algorithm: sha256WithRSAEncryption
16:59:13:79:56:4b:37:52:89:d1:d0:e4:23:53:f1:5b:ba:9e:
54:e0:4f:78:dc:3a:6f:3b:2e:2f:04:19:ae:b2:5b:82:3c:66:
42:c5:a0:10:1f:21:ca:b6:72:9d:ed:4c:83:6a:f5:4c:0e:a1:
99:d9:d4:75:c5:b9:74:40:63:c0:37:f6:99:86:95:b9:3f:44:
9d:23:06:4e:2c:c0:e7:7b:62:a2:e2:d3:84:bb:e3:28:fa:10:
bd:98:af:dd:b7:3a:e6:29:e2:85:16:a6:34:2d:1a:4c:db:85:
37:1b:6d:bd:13:dc:d5:e2:17:5a:ad:ec:c8:10:be:e3:4d:69:
f8:33:ba:1a:87:48:a8:8b:2e:e5:b2:a9:da:c5:08:c8:69:c4:
eb:a1:0c:dc:9f:26:3f:93:16:14:46:f0:32:2c:69:f7:e7:a3:
fb:ec:15:53:16:47:21:1a:04:a7:bf:74:5a:98:f5:4e:a7:3e:
42:fc:42:b3:96:b5:c7:0d:00:c1:ca:f9:52:ff:1e:e4:67:12:
49:40:32:d7:03:6c:b3:f5:ad:51:ee:6a:b4:6d:1d:cd:d1:77:
45:7f:9f:68:c9:bc:f0:6d:fe:6a:e4:59:02:6e:8e:ff:75:0c:
a2:35:a8:8b:ca:af:59:2e:77:8d:f0:89:fa:b2:8a:31:86:38:
62:7e:b9:3f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUbmJ6GgCSRk4xB+Y0z11ocvBmgsIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMwNTAwMTAzMVoX
DTI1MDQwOTIzNTk1OVowejFJMEcGA1UEBRNAOWYzNDhlY2Q1ZTM1ODQwM2NiMWFj
NTc3NWJlMzliMjExYmUwMTkzNzVjMDE0NGFiZjFkOWZmYzg2NzMzZTA4ZTEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArx11EeLRi4SWK29BewJzjhWrA28t
PB3LZtQfEab1BR4rWRPPanZDWnj37u0FinM1pWxqIvdiMB8PMdYCF0wxdEk5ASd+
tm56dJ0nhqb+AcGhs5LSPyTVvKlwuHZFJdwOnkPos70SooepaGdzFRu/P+COvQqK
+xT9JeB24Zkyf57hmz+mgcrQXeCr/u7NDfgVVNFJ6nXmB6tUnlSxCuMt7Aiks/Uj
4dLTikYMOL4eTx1T4y6bPjcJB+ot2X26+SWOD3tM3fEtnaa0bC/fplCOx8YMDjiT
G0H5rLyz4VLfhIqWolWZXM4nDXlEfNqlO7gRieT+llOmJ1ae9+9mAPqIlQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOu1RbsBtWDkANTQ5SB1C4gVaUpIMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2ZjYzQyOTNjLWIyNGYtNGZhYy05Mzk1LTU0NmY3NDhiM2IxMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYCJA+AGAAwDQYJKoZIhvcNAQELBQADggEBABZZE3lWSzdSidHQ5CNT
8Vu6nlTgT3jcOm87Li8EGa6yW4I8ZkLFoBAfIcq2cp3tTINq9UwOoZnZ1HXFuXRA
Y8A39pmGlbk/RJ0jBk4swOd7YqLi04S74yj6EL2Yr923OuYp4oUWpjQtGkzbhTcb
bb0T3NXiF1qt7MgQvuNNafgzuhqHSKiLLuWyqdrFCMhpxOuhDNyfJj+TFhRG8DIs
affno/vsFVMWRyEaBKe/dFqY9U6nPkL8QrOWtccNAMHK+VL/HuRnEklAMtcDbLP1
rVHuarRtHc3Rd0V/n2jJvPBt/mrkWQJujv91DKI1qIvKr1kud43wifqyijGGOGJ+
uT8=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:28:14 2025 by rpki-client