Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e4314c2-e58e-41d0-8f41-07c28566af35.roa
File: 0e4314c2-e58e-41d0-8f41-07c28566af35.roa (raw, json)
Hash identifier: w03UhKjOw3rFUwOHv+JvA6PKY1975T0QS6CWIFzEjIc=
Subject key identifier: 65:F2:4F:AB:5F:1F:A7:DD:0F:F5:20:CF:AE:C0:FC:5C:71:3C:35:2C
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1DF0B0C25418BBD267451051C6FCA82A1667E07F
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e4314c2-e58e-41d0-8f41-07c28566af35.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:c800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:f0:b0:c2:54:18:bb:d2:67:45:10:51:c6:fc:a8:2a:16:67:e0:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:0c:aa:b7:67:67:5c:06:3c:41:e6:62:6e:43:
d9:df:e0:b7:14:54:d8:46:49:86:60:a8:7b:2d:5f:
2a:46:97:08:48:44:6d:2b:a8:f3:e3:d3:37:1b:c7:
a2:b2:c5:62:ed:37:e8:34:8c:ed:be:a7:06:f5:bf:
1e:30:d2:33:ba:c1:5f:d3:c8:3f:b5:d5:48:60:94:
ea:a0:eb:39:2d:ef:b7:29:e4:ed:74:46:b6:49:86:
60:d7:25:d6:77:a3:fb:ee:aa:9c:04:17:dc:b9:b9:
fa:a4:a8:d1:7e:da:d4:fd:dd:8f:2c:4a:b3:4c:a3:
da:ad:cb:82:d0:b5:03:11:97:30:d9:78:d1:7f:5f:
d6:96:6a:85:c4:fc:8e:63:f6:0c:96:cb:6f:42:db:
2b:18:93:4f:91:7f:fb:f9:03:e7:79:32:47:1f:1b:
de:ff:53:39:e5:91:56:4e:c3:dc:bf:45:8c:1d:72:
f2:ca:99:13:7d:0e:ce:33:c6:da:c3:35:d1:bc:53:
63:22:20:56:99:26:5c:dd:c9:3c:e3:30:d0:6f:97:
81:1f:d3:a1:2d:4c:82:9c:b1:18:ac:e7:7a:b0:39:
8b:41:9c:56:ae:b3:c6:79:2a:1a:0f:39:06:ce:59:
6e:4c:dc:cf:80:cb:2e:3f:35:7d:b2:12:08:67:b3:
77:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:F2:4F:AB:5F:1F:A7:DD:0F:F5:20:CF:AE:C0:FC:5C:71:3C:35:2C
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e4314c2-e58e-41d0-8f41-07c28566af35.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:c800::/40
Signature Algorithm: sha256WithRSAEncryption
85:a9:89:8f:cd:3b:7c:dd:45:30:b9:45:de:9a:06:84:42:6a:
bb:98:cf:50:a9:4d:7b:f1:10:a5:a3:ed:ba:3f:d2:90:15:d3:
c9:28:e8:f5:7c:29:e7:26:4c:1d:53:2b:ac:ee:c8:5d:49:36:
53:62:0a:26:25:01:1a:8a:55:03:cf:63:e1:c0:a7:79:34:81:
3a:45:20:ad:0a:27:f7:b0:17:82:ad:5a:0b:c3:e9:e3:9e:9c:
7a:cf:92:bc:89:d1:b7:5c:cc:f2:1e:6c:cd:89:d1:f4:db:ee:
38:72:7e:30:48:69:2c:f8:57:5c:bb:f3:e5:ad:af:60:d2:82:
e9:29:2e:df:ae:ae:2c:3a:5c:d5:02:28:07:ee:7f:2f:60:68:
9c:75:4d:64:e4:2e:46:81:c4:23:1b:e1:ab:aa:ad:d1:0c:dc:
b1:36:fc:83:1d:51:09:dd:a4:47:e0:d2:99:4a:e2:7d:76:4a:
5c:7f:da:95:be:16:a1:82:5a:d6:69:e3:c7:11:0e:05:03:9a:
50:1d:d8:29:a3:d0:7c:8b:2a:e7:af:8f:52:76:e8:4c:05:44:
41:2e:0b:f5:50:e6:ce:03:a0:6e:75:dd:cc:c8:e1:1e:59:2e:
28:d0:f3:5c:78:93:d4:f2:18:86:b1:a9:39:cb:39:1e:d0:a5:
3d:75:d2:a5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUHfCwwlQYu9JnRRBRxvyoKhZn4H8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIzMTAwMDAwMFoX
DTI1MDIwNDIzNTk1OVowejFJMEcGA1UEBRNAZjg3NzhmNDliNTY1ZjE0MWU2ZjU4
MjZhZmNmYmZiMWZjNzQ0ODYxYjFiNzZlN2JiZmJhNGQ5ZjNjYzRhZTc5MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtAyqt2dnXAY8QeZibkPZ3+C3FFTY
RkmGYKh7LV8qRpcISERtK6jz49M3G8eissVi7TfoNIztvqcG9b8eMNIzusFf08g/
tdVIYJTqoOs5Le+3KeTtdEa2SYZg1yXWd6P77qqcBBfcubn6pKjRftrU/d2PLEqz
TKParcuC0LUDEZcw2XjRf1/WlmqFxPyOY/YMlstvQtsrGJNPkX/7+QPneTJHHxve
/1M55ZFWTsPcv0WMHXLyypkTfQ7OM8bawzXRvFNjIiBWmSZc3ck84zDQb5eBH9Oh
LUyCnLEYrOd6sDmLQZxWrrPGeSoaDzkGzlluTNzPgMsuPzV9shIIZ7N3owIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGXyT6tfH6fdD/Ugz67A/FxxPDUsMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzBlNDMxNGMyLWU1OGUtNDFkMC04ZjQxLTA3YzI4NTY2YWYzNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/8gwDQYJKoZIhvcNAQELBQADggEBAIWpiY/NO3zdRTC5Rd6a
BoRCaruYz1CpTXvxEKWj7bo/0pAV08ko6PV8KecmTB1TK6zuyF1JNlNiCiYlARqK
VQPPY+HAp3k0gTpFIK0KJ/ewF4KtWgvD6eOenHrPkryJ0bdczPIebM2J0fTb7jhy
fjBIaSz4V1y78+Wtr2DSgukpLt+uriw6XNUCKAfufy9gaJx1TWTkLkaBxCMb4auq
rdEM3LE2/IMdUQndpEfg0plK4n12Slx/2pW+FqGCWtZp48cRDgUDmlAd2Cmj0HyL
Kuevj1J26EwFREEuC/VQ5s4DoG513czI4R5ZLijQ81x4k9TyGIaxqTnLOR7QpT11
0qU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:26:27 2025 by rpki-client