Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/befec666-436f-4e82-8b41-4bd8d82646ff.roa
File: befec666-436f-4e82-8b41-4bd8d82646ff.roa (raw, json)
Hash identifier: qkhl6kx7dnTMRxLuZFeTt6dILemxamEDcYJu8MwDl7I=
Subject key identifier: 06:CF:3E:E8:CC:59:31:57:90:F5:21:B9:78:D4:54:00:98:37:C6:68
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 087326EBE7E71AAA68168C565DA28F9012B03481
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/befec666-436f-4e82-8b41-4bd8d82646ff.roa
Signing time: Sat 30 Nov 2024 00:00:00 +0000
ROA not before: Sat 30 Nov 2024 00:00:00 +0000
ROA not after: Sat 04 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2400:6700::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:73:26:eb:e7:e7:1a:aa:68:16:8c:56:5d:a2:8f:90:12:b0:34:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Nov 30 00:00:00 2024 GMT
Not After : Jan 4 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:74:82:80:e7:65:ef:a2:24:00:03:96:d4:d7:
bd:71:d4:69:34:8c:bd:1a:e9:2f:4f:99:58:9a:5b:
3f:6c:ed:fa:18:ff:cc:27:1c:80:44:63:2a:a5:3d:
29:52:58:00:32:70:b0:60:12:39:aa:37:f6:61:28:
90:f7:00:b8:ea:52:41:68:dd:27:03:91:41:c5:fa:
cb:3d:87:44:74:dd:cf:56:b5:81:54:03:07:80:c1:
d2:39:e1:98:27:f7:f0:68:68:ff:43:5d:ee:d8:b6:
c9:2b:b6:10:96:41:09:60:39:cc:81:38:0f:c3:99:
22:dc:e2:25:6e:0b:7e:cd:04:a5:59:ad:2c:84:6b:
93:46:97:77:39:71:4b:0b:39:f5:a2:dd:72:0e:f4:
22:41:04:a5:05:bf:19:33:b7:6c:3f:12:29:fc:83:
eb:87:9e:f1:84:51:5c:b1:90:8b:04:87:b4:7d:2b:
f1:e6:93:bf:0a:48:aa:3c:52:a8:62:d4:df:68:46:
41:38:25:05:b1:1e:0a:c1:2b:63:6f:0f:41:33:31:
32:ff:64:73:8b:d2:52:8f:28:5c:2c:08:d8:aa:31:
ea:cd:dc:cb:06:4a:b7:8d:d4:fe:d4:cc:f4:e7:e3:
9b:48:68:78:75:a4:a5:f8:12:86:1c:6b:39:9f:61:
3a:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:CF:3E:E8:CC:59:31:57:90:F5:21:B9:78:D4:54:00:98:37:C6:68
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/befec666-436f-4e82-8b41-4bd8d82646ff.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6700::/32
Signature Algorithm: sha256WithRSAEncryption
30:d0:fb:92:d2:ce:eb:22:2d:90:99:6f:d5:7b:4b:75:13:dc:
74:8e:7d:77:3e:b0:a7:ba:7d:76:c6:4e:b6:e5:52:a5:80:e4:
78:97:48:88:3c:62:01:f2:cf:58:4f:8b:ee:6a:d8:84:e5:95:
88:4a:9e:bc:ae:aa:cf:1c:b9:ec:15:d0:5b:4f:52:22:73:83:
61:d3:6c:17:4a:c3:c1:62:b6:f5:15:90:00:d2:33:c3:32:98:
b7:63:0f:0c:35:d3:8c:f7:43:ce:a6:25:aa:42:46:67:ab:d6:
dc:bd:cb:65:02:4a:f5:ba:cd:5a:5a:c6:7f:a1:38:d2:4e:22:
86:86:dc:ce:7a:76:8d:92:71:2f:d4:8e:32:87:b2:0e:c9:cb:
10:63:7a:2d:79:13:bf:75:17:8f:11:6b:fc:14:b8:f6:d6:97:
54:b0:39:92:a3:6a:7e:5c:50:1a:ef:b8:be:0d:d1:fb:2d:d7:
b7:5d:0a:41:c9:ac:6d:c3:2d:0b:2f:b7:f3:34:8b:12:21:92:
2b:4a:ae:c8:aa:7d:ec:f6:7f:1f:5d:76:db:61:f3:93:b2:48:
56:4a:2a:71:b0:26:da:32:9c:e7:ef:7f:16:ee:93:f5:65:78:
df:54:f9:e1:f1:41:13:63:d9:b7:14:42:f2:d9:c4:58:c6:76:
bc:ff:15:79
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUCHMm6+fnGqpoFoxWXaKPkBKwNIEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTEzMDAwMDAwMFoX
DTI1MDEwNDIzNTk1OVowejFJMEcGA1UEBRNANzY1NTJiZDBlNTUwMTQzNGJlMjlh
YzYxYTEzZjg5MzFjOTVjY2U1MDdiYjVjZmEwNmI2ODFjMmI3ODY1ZGJlZDEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnSCgOdl76IkAAOW1Ne9cdRpNIy9
GukvT5lYmls/bO36GP/MJxyARGMqpT0pUlgAMnCwYBI5qjf2YSiQ9wC46lJBaN0n
A5FBxfrLPYdEdN3PVrWBVAMHgMHSOeGYJ/fwaGj/Q13u2LbJK7YQlkEJYDnMgTgP
w5ki3OIlbgt+zQSlWa0shGuTRpd3OXFLCzn1ot1yDvQiQQSlBb8ZM7dsPxIp/IPr
h57xhFFcsZCLBIe0fSvx5pO/CkiqPFKoYtTfaEZBOCUFsR4KwStjbw9BMzEy/2Rz
i9JSjyhcLAjYqjHqzdzLBkq3jdT+1Mz05+ObSGh4daSl+BKGHGs5n2E6hwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFAbPPujMWTFXkPUhuXjUVACYN8ZoMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
L2JlZmVjNjY2LTQzNmYtNGU4Mi04YjQxLTRiZDhkODI2NDZmZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEAMND7ktLO6yItkJlv1XtL
dRPcdI59dz6wp7p9dsZOtuVSpYDkeJdIiDxiAfLPWE+L7mrYhOWViEqevK6qzxy5
7BXQW09SInODYdNsF0rDwWK29RWQANIzwzKYt2MPDDXTjPdDzqYlqkJGZ6vW3L3L
ZQJK9brNWlrGf6E40k4ihobcznp2jZJxL9SOMoeyDsnLEGN6LXkTv3UXjxFr/BS4
9taXVLA5kqNqflxQGu+4vg3R+y3Xt10KQcmsbcMtCy+38zSLEiGSK0quyKp97PZ/
H11222Hzk7JIVkoqcbAm2jKc5+9/Fu6T9WV431T54fFBE2PZtxRC8tnEWMZ2vP8V
eQ==
-----END CERTIFICATE-----
Generated at Sat Apr 5 20:19:24 2025 by rpki-client