Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0b52a627-bb00-4630-aca4-63a81c2cfe31.roa
File: 0b52a627-bb00-4630-aca4-63a81c2cfe31.roa (raw, json)
Hash identifier: i78EKMzIpCzYPqRYUYreOCgKxU8iGOuwrurdBbs6z5I=
Subject key identifier: 6A:13:C3:8A:86:DE:E8:79:9A:6B:49:63:1E:E9:A6:E9:9B:2F:AE:83
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 443152EA41B0AD422D2BB9A245740B1E452D0DE5
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0b52a627-bb00-4630-aca4-63a81c2cfe31.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab8:2800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:31:52:ea:41:b0:ad:42:2d:2b:b9:a2:45:74:0b:1e:45:2d:0d:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:0d:c3:a7:81:27:bf:09:83:18:df:d4:16:88:
0d:ae:c4:ae:d7:62:0a:d9:b0:1a:8e:46:e3:0f:5a:
b8:e8:ec:6f:71:cf:0b:7c:4a:11:37:62:00:bc:f8:
97:cf:50:14:fb:d2:ef:8d:69:6b:c7:76:6d:9b:53:
cc:e8:34:35:ba:2c:d0:17:10:ad:af:98:3b:77:63:
72:69:43:36:04:ad:be:12:7b:80:65:3e:6f:74:35:
ee:e8:a4:53:c9:d5:9d:eb:70:d7:72:1c:0e:e8:21:
50:0f:e6:3c:07:e1:ad:1a:33:db:99:ab:29:3a:89:
4c:ca:7c:38:e8:c2:a3:7d:f7:88:a6:0f:d0:d4:8c:
65:7c:72:48:87:95:00:68:ea:27:0f:68:e9:cf:cb:
7d:4e:d8:bb:81:1e:b9:ab:34:f9:79:a1:c1:58:22:
2c:b0:24:3e:45:2c:26:34:37:f5:0f:d1:71:3b:5b:
c8:4d:99:39:7f:38:e1:22:3e:eb:df:04:18:1a:91:
8d:d8:66:ae:f8:ba:22:07:5c:d4:d0:a6:58:b4:e3:
fe:83:56:4b:bf:2a:68:61:ea:92:c9:4c:2d:29:c9:
d2:b7:99:2a:96:ec:fc:b4:bb:54:62:9d:43:6d:80:
55:0f:bc:c6:b4:db:68:2b:91:aa:95:63:59:6e:54:
f2:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:13:C3:8A:86:DE:E8:79:9A:6B:49:63:1E:E9:A6:E9:9B:2F:AE:83
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0b52a627-bb00-4630-aca4-63a81c2cfe31.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab8:2800::/40
Signature Algorithm: sha256WithRSAEncryption
2a:81:51:8c:f0:9b:a6:d2:03:99:d1:9a:df:a6:11:13:d6:74:
06:c4:94:9d:3e:7f:eb:18:24:1d:fd:36:f8:2f:07:71:10:72:
92:61:e3:ad:d0:67:33:2c:1b:58:51:21:23:8d:f4:32:e1:62:
d8:18:c6:79:73:8a:77:ef:8b:29:0f:c3:de:08:23:8a:9e:d4:
9b:51:be:28:d2:8d:22:e8:a8:39:d2:89:69:e7:93:4b:eb:5a:
a6:d3:2d:3e:2a:bd:95:81:b9:cc:47:ca:ed:92:7a:12:ab:69:
98:2d:f3:01:38:94:06:bc:66:8a:c9:93:4b:10:3b:db:67:5e:
ed:28:09:a6:d7:8d:fa:6e:1d:2b:15:53:b4:55:8e:0b:88:bb:
3b:d6:b7:28:29:b1:86:2d:83:28:cb:29:ca:fb:5d:90:37:55:
dc:d9:70:88:d3:fd:57:71:e9:d8:92:89:9b:d5:0c:d2:74:55:
27:10:96:be:cb:c9:04:5c:a6:f9:9a:8a:b7:19:fa:df:eb:93:
35:97:8a:d8:f3:f7:18:dd:29:42:f9:34:c7:c1:e3:0b:29:b5:
92:88:04:f3:e8:3c:6b:a3:f2:99:08:86:3e:62:43:2a:b5:1c:
79:f5:5e:46:26:22:88:b5:44:34:69:d4:3c:3c:1c:61:3a:58:
8e:ed:00:ed
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIURDFS6kGwrUItK7miRXQLHkUtDeUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAMjlkZDYxMzdmMGJkMTI4NjE3YmU3
NDExZWI0YzhmNTNjOTIxMTQxMjQ0YjQ4MTc2MzI4MTA3NzI2ZTMyYjRiNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuw3Dp4EnvwmDGN/UFogNrsSu12IK
2bAajkbjD1q46Oxvcc8LfEoRN2IAvPiXz1AU+9LvjWlrx3Ztm1PM6DQ1uizQFxCt
r5g7d2NyaUM2BK2+EnuAZT5vdDXu6KRTydWd63DXchwO6CFQD+Y8B+GtGjPbmasp
OolMynw46MKjffeIpg/Q1IxlfHJIh5UAaOonD2jpz8t9Tti7gR65qzT5eaHBWCIs
sCQ+RSwmNDf1D9FxO1vITZk5fzjhIj7r3wQYGpGN2Gau+LoiB1zU0KZYtOP+g1ZL
vypoYeqSyUwtKcnSt5kqluz8tLtUYp1DbYBVD7zGtNtoK5GqlWNZblTyPQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGoTw4qG3uh5mmtJYx7ppumbL66DMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzBiNTJhNjI3LWJiMDAtNDYzMC1hY2E0LTYzYTgxYzJjZmUzMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauCgwDQYJKoZIhvcNAQELBQADggEBACqBUYzwm6bSA5nRmt+m
ERPWdAbElJ0+f+sYJB39NvgvB3EQcpJh463QZzMsG1hRISON9DLhYtgYxnlzinfv
iykPw94II4qe1JtRvijSjSLoqDnSiWnnk0vrWqbTLT4qvZWBucxHyu2SehKraZgt
8wE4lAa8ZorJk0sQO9tnXu0oCabXjfpuHSsVU7RVjguIuzvWtygpsYYtgyjLKcr7
XZA3VdzZcIjT/Vdx6diSiZvVDNJ0VScQlr7LyQRcpvmaircZ+t/rkzWXitjz9xjd
KUL5NMfB4wsptZKIBPPoPGuj8pkIhj5iQyq1HHn1XkYmIoi1RDRp1Dw8HGE6WI7t
AO0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:32:02 2025 by rpki-client