Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dc98304-78d8-4dbf-8f2f-a600d8e71301.roa
File: 0dc98304-78d8-4dbf-8f2f-a600d8e71301.roa (raw, json)
Hash identifier: x3mKYJVpx8ldS07Dfx2t24HAOSeZ/DHunPqzAF46mSQ=
Subject key identifier: 70:AB:30:C1:51:47:1A:24:58:96:1C:94:A0:53:6B:C3:19:E0:2C:92
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 054C87DD09FFB4B4FB40B0E9596CB597FA4EEC3E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dc98304-78d8-4dbf-8f2f-a600d8e71301.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf6:6000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:4c:87:dd:09:ff:b4:b4:fb:40:b0:e9:59:6c:b5:97:fa:4e:ec:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:6d:64:09:84:64:b2:c4:aa:b7:1d:95:5f:74:
0f:2c:82:a5:dc:25:96:74:82:69:2d:ce:55:76:93:
60:24:c9:41:de:a9:d8:f1:31:c8:f2:85:4a:f7:3f:
73:0a:59:50:cf:2c:49:9e:0d:3b:10:3a:d3:5c:b1:
2a:83:78:7b:e8:06:a5:e9:17:ef:3b:08:de:76:c6:
1a:48:5a:2e:69:a1:66:76:5c:29:3d:45:0f:2a:6c:
aa:67:cc:3c:3a:58:19:99:f6:aa:92:09:93:2d:8c:
4d:6b:9a:8d:f9:49:df:dd:b5:18:aa:81:58:cc:a5:
35:f7:bc:0a:45:a8:61:50:19:d2:93:86:ce:11:e1:
ef:a1:24:53:ba:34:5a:ed:d7:b7:a9:52:87:0a:71:
40:d7:26:3f:39:c4:8c:76:c6:1a:64:42:c7:50:38:
04:d1:99:28:d8:ce:2a:7f:0a:9a:37:fd:7f:7b:59:
16:fd:e6:20:03:6b:bb:da:8d:e8:c1:f6:22:42:80:
ba:fe:4c:1e:f3:f2:b7:a0:e3:7a:06:b0:16:9d:bd:
c2:31:f1:d4:5c:26:6a:da:c5:90:ab:74:c1:2d:8e:
68:0e:94:4e:bd:98:42:9b:66:7e:fe:d7:2c:cb:ad:
76:78:10:f5:7e:a4:0e:f3:6f:1b:43:4d:20:df:6e:
70:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:AB:30:C1:51:47:1A:24:58:96:1C:94:A0:53:6B:C3:19:E0:2C:92
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0dc98304-78d8-4dbf-8f2f-a600d8e71301.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf6:6000::/40
Signature Algorithm: sha256WithRSAEncryption
7c:10:dc:c0:05:3e:66:08:1e:4e:be:18:90:56:a1:c3:1b:3f:
63:4c:8d:98:37:90:7a:fe:ab:d4:4c:b5:36:59:2a:83:43:59:
60:8c:69:bf:54:1b:36:ee:fc:92:5a:53:52:07:ac:bc:52:b8:
ff:0f:e9:50:79:a1:c4:90:16:8a:ce:f7:f4:2a:fd:1e:5c:de:
7c:5b:e0:6b:4c:ea:6d:9c:f0:8a:22:4a:87:71:43:53:21:43:
80:c9:30:61:b2:3a:fd:29:de:d8:2f:f8:46:c0:82:76:11:37:
cf:e3:3e:bd:5b:9d:c9:3a:ca:1d:48:d9:a5:ed:5e:5b:b2:bc:
bc:14:70:8d:d7:8b:e2:07:96:4e:5e:3f:41:ee:bb:da:63:7a:
d4:d8:60:2d:95:3e:49:30:65:3d:08:3b:a9:88:06:f0:a7:4c:
d6:2a:85:8c:59:93:8a:df:ef:51:ff:f6:0f:00:21:b5:ac:6b:
b7:a9:f3:ef:cf:85:d4:5f:1b:2b:a6:78:1a:9b:34:b0:02:aa:
7d:3b:49:44:48:08:14:c6:75:11:e6:ca:9a:cd:e3:97:49:95:
11:e5:1f:83:63:86:d0:d6:0b:8b:6a:9b:a3:13:ee:ad:bf:7f:
86:44:37:d7:26:2c:32:e9:45:3a:af:d9:dc:54:c9:7c:2b:32:
5a:93:e8:5c
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUBUyH3Qn/tLT7QLDpWWy1l/pO7D4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNzAwMDAwMFoX
DTI1MDEyMTIzNTk1OVowejFJMEcGA1UEBRNAYzllYWI3YjgyYmUwMGFlYTkyNzg3
NzgzM2IyZGIxYjBmMWM2ZmQzOTEwNWNiNTZkMjM4YzZlZGJmODM2MDg2YTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq21kCYRkssSqtx2VX3QPLIKl3CWW
dIJpLc5VdpNgJMlB3qnY8THI8oVK9z9zCllQzyxJng07EDrTXLEqg3h76Aal6Rfv
OwjedsYaSFouaaFmdlwpPUUPKmyqZ8w8OlgZmfaqkgmTLYxNa5qN+Unf3bUYqoFY
zKU197wKRahhUBnSk4bOEeHvoSRTujRa7de3qVKHCnFA1yY/OcSMdsYaZELHUDgE
0Zko2M4qfwqaN/1/e1kW/eYgA2u72o3owfYiQoC6/kwe8/K3oON6BrAWnb3CMfHU
XCZq2sWQq3TBLY5oDpROvZhCm2Z+/tcsy612eBD1fqQO828bQ00g325wgwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHCrMMFRRxokWJYclKBTa8MZ4CySMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzBkYzk4MzA0LTc4ZDgtNGRiZi04ZjJmLWE2MDBkOGU3MTMwMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9mAwDQYJKoZIhvcNAQELBQADggEBAHwQ3MAFPmYIHk6+GJBW
ocMbP2NMjZg3kHr+q9RMtTZZKoNDWWCMab9UGzbu/JJaU1IHrLxSuP8P6VB5ocSQ
ForO9/Qq/R5c3nxb4GtM6m2c8IoiSodxQ1MhQ4DJMGGyOv0p3tgv+EbAgnYRN8/j
Pr1bnck6yh1I2aXtXluyvLwUcI3Xi+IHlk5eP0Huu9pjetTYYC2VPkkwZT0IO6mI
BvCnTNYqhYxZk4rf71H/9g8AIbWsa7ep8+/PhdRfGyumeBqbNLACqn07SURICBTG
dRHmyprN45dJlRHlH4NjhtDWC4tqm6MT7q2/f4ZEN9cmLDLpRTqv2dxUyXwrMlqT
6Fw=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:47 2025 by rpki-client