Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e4dba79-465b-4e61-8acf-c4f517fe30a5.roa
File: 0e4dba79-465b-4e61-8acf-c4f517fe30a5.roa (raw, json)
Hash identifier: 6pfLHJ4+Y8eZegoIVEnxqeUi2jYUUn7qC/jiD5FN5CI=
Subject key identifier: 3F:72:AD:2E:BF:8E:AF:04:64:18:29:4A:C0:5C:9E:89:5C:F0:EB:6E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3CA979948BB7C32F179F1335718FE9189439BB69
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e4dba79-465b-4e61-8acf-c4f517fe30a5.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:a9:79:94:8b:b7:c3:2f:17:9f:13:35:71:8f:e9:18:94:39:bb:69
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:44:20:f8:2d:45:86:12:bf:54:cd:b1:65:d9:
d7:17:9f:2f:ae:b5:27:fc:c4:e4:9f:9e:a0:f8:56:
4a:76:01:eb:ce:c4:8b:07:a6:6e:8b:ec:72:0b:46:
93:02:a0:66:e9:7e:d7:e4:13:ba:16:ca:e9:ab:3a:
af:5a:b3:c8:5d:99:ee:eb:13:2d:4b:7e:ea:b3:f3:
a5:50:16:97:99:ec:33:d9:f2:0d:1a:76:a6:f8:3a:
f4:09:ae:e6:02:e6:55:aa:5b:57:69:1c:61:02:3b:
19:39:39:da:23:10:d9:dd:bb:fe:da:36:4a:80:4e:
b5:65:7b:a0:7e:21:9e:83:1b:45:b4:f3:95:a7:8b:
37:e9:cb:c0:1f:91:58:1c:23:00:95:18:a2:ad:93:
e1:b9:84:61:1a:1b:8c:77:75:b5:fb:b6:e4:e1:7e:
f9:94:19:0f:c5:45:12:46:4e:90:1c:02:77:92:cc:
74:da:0e:a7:dc:1a:79:fa:dd:99:2e:e4:08:27:e0:
df:3b:28:1c:5e:3e:d1:c2:4a:a8:34:d4:52:d7:a1:
c8:d9:7c:7c:d0:bc:38:de:36:e9:9b:c2:3e:dd:85:
60:49:15:71:8a:ed:1b:54:da:6a:dc:bb:47:49:a7:
f1:2b:a3:cb:49:c6:ad:80:63:87:85:e7:40:5c:b9:
8c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:72:AD:2E:BF:8E:AF:04:64:18:29:4A:C0:5C:9E:89:5C:F0:EB:6E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0e4dba79-465b-4e61-8acf-c4f517fe30a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:4000::/40
Signature Algorithm: sha256WithRSAEncryption
91:74:18:85:c7:23:7d:90:d1:ac:7f:9c:95:13:e6:30:05:a3:
bd:1f:ed:48:0b:42:00:ed:a4:03:07:08:20:7e:e9:c3:a6:b6:
00:4f:9d:99:eb:2a:3a:d8:9a:f3:7d:b3:fb:d4:42:a5:04:19:
dd:d0:5a:d6:e7:5d:d4:6c:bd:65:f9:20:25:4c:6b:a4:49:75:
a0:3a:9e:27:98:e5:7e:a3:5e:88:5c:f6:a5:10:3e:e3:b0:64:
40:81:b1:b1:47:da:88:15:6b:a1:2b:63:a2:a9:a3:39:ed:95:
08:f9:f0:d1:a5:7c:42:94:d1:f7:fd:4d:44:06:b1:3e:34:1b:
01:73:66:ed:16:89:dd:4e:bb:54:63:f6:ab:73:84:1c:36:3e:
a3:15:aa:32:74:88:bd:a1:bf:eb:e6:05:cb:d0:af:b8:b2:12:
20:48:86:a0:08:13:1c:fa:d3:94:fb:a0:13:8d:60:78:13:5e:
fb:d7:64:22:70:30:ac:9b:87:23:16:2b:48:73:c4:83:0b:c8:
4e:f5:0f:85:d9:c5:d2:0c:84:c3:bd:34:1a:1c:0e:09:29:58:
14:58:74:2c:5e:b9:79:6c:e8:b4:a3:68:bf:17:ef:eb:b0:7f:
82:66:21:f4:9b:20:ef:6f:91:2c:92:1f:61:08:0f:5e:ea:e3:
69:cd:ea:c6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUPKl5lIu3wy8XnxM1cY/pGJQ5u2kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAYjBlNDcyMjkwNThiZmYzN2E3ZWU1
ZTA3MGVhNmYzOGJmNzA5MjY4N2VkMzM5YThjNjllODAzMjA2Yjg4N2JhYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqkQg+C1FhhK/VM2xZdnXF58vrrUn
/MTkn56g+FZKdgHrzsSLB6Zui+xyC0aTAqBm6X7X5BO6FsrpqzqvWrPIXZnu6xMt
S37qs/OlUBaXmewz2fINGnam+Dr0Ca7mAuZVqltXaRxhAjsZOTnaIxDZ3bv+2jZK
gE61ZXugfiGegxtFtPOVp4s36cvAH5FYHCMAlRiirZPhuYRhGhuMd3W1+7bk4X75
lBkPxUUSRk6QHAJ3ksx02g6n3Bp5+t2ZLuQIJ+DfOygcXj7RwkqoNNRS16HI2Xx8
0Lw43jbpm8I+3YVgSRVxiu0bVNpq3LtHSafxK6PLScatgGOHhedAXLmM9QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFD9yrS6/jq8EZBgpSsBcnolc8OtuMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzBlNGRiYTc5LTQ2NWItNGU2MS04YWNmLWM0ZjUxN2ZlMzBhNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/0AwDQYJKoZIhvcNAQELBQADggEBAJF0GIXHI32Q0ax/nJUT
5jAFo70f7UgLQgDtpAMHCCB+6cOmtgBPnZnrKjrYmvN9s/vUQqUEGd3QWtbnXdRs
vWX5ICVMa6RJdaA6nieY5X6jXohc9qUQPuOwZECBsbFH2ogVa6ErY6KpozntlQj5
8NGlfEKU0ff9TUQGsT40GwFzZu0Wid1Ou1Rj9qtzhBw2PqMVqjJ0iL2hv+vmBcvQ
r7iyEiBIhqAIExz605T7oBONYHgTXvvXZCJwMKybhyMWK0hzxIMLyE71D4XZxdIM
hMO9NBocDgkpWBRYdCxeuXls6LSjaL8X7+uwf4JmIfSbIO9vkSySH2EID17q42nN
6sY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:05:06 2025 by rpki-client