Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15b5f216-60e3-4b03-97f3-40e4b5d1e247.roa
File: 15b5f216-60e3-4b03-97f3-40e4b5d1e247.roa (raw, json)
Hash identifier: PHguLxW+uS3vOGXlxLstYmErXj2+3PMb5ZKAUVG6vfc=
Subject key identifier: B3:6A:C1:65:A2:7A:76:17:0C:7E:FF:B3:31:68:D0:F2:81:E2:80:23
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7A4C93CCBFE9744D847150B81FC2D1622915B4AA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15b5f216-60e3-4b03-97f3-40e4b5d1e247.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf6:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:4c:93:cc:bf:e9:74:4d:84:71:50:b8:1f:c2:d1:62:29:15:b4:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:21:28:9f:8f:0c:aa:3b:83:d5:59:aa:9e:b5:
b9:9b:bb:6a:50:99:b2:c8:c1:1c:b2:6f:30:f8:b2:
8a:56:46:7d:fb:2e:74:86:49:c0:f9:e4:ca:06:bf:
2b:89:8a:62:cb:da:0a:03:76:e0:0f:8a:16:81:9e:
4b:e8:74:08:24:e0:1e:1e:e2:67:83:de:7d:87:67:
6b:8d:f8:2c:43:fe:fe:ec:c5:af:c8:f7:d9:a2:0c:
62:2d:9b:ee:ee:6d:61:9c:a9:51:f7:64:a0:32:ea:
8c:7c:40:13:b3:72:8f:de:14:d3:b9:d7:dd:96:ea:
39:43:41:b5:70:eb:14:ee:75:c1:29:8a:5d:e2:1a:
f9:a6:31:b6:08:c7:28:2b:73:0f:a8:54:10:c1:9d:
8a:e4:08:27:ab:51:7d:3e:f3:e2:56:8a:4a:a4:4b:
c5:18:ec:43:8f:ec:f0:62:3f:57:f2:e6:52:62:08:
17:ba:d2:46:bb:0b:a1:b2:61:9f:81:2f:21:1d:ac:
30:fb:ef:15:a2:f7:b7:2b:7c:b8:78:b6:9e:ab:dd:
80:8f:e0:be:13:8c:d7:13:2f:4d:74:8c:41:73:31:
bd:28:78:c1:30:b4:c2:76:8e:a4:e0:13:3b:5a:39:
d9:1d:f7:2a:ca:a4:08:04:f9:4a:d2:c8:ff:54:c3:
ea:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:6A:C1:65:A2:7A:76:17:0C:7E:FF:B3:31:68:D0:F2:81:E2:80:23
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/15b5f216-60e3-4b03-97f3-40e4b5d1e247.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf6:8000::/40
Signature Algorithm: sha256WithRSAEncryption
39:25:c8:75:ff:f1:ea:25:a5:1f:b0:b7:97:ae:fa:e0:3f:8d:
a2:9f:16:37:52:c3:bd:d3:5c:36:aa:67:45:0f:6f:43:66:f1:
c6:9b:76:b1:22:49:72:a4:5d:a7:10:3d:f9:49:a3:76:ec:c6:
13:a3:57:81:7c:b8:af:55:ae:b7:e6:af:a7:9a:4c:f1:23:26:
9d:27:19:73:61:b7:2d:82:2c:8b:f2:3c:05:c6:48:d4:52:45:
e7:70:23:ce:df:6d:c5:68:c1:7f:8b:ca:60:da:4c:be:98:52:
a2:ff:c9:17:bd:f3:1d:d5:b9:8b:79:9f:9c:74:8a:0a:4f:a7:
5b:59:8e:49:c9:44:6f:29:a9:21:58:3a:99:ff:80:f0:88:f6:
97:3c:bc:38:1b:e5:59:b5:f1:8f:27:61:f5:02:87:ba:a2:fd:
1d:e5:d4:47:e4:f2:cc:f2:da:8a:0e:52:14:13:ed:49:75:8b:
7c:4c:75:79:5a:c3:59:71:7d:4a:ab:91:24:8c:f1:af:f8:f1:
28:10:17:a7:33:fc:5c:8f:59:76:f1:35:91:73:c0:6c:59:8a:
17:7a:d4:b5:39:30:31:52:37:52:d7:21:7c:c5:b3:4a:2f:b5:
37:14:3a:87:13:87:f6:fb:eb:2f:7d:dd:ef:43:1f:fe:65:34:
4b:72:ec:42
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUekyTzL/pdE2EcVC4H8LRYikVtKowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNzAwMDAwMFoX
DTI1MDEyMTIzNTk1OVowejFJMEcGA1UEBRNAYTFkYmE5N2E1NDMwNjJkMTliNTcz
NWY4NGRjN2MyMjljYTM5NmU2ODBhZjRkOGQzNDE4MWIwMDgyNGZjMzkzYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1yEon48MqjuD1VmqnrW5m7tqUJmy
yMEcsm8w+LKKVkZ9+y50hknA+eTKBr8riYpiy9oKA3bgD4oWgZ5L6HQIJOAeHuJn
g959h2drjfgsQ/7+7MWvyPfZogxiLZvu7m1hnKlR92SgMuqMfEATs3KP3hTTudfd
luo5Q0G1cOsU7nXBKYpd4hr5pjG2CMcoK3MPqFQQwZ2K5Agnq1F9PvPiVopKpEvF
GOxDj+zwYj9X8uZSYggXutJGuwuhsmGfgS8hHaww++8Vove3K3y4eLaeq92Aj+C+
E4zXEy9NdIxBczG9KHjBMLTCdo6k4BM7WjnZHfcqyqQIBPlK0sj/VMPquQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLNqwWWienYXDH7/szFo0PKB4oAjMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzE1YjVmMjE2LTYwZTMtNGIwMy05N2YzLTQwZTRiNWQxZTI0Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9oAwDQYJKoZIhvcNAQELBQADggEBADklyHX/8eolpR+wt5eu
+uA/jaKfFjdSw73TXDaqZ0UPb0Nm8cabdrEiSXKkXacQPflJo3bsxhOjV4F8uK9V
rrfmr6eaTPEjJp0nGXNhty2CLIvyPAXGSNRSRedwI87fbcVowX+LymDaTL6YUqL/
yRe98x3VuYt5n5x0igpPp1tZjknJRG8pqSFYOpn/gPCI9pc8vDgb5Vm18Y8nYfUC
h7qi/R3l1Efk8szy2ooOUhQT7Ul1i3xMdXlaw1lxfUqrkSSM8a/48SgQF6cz/FyP
WXbxNZFzwGxZihd61LU5MDFSN1LXIXzFs0ovtTcUOocTh/b76y993e9DH/5lNEty
7EI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:23 2025 by rpki-client