Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/032b0799-1c5e-4782-8d2f-81c63132c7d2.roa
File: 032b0799-1c5e-4782-8d2f-81c63132c7d2.roa (raw, json)
Hash identifier: xJb+EqmCMGAPyzZrd7hyaxPMAdSCuWpixAbf1I8nWdw=
Subject key identifier: FA:35:B9:79:06:0B:3C:17:3A:EE:47:B4:18:0B:06:11:4A:98:D3:E9
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7E84F43409472F665BD22E3A5523CBD2AA8E74D6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/032b0799-1c5e-4782-8d2f-81c63132c7d2.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da2c:8000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:84:f4:34:09:47:2f:66:5b:d2:2e:3a:55:23:cb:d2:aa:8e:74:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3b:e7:81:1c:e5:94:13:7e:5b:10:89:7f:dd:
5e:bf:3e:3f:35:62:e4:24:c9:f3:43:8c:1b:25:1f:
ab:22:d4:f2:28:04:9b:9a:07:e0:5b:24:71:51:85:
52:5e:29:01:18:d6:f5:60:6b:36:3d:84:bb:af:58:
82:95:bb:a8:e5:51:7c:13:fc:f0:41:44:f6:48:d6:
a4:01:77:d8:07:41:8d:e2:aa:47:2e:b3:3d:5e:0e:
ec:de:a2:a8:0a:59:ce:c2:93:e9:79:a4:98:46:ca:
bd:b1:af:61:1a:be:7e:37:8b:96:9d:b9:27:d1:ca:
be:81:84:4a:53:98:74:53:eb:19:6d:70:c4:98:7a:
95:93:d6:97:ed:1d:34:ce:f9:30:97:f7:e2:52:73:
4b:38:75:56:03:e1:c0:02:11:80:ed:1e:67:3c:44:
d2:d8:f6:22:54:04:57:b5:5d:37:20:00:4a:3a:9d:
04:75:0b:3b:98:0d:ad:15:fe:05:8d:b4:bb:aa:44:
d9:d2:c4:97:cc:e4:4a:a2:08:7f:c9:cf:1c:96:d9:
67:83:c0:f2:5e:80:09:d9:e9:b4:58:18:73:05:01:
cb:4c:e4:b1:3b:fa:9b:51:95:9c:2a:9d:19:18:45:
b1:af:1f:9b:79:23:68:3e:2a:f1:54:ae:36:04:6b:
43:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:35:B9:79:06:0B:3C:17:3A:EE:47:B4:18:0B:06:11:4A:98:D3:E9
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/032b0799-1c5e-4782-8d2f-81c63132c7d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da2c:8000::/36
Signature Algorithm: sha256WithRSAEncryption
86:0a:1a:4f:4b:ba:e4:24:d1:da:09:f2:27:09:a0:aa:48:90:
e8:96:b5:ab:40:00:3b:b5:1e:c4:c5:cc:a7:26:f4:da:b5:f1:
40:0b:d7:a7:43:61:c6:f5:91:7b:ff:e8:9d:b6:a8:5e:d7:89:
1b:4e:1a:2d:7d:b0:11:77:cf:bd:53:aa:73:f2:26:5c:a2:17:
d3:fa:5c:47:d6:a3:28:a3:36:41:59:e0:f4:08:72:e3:58:99:
7f:e2:0b:dc:74:d7:5c:86:e1:3b:99:db:99:fb:07:96:03:0e:
13:15:34:e5:ac:b3:82:af:7e:a7:6c:d4:71:63:76:16:5a:6a:
2d:2e:5a:a2:7d:16:cb:b2:ba:fa:c8:d9:aa:ab:89:e2:9c:e8:
fd:64:1e:62:de:7d:71:96:f5:d9:8e:b5:0c:8f:b7:fa:39:57:
11:82:04:73:71:79:14:4b:4f:b5:61:81:86:be:11:14:98:25:
33:f9:e6:94:bb:97:7d:a8:66:a8:f5:3b:ba:a9:ac:fe:0c:b5:
9e:9d:23:53:0b:7d:67:fe:dc:eb:4e:26:37:d9:b8:77:70:bb:
61:d2:48:85:a2:dd:db:b2:63:cf:7b:bd:66:c1:a9:d3:0a:59:
77:6d:2a:f8:81:7f:50:a3:8b:33:9c:09:4f:ca:97:92:36:ee:
8b:ac:04:5c
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUfoT0NAlHL2Zb0i46VSPL0qqOdNYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIzMTAwMDAwMFoX
DTI1MDIwNDIzNTk1OVowejFJMEcGA1UEBRNAZGZhMWRkMzViMjA1ZmM2ZGQzYWZm
Yjc1NTE4OWE0NjdkOTk3OGZlMWZiYjI0NGNiOGI0NmFiYzQyM2I3YmRkNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDvngRzllBN+WxCJf91evz4/NWLk
JMnzQ4wbJR+rItTyKASbmgfgWyRxUYVSXikBGNb1YGs2PYS7r1iClbuo5VF8E/zw
QUT2SNakAXfYB0GN4qpHLrM9Xg7s3qKoClnOwpPpeaSYRsq9sa9hGr5+N4uWnbkn
0cq+gYRKU5h0U+sZbXDEmHqVk9aX7R00zvkwl/fiUnNLOHVWA+HAAhGA7R5nPETS
2PYiVARXtV03IABKOp0EdQs7mA2tFf4FjbS7qkTZ0sSXzORKogh/yc8cltlng8Dy
XoAJ2em0WBhzBQHLTOSxO/qbUZWcKp0ZGEWxrx+beSNoPirxVK42BGtD5wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPo1uXkGCzwXOu5HtBgLBhFKmNPpMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzAzMmIwNzk5LTFjNWUtNDc4Mi04ZDJmLTgxYzYzMTMyYzdkMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaLIAwDQYJKoZIhvcNAQELBQADggEBAIYKGk9LuuQk0doJ8icJ
oKpIkOiWtatAADu1HsTFzKcm9Nq18UAL16dDYcb1kXv/6J22qF7XiRtOGi19sBF3
z71TqnPyJlyiF9P6XEfWoyijNkFZ4PQIcuNYmX/iC9x011yG4TuZ25n7B5YDDhMV
NOWss4Kvfqds1HFjdhZaai0uWqJ9FsuyuvrI2aqrieKc6P1kHmLefXGW9dmOtQyP
t/o5VxGCBHNxeRRLT7VhgYa+ERSYJTP55pS7l32oZqj1O7qprP4MtZ6dI1MLfWf+
3OtOJjfZuHdwu2HSSIWi3duyY897vWbBqdMKWXdtKviBf1CjizOcCU/Kl5I27ous
BFw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:14:11 2025 by rpki-client