Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/004c94ec-a64d-4097-910e-831e2f73cc5b.roa
File: 004c94ec-a64d-4097-910e-831e2f73cc5b.roa (raw, json)
Hash identifier: 8NPNwn0dpLW33haQ5K5GPubVViDS+Lz071nhtP/lMuc=
Subject key identifier: EF:C7:85:D4:B6:08:21:00:2F:08:0B:D0:7F:86:8F:11:66:55:4B:1E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 45907354228D1DD41F43CEE00B37EE9FB6F955F1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/004c94ec-a64d-4097-910e-831e2f73cc5b.roa
Signing time: Sat 25 Jan 2025 00:00:00 +0000
ROA not before: Sat 25 Jan 2025 00:00:00 +0000
ROA not after: Sat 01 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf9:c800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:90:73:54:22:8d:1d:d4:1f:43:ce:e0:0b:37:ee:9f:b6:f9:55:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Jan 25 00:00:00 2025 GMT
Not After : Mar 1 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:4f:05:df:b8:d2:6a:60:0a:99:27:98:3e:15:
ab:c0:cb:35:c5:33:63:c3:b0:6c:dd:a4:5c:e0:23:
10:0b:ad:19:d0:27:06:bb:da:ad:0d:b0:25:3a:9e:
a6:4a:3d:80:ce:5c:63:a4:24:dc:6a:3a:95:0a:00:
d4:55:58:48:c3:0e:b6:31:d0:c1:c6:15:02:7b:37:
70:8f:07:df:69:15:87:b7:6e:49:b3:a5:0d:da:92:
eb:2c:d6:b9:c1:fd:6b:40:38:17:7e:a5:7e:53:04:
ad:67:ab:89:b2:06:40:22:4d:0a:61:8a:61:bb:ab:
36:d9:5b:70:fe:49:49:3b:ed:d6:ab:9a:7b:21:70:
9c:c2:d8:ac:f0:ed:5f:da:dd:db:4f:60:a4:64:72:
69:90:96:d8:aa:8a:31:3f:3d:b5:14:81:d6:9c:fd:
45:00:20:b5:07:a0:19:b6:cb:d1:94:8a:30:8b:1d:
cb:9b:1e:eb:3d:02:d3:ee:98:f9:ac:7c:48:08:45:
d1:0c:48:4e:93:82:dd:06:78:45:7b:c9:1d:4a:10:
2d:b9:5b:1b:c5:7c:6e:4c:37:c4:25:a7:63:b5:94:
73:6c:48:27:c0:dc:db:42:b6:0d:3f:b8:4a:ed:65:
ea:ec:ec:85:1c:28:e7:2d:ff:bc:41:2c:c1:6d:b3:
4a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:C7:85:D4:B6:08:21:00:2F:08:0B:D0:7F:86:8F:11:66:55:4B:1E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/004c94ec-a64d-4097-910e-831e2f73cc5b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf9:c800::/40
Signature Algorithm: sha256WithRSAEncryption
bf:1d:36:1e:09:c2:0d:fb:ec:b8:41:71:a2:bd:cb:0c:e4:3e:
d5:78:ce:33:21:45:7a:45:72:82:0a:5c:ad:b7:09:82:c3:4f:
e6:9d:e3:0d:45:3d:32:b8:b1:78:77:79:17:d9:21:5b:29:36:
b1:fe:b4:14:e3:d3:ec:4c:a3:71:80:f9:4d:88:16:45:da:46:
c4:8c:d2:33:d8:23:d1:79:cb:2d:ea:de:80:3f:b4:93:e4:12:
6d:e7:95:9e:f3:1c:a8:32:d2:54:3f:61:ca:db:05:6e:b3:5f:
43:3c:07:9b:fd:05:4c:2f:7e:4d:62:24:47:0e:66:32:03:21:
85:61:f0:a7:0c:c1:fa:6e:aa:7a:c9:da:9e:44:66:9e:09:f4:
01:a0:ee:c5:ea:23:86:25:ea:e4:5d:5b:46:70:59:32:05:f1:
bf:bd:5f:af:35:23:75:ad:58:ac:23:a1:ff:87:10:25:9a:6d:
48:d4:0b:a0:32:a1:d5:6d:56:33:94:d2:8b:1f:97:fa:33:ab:
45:fb:ac:01:92:fa:cb:ee:56:0f:4d:b9:8f:ac:42:dd:23:18:
e0:f7:e0:cb:30:4d:d2:86:6c:69:9e:bc:08:e2:e0:05:27:d3:
86:fe:90:62:a0:01:60:33:20:7a:e5:42:ab:aa:40:21:94:11:
78:78:8a:f6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIURZBzVCKNHdQfQ87gCzfun7b5VfEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEyNTAwMDAwMFoX
DTI1MDMwMTIzNTk1OVowejFJMEcGA1UEBRNAYTcyYmYyYTkwYjRkYTU3MzQ1Y2Qz
M2IzNmYzMGUwNWUzZmNiZmRmNDQ4YjM3NmY1ZWNjY2NjZGRkYjIzYTVlNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1U8F37jSamAKmSeYPhWrwMs1xTNj
w7Bs3aRc4CMQC60Z0CcGu9qtDbAlOp6mSj2AzlxjpCTcajqVCgDUVVhIww62MdDB
xhUCezdwjwffaRWHt25Js6UN2pLrLNa5wf1rQDgXfqV+UwStZ6uJsgZAIk0KYYph
u6s22Vtw/klJO+3Wq5p7IXCcwtis8O1f2t3bT2CkZHJpkJbYqooxPz21FIHWnP1F
ACC1B6AZtsvRlIowix3Lmx7rPQLT7pj5rHxICEXRDEhOk4LdBnhFe8kdShAtuVsb
xXxuTDfEJadjtZRzbEgnwNzbQrYNP7hK7WXq7OyFHCjnLf+8QSzBbbNKOQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFO/HhdS2CCEALwgL0H+GjxFmVUseMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzAwNGM5NGVjLWE2NGQtNDA5Ny05MTBlLTgzMWUyZjczY2M1Yi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+cgwDQYJKoZIhvcNAQELBQADggEBAL8dNh4Jwg377LhBcaK9
ywzkPtV4zjMhRXpFcoIKXK23CYLDT+ad4w1FPTK4sXh3eRfZIVspNrH+tBTj0+xM
o3GA+U2IFkXaRsSM0jPYI9F5yy3q3oA/tJPkEm3nlZ7zHKgy0lQ/YcrbBW6zX0M8
B5v9BUwvfk1iJEcOZjIDIYVh8KcMwfpuqnrJ2p5EZp4J9AGg7sXqI4Yl6uRdW0Zw
WTIF8b+9X681I3WtWKwjof+HECWabUjUC6AyodVtVjOU0osfl/ozq0X7rAGS+svu
Vg9NuY+sQt0jGOD34MswTdKGbGmevAji4AUn04b+kGKgAWAzIHrlQquqQCGUEXh4
ivY=
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:42:26 2025 by rpki-client