Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10182774-601f-43d5-a7fb-f3fac8f12712.roa
File: 10182774-601f-43d5-a7fb-f3fac8f12712.roa (raw, json)
Hash identifier: hqjWydHhNIqbIgw/eEteYREjhA4rhoYixQVLOyqw2Yg=
Subject key identifier: E6:B4:DE:B0:2B:D9:50:37:FC:B8:FC:0A:A5:12:3E:94:46:59:66:6E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2A35DABA6B4E01E6EE3508A994015EA1B9D23F13
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10182774-601f-43d5-a7fb-f3fac8f12712.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da30:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:35:da:ba:6b:4e:01:e6:ee:35:08:a9:94:01:5e:a1:b9:d2:3f:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:bc:b2:18:28:3f:be:92:5e:4c:50:40:96:14:
c2:d7:5c:f4:29:42:3f:f5:23:be:d7:03:9c:5f:15:
7a:cf:80:98:01:1e:7b:ec:0c:9c:bd:f1:bb:80:49:
3c:dc:37:d4:75:1c:e1:dc:cf:2d:e2:76:f3:4a:59:
85:17:d1:7c:48:a8:70:46:32:e5:f3:7c:08:b0:96:
d8:6c:2f:83:f1:43:c9:7c:da:d5:43:7b:70:cc:99:
c1:8d:80:ca:ca:2b:cf:14:95:64:70:9b:27:0f:44:
84:73:0e:79:6f:91:2b:12:32:64:af:8e:7e:68:82:
63:4d:76:95:c8:03:02:5b:41:0e:de:ab:03:1d:36:
f9:1c:48:a7:47:19:60:75:71:76:9c:4f:c1:a2:4c:
15:62:50:21:a2:46:b4:b4:91:73:07:38:64:54:ac:
2d:5f:96:41:44:6d:bd:0f:56:61:6d:b0:d7:45:9f:
c0:50:92:e0:cc:7b:4c:53:30:c9:52:69:8d:24:9d:
58:4f:b6:c6:3d:76:03:66:d7:10:15:9a:95:8d:8d:
00:fb:d0:5d:ec:28:d2:68:b7:f1:1d:bd:52:9e:83:
07:17:f7:ae:6b:33:12:ce:09:61:b6:1d:b3:f5:eb:
13:52:a9:c1:1a:e6:7c:02:24:7a:15:da:8b:e4:4b:
32:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:B4:DE:B0:2B:D9:50:37:FC:B8:FC:0A:A5:12:3E:94:46:59:66:6E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/10182774-601f-43d5-a7fb-f3fac8f12712.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da30:b000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:a5:29:e8:9a:48:9e:ad:6c:2a:31:39:da:c5:8f:53:54:ad:
be:95:16:6a:96:0b:04:78:01:c1:44:61:30:d2:9e:47:84:ef:
1a:40:a3:bd:9f:e0:7f:38:17:af:5f:29:60:40:51:3e:b7:17:
09:db:72:4e:95:27:d8:9f:05:63:e2:6f:37:48:2c:51:af:78:
ef:b5:98:a5:b3:eb:19:58:20:02:ad:69:f3:cb:c6:86:a1:68:
a6:fc:ed:6f:76:d1:58:d6:c7:32:bc:22:ed:24:42:95:87:de:
5b:d4:29:b8:0f:e8:62:5c:d1:b3:57:1a:91:ff:c4:89:f3:ac:
de:11:75:f4:be:20:66:6b:52:31:75:98:4c:cc:1c:18:b4:36:
b5:dd:f5:c9:d6:42:ec:c6:07:0c:be:86:bf:dc:99:76:6f:69:
cb:d9:77:ec:89:76:95:76:7c:1d:a1:4b:e7:64:8b:82:d4:f1:
c2:a9:00:e5:68:e8:09:b6:f1:08:80:bf:fa:2a:07:34:31:d9:
a4:61:e9:2b:e8:4d:a5:d7:cd:f2:e4:fd:1f:8d:45:c3:ee:38:
f5:92:57:e0:91:85:86:1a:5d:71:5b:7e:30:17:ef:22:3f:40:
2d:a2:77:d0:31:c4:1c:10:49:31:91:0d:8c:7c:81:ce:ef:43:
d1:52:40:ed
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUKjXaumtOAebuNQiplAFeobnSPxMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwODAwMDAwMFoX
DTI1MDIxMjIzNTk1OVowejFJMEcGA1UEBRNAYzIxOGJiNTM5ZTJmNzY4MGExMGZh
MTRlMmVhOTI0YjM3MTE0NWFlNjM2MWJjZjU2Y2E1ZmQ4M2ZiYWIyYjczNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7yyGCg/vpJeTFBAlhTC11z0KUI/
9SO+1wOcXxV6z4CYAR577AycvfG7gEk83DfUdRzh3M8t4nbzSlmFF9F8SKhwRjLl
83wIsJbYbC+D8UPJfNrVQ3twzJnBjYDKyivPFJVkcJsnD0SEcw55b5ErEjJkr45+
aIJjTXaVyAMCW0EO3qsDHTb5HEinRxlgdXF2nE/BokwVYlAhoka0tJFzBzhkVKwt
X5ZBRG29D1ZhbbDXRZ/AUJLgzHtMUzDJUmmNJJ1YT7bGPXYDZtcQFZqVjY0A+9Bd
7CjSaLfxHb1SnoMHF/euazMSzglhth2z9esTUqnBGuZ8AiR6FdqL5EsyxQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOa03rAr2VA3/Lj8CqUSPpRGWWZuMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzEwMTgyNzc0LTYwMWYtNDNkNS1hN2ZiLWYzZmFjOGYxMjcxMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaMLAwDQYJKoZIhvcNAQELBQADggEBAH+lKeiaSJ6tbCoxOdrF
j1NUrb6VFmqWCwR4AcFEYTDSnkeE7xpAo72f4H84F69fKWBAUT63Fwnbck6VJ9if
BWPibzdILFGveO+1mKWz6xlYIAKtafPLxoahaKb87W920VjWxzK8Iu0kQpWH3lvU
KbgP6GJc0bNXGpH/xInzrN4RdfS+IGZrUjF1mEzMHBi0NrXd9cnWQuzGBwy+hr/c
mXZvacvZd+yJdpV2fB2hS+dki4LU8cKpAOVo6Am28QiAv/oqBzQx2aRh6SvoTaXX
zfLk/R+NRcPuOPWSV+CRhYYaXXFbfjAX7yI/QC2id9AxxBwQSTGRDYx8gc7vQ9FS
QO0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:20:17 2025 by rpki-client