Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19a059cd-1f45-46d0-9fec-e41f3b4c08b5.roa
File: 19a059cd-1f45-46d0-9fec-e41f3b4c08b5.roa (raw, json)
Hash identifier: rXKflUIm9V3qKU7T50d3WaMZqEm9ze8cApsV8WnJULs=
Subject key identifier: E3:E7:15:79:97:97:F9:E0:57:E9:6D:EB:CB:2A:26:16:05:05:3A:71
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0B112C4F6AF23B5F65A312864E7C45DBD0E7C567
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19a059cd-1f45-46d0-9fec-e41f3b4c08b5.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:f000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:11:2c:4f:6a:f2:3b:5f:65:a3:12:86:4e:7c:45:db:d0:e7:c5:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:0f:a4:bb:84:26:9c:cb:21:b9:ee:77:02:e3:
7e:09:7d:3c:8c:12:f7:59:8c:0d:8d:dd:ec:2a:c4:
7e:79:3e:78:7b:b0:6c:1c:30:98:47:8e:e5:44:68:
93:f0:b8:60:3e:97:b8:4f:e9:6a:8c:28:a0:e8:0e:
9d:a1:72:5a:a4:21:77:c3:93:08:aa:fb:2a:5e:d9:
5d:d2:5b:50:75:be:9d:54:15:c9:1e:00:69:80:78:
aa:6e:1f:b7:17:ff:be:48:c1:5a:1d:56:25:98:29:
91:d8:24:7a:98:c2:02:3c:84:63:22:12:c0:8d:6c:
ea:58:00:82:be:56:4f:59:d1:74:73:5e:54:29:d9:
b5:4c:68:5e:6e:24:51:aa:dd:c6:45:74:01:dd:5f:
00:60:42:f4:f0:1d:79:91:f9:1f:4e:40:7e:c9:3e:
e8:6c:a4:4c:55:24:de:9d:e8:69:cc:5e:24:e6:b9:
e7:65:ae:57:c7:5c:c6:be:e6:b3:97:44:6b:c1:f1:
f5:9c:1f:44:22:cf:f6:b3:8d:a8:bc:ed:09:67:e8:
8d:6a:15:87:3f:7d:34:bb:09:9e:dc:8a:7e:f8:f1:
54:66:46:b7:27:c7:6a:0c:69:ba:ec:f3:df:de:81:
b1:d2:fc:62:8d:c9:5c:ad:20:2c:bc:9b:e0:7d:e0:
f5:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:E7:15:79:97:97:F9:E0:57:E9:6D:EB:CB:2A:26:16:05:05:3A:71
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19a059cd-1f45-46d0-9fec-e41f3b4c08b5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:f000::/40
Signature Algorithm: sha256WithRSAEncryption
87:f7:05:56:4e:c7:87:bf:43:6c:51:a6:c6:cc:b9:6a:5a:d1:
d0:a6:1a:16:6a:80:2e:f9:f6:dd:07:02:8b:4d:2b:a3:47:6c:
0d:56:91:a7:c5:a8:b9:c3:9b:55:0f:68:6c:d5:9c:5b:01:1d:
dc:e8:4b:4b:8d:ea:87:d4:be:f0:1c:6d:59:fa:1e:64:95:47:
f3:e3:d2:d7:c4:f6:34:56:29:d3:f0:c0:f4:19:18:cc:00:cb:
93:14:b5:44:6a:a1:3a:3a:19:32:63:9a:c3:9d:6d:eb:e7:2a:
ec:a5:87:35:f9:78:ab:ab:76:f7:f5:ea:a7:cd:56:bf:1a:43:
94:a8:60:a3:9c:5e:c9:7b:f1:bb:b6:61:0f:1b:b5:97:82:d5:
b9:53:8d:f3:c5:ee:4c:fa:92:9e:8a:6a:f8:3c:8a:1b:82:15:
82:52:00:ea:f5:ff:d1:1c:10:09:70:c9:fa:8c:c2:32:c2:07:
5c:47:e3:9f:9b:e1:05:d8:9f:96:73:22:aa:aa:bd:f3:6e:66:
a2:82:57:03:fb:61:eb:27:20:3b:cb:17:55:66:eb:9e:b8:d9:
57:3f:66:e6:e3:fb:6f:d0:1b:5d:d4:59:71:3f:20:98:57:51:
b5:57:d8:11:53:49:cd:f9:1b:81:b0:4f:30:6e:2d:33:73:cf:
93:7c:a7:75
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUCxEsT2ryO19loxKGTnxF29DnxWcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAYzY3MmJhMzBlYzJlMmU4NTMwMjAw
ODVkY2MxODFjMTlhOGUzZTEzNGFmYzlkNmJhNDIxMDdhZDIyMDBhODQ4ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlw+ku4QmnMshue53AuN+CX08jBL3
WYwNjd3sKsR+eT54e7BsHDCYR47lRGiT8LhgPpe4T+lqjCig6A6doXJapCF3w5MI
qvsqXtld0ltQdb6dVBXJHgBpgHiqbh+3F/++SMFaHVYlmCmR2CR6mMICPIRjIhLA
jWzqWACCvlZPWdF0c15UKdm1TGhebiRRqt3GRXQB3V8AYEL08B15kfkfTkB+yT7o
bKRMVSTenehpzF4k5rnnZa5Xx1zGvuazl0RrwfH1nB9EIs/2s42ovO0JZ+iNahWH
P300uwme3Ip++PFUZka3J8dqDGm67PPf3oGx0vxijclcrSAsvJvgfeD1MQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOPnFXmXl/ngV+lt68sqJhYFBTpxMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzE5YTA1OWNkLTFmNDUtNDZkMC05ZmVjLWU0MWYzYjRjMDhiNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaafAwDQYJKoZIhvcNAQELBQADggEBAIf3BVZOx4e/Q2xRpsbM
uWpa0dCmGhZqgC759t0HAotNK6NHbA1WkafFqLnDm1UPaGzVnFsBHdzoS0uN6ofU
vvAcbVn6HmSVR/Pj0tfE9jRWKdPwwPQZGMwAy5MUtURqoTo6GTJjmsOdbevnKuyl
hzX5eKurdvf16qfNVr8aQ5SoYKOcXsl78bu2YQ8btZeC1blTjfPF7kz6kp6Kavg8
ihuCFYJSAOr1/9EcEAlwyfqMwjLCB1xH45+b4QXYn5ZzIqqqvfNuZqKCVwP7Yesn
IDvLF1Vm65642Vc/Zubj+2/QG13UWXE/IJhXUbVX2BFTSc35G4GwTzBuLTNzz5N8
p3U=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:22:20 2025 by rpki-client