Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/117722c6-e4ab-4a2f-a2ae-11a9762a1547.roa
File: 117722c6-e4ab-4a2f-a2ae-11a9762a1547.roa (raw, json)
Hash identifier: iplIqS/Rqp8szqm0l23e20lxxNHv6Ik7S9bRwH7QSso=
Subject key identifier: 75:E8:E4:9D:6E:73:CD:18:CC:9A:AC:14:3C:C3:63:CE:4E:60:B5:CC
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0385FCB69D028909821D00AEAFE2BCF4FEE728AB
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/117722c6-e4ab-4a2f-a2ae-11a9762a1547.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
03:85:fc:b6:9d:02:89:09:82:1d:00:ae:af:e2:bc:f4:fe:e7:28:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:59:fd:04:02:7c:21:eb:bd:f4:0c:f2:4c:1b:
14:a3:32:0e:3d:ba:3d:ed:73:7e:6b:e9:03:63:c8:
21:f1:d4:4c:ec:52:5c:e5:20:1e:cc:a6:fe:53:ef:
e5:40:9e:da:7a:b3:bc:78:b6:91:7c:7a:f3:05:9f:
9a:55:e4:76:a2:51:0b:1d:9b:1a:6f:61:ad:bd:63:
c8:8b:2e:bb:4a:e0:88:6d:7e:63:fd:aa:ac:83:9d:
f9:98:f2:b0:92:a2:be:4b:2d:5b:df:9b:d8:9c:69:
04:f3:16:70:fa:fe:69:69:e4:20:a3:c2:b8:87:c0:
cd:7f:3c:26:7f:21:d9:07:95:da:b6:d4:0e:82:47:
58:cb:08:5e:32:2e:1d:73:ca:8f:3e:e0:f8:49:f4:
be:33:de:e8:cf:09:da:26:60:4b:6c:03:80:2b:f9:
e4:a1:16:26:b1:0e:94:6f:20:23:70:03:b7:68:db:
75:bb:0e:23:72:ec:b6:a9:95:e6:18:98:6a:1e:66:
92:c5:e5:7e:40:48:9b:d8:4d:50:69:7b:a4:35:56:
8a:9c:ef:57:47:00:86:6f:05:93:6f:a5:1f:a4:6c:
61:41:5e:22:6d:36:51:a3:a7:06:d2:16:9f:3c:1b:
ff:ac:75:8a:fb:bd:34:b0:1b:d2:6b:1e:c1:c4:33:
8a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:E8:E4:9D:6E:73:CD:18:CC:9A:AC:14:3C:C3:63:CE:4E:60:B5:CC
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/117722c6-e4ab-4a2f-a2ae-11a9762a1547.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:8000::/40
Signature Algorithm: sha256WithRSAEncryption
74:a0:20:76:b2:5b:5c:c4:52:38:49:14:a5:b8:c9:38:53:bc:
56:aa:9b:eb:3d:a9:f2:da:49:1c:40:c4:8c:7b:6c:cc:e3:4b:
1d:02:46:76:17:80:1c:a4:a1:28:cf:72:65:c4:9f:bc:19:a3:
d9:28:88:33:11:07:d0:38:e1:e2:52:31:8b:e3:48:3d:08:0d:
da:a9:44:45:94:c9:ea:7e:39:82:c4:6f:2e:9e:74:92:6f:0e:
be:8f:47:3f:54:07:02:fa:3d:cf:59:1e:c9:a9:bf:7e:d7:33:
c9:21:0a:c2:0c:6f:21:a6:d6:e7:85:23:3a:d4:e3:9b:a8:74:
03:57:97:25:da:3d:ed:f6:54:a5:a1:c6:5b:1c:2f:08:b5:84:
00:7b:08:3d:9a:15:90:fe:22:c4:38:f1:0a:26:a5:7b:aa:7e:
49:46:67:15:28:d7:0b:12:28:36:60:3f:ad:1f:57:8f:d9:5c:
ae:9b:d1:82:50:2b:2a:d7:65:37:4a:74:c5:26:5b:34:3f:9d:
99:82:fe:0d:d1:c4:85:72:0d:72:9a:c0:5a:1c:95:d6:8b:f1:
08:7a:79:8a:45:0d:34:90:8f:ac:9a:77:92:2b:d0:1f:fe:45:
1f:3a:51:e9:ee:a1:f7:d9:19:a0:3a:1e:a1:43:3d:96:83:91:
66:38:77:e8
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUA4X8tp0CiQmCHQCur+K89P7nKKswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAMjg5ODYyZTQ2MjU3ZjEzYjA4MTg4
NjNlOTlmOTdkNzI4Y2FjOTYyMmY4ZWNkNmM0YzgyMjExMjhhZjg3MDdiNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArln9BAJ8Ieu99AzyTBsUozIOPbo9
7XN+a+kDY8gh8dRM7FJc5SAezKb+U+/lQJ7aerO8eLaRfHrzBZ+aVeR2olELHZsa
b2GtvWPIiy67SuCIbX5j/aqsg535mPKwkqK+Sy1b35vYnGkE8xZw+v5paeQgo8K4
h8DNfzwmfyHZB5XattQOgkdYywheMi4dc8qPPuD4SfS+M97ozwnaJmBLbAOAK/nk
oRYmsQ6UbyAjcAO3aNt1uw4jcuy2qZXmGJhqHmaSxeV+QEib2E1QaXukNVaKnO9X
RwCGbwWTb6UfpGxhQV4ibTZRo6cG0hafPBv/rHWK+700sBvSax7BxDOKvwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHXo5J1uc80YzJqsFDzDY85OYLXMMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzExNzcyMmM2LWU0YWItNGEyZi1hMmFlLTExYTk3NjJhMTU0Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYYAwDQYJKoZIhvcNAQELBQADggEBAHSgIHayW1zEUjhJFKW4
yThTvFaqm+s9qfLaSRxAxIx7bMzjSx0CRnYXgBykoSjPcmXEn7wZo9koiDMRB9A4
4eJSMYvjSD0IDdqpREWUyep+OYLEby6edJJvDr6PRz9UBwL6Pc9ZHsmpv37XM8kh
CsIMbyGm1ueFIzrU45uodANXlyXaPe32VKWhxlscLwi1hAB7CD2aFZD+IsQ48Qom
pXuqfklGZxUo1wsSKDZgP60fV4/ZXK6b0YJQKyrXZTdKdMUmWzQ/nZmC/g3RxIVy
DXKawFocldaL8Qh6eYpFDTSQj6yad5Ir0B/+RR86UenuoffZGaA6HqFDPZaDkWY4
d+g=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:14 2025 by rpki-client