Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19de68e3-844e-4e33-81b6-5c5926e46f23.roa
File: 19de68e3-844e-4e33-81b6-5c5926e46f23.roa (raw, json)
Hash identifier: akeOPfeU/XOP5AmXcWkF1W9Y3VQgJdU7NqeAwrlvllg=
Subject key identifier: B7:22:F9:19:6A:A0:5E:2A:66:17:38:38:82:0B:2F:8B:0B:D1:A6:20
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 14CF165FA07D70A0585C566DD188284D6866E650
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19de68e3-844e-4e33-81b6-5c5926e46f23.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:cf:16:5f:a0:7d:70:a0:58:5c:56:6d:d1:88:28:4d:68:66:e6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:1c:9d:32:93:28:c8:75:41:78:f8:9f:4b:c4:
ee:94:15:74:81:04:e7:30:48:d2:9e:eb:5a:eb:35:
be:25:28:16:53:ea:a4:49:6d:c0:fa:93:eb:39:43:
0d:1e:0d:04:b6:c2:61:f1:ae:32:99:e6:7c:bb:4f:
98:ad:3e:a9:6a:0d:d5:56:e7:ad:ed:e9:d3:44:4a:
11:1a:3c:6b:f0:e4:6d:a6:34:cc:95:de:a1:84:f1:
78:dc:da:62:c6:e8:67:8e:83:c3:f0:5c:96:62:ae:
8c:89:31:e3:0f:db:5e:4d:7b:3c:1e:7b:cf:71:57:
77:62:e6:85:36:97:29:ba:86:57:7f:8f:ea:8a:5e:
82:34:9e:63:d8:6e:cd:39:ed:e7:44:0a:ed:94:e9:
72:8f:d0:bd:6a:9d:55:f7:a6:6f:1b:52:13:58:f0:
8d:a6:11:b8:10:a9:35:54:6e:ee:26:39:86:0c:78:
18:e9:61:a1:f2:09:af:e0:b7:f8:1f:69:4b:a9:d2:
e2:ef:83:3c:90:65:f1:d9:c7:db:db:61:6a:e8:f1:
33:f6:e5:a5:88:aa:57:37:38:d1:8d:91:f3:5f:e3:
2c:2a:18:11:ee:77:68:c5:ed:f6:ff:25:84:78:f9:
ad:e0:5d:dd:d7:d7:7a:4f:87:a1:84:2d:97:39:5d:
88:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B7:22:F9:19:6A:A0:5E:2A:66:17:38:38:82:0B:2F:8B:0B:D1:A6:20
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/19de68e3-844e-4e33-81b6-5c5926e46f23.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:b000::/40
Signature Algorithm: sha256WithRSAEncryption
2c:61:8a:88:cf:77:2a:a1:e6:75:ed:3a:03:6b:88:f0:0e:a7:
14:11:34:3f:5b:37:00:fd:e8:a6:b7:cd:33:e8:37:36:0e:1d:
d5:1d:e1:7c:b5:c0:aa:84:c4:38:d1:2d:8b:40:20:7b:b6:0a:
89:86:e9:f9:d6:67:55:b8:32:10:20:0b:a8:dd:ae:99:40:2c:
e5:ba:f9:b3:97:16:a7:6f:9a:af:8c:54:88:64:82:c4:49:b3:
29:f0:ff:66:22:a5:78:00:e4:d7:86:c1:ef:f6:20:0a:fc:e8:
ec:1f:79:fe:37:77:bc:98:cf:c2:78:48:5a:59:d5:c4:71:15:
85:92:c7:10:40:de:54:12:54:71:d5:f2:6e:ec:41:6b:aa:88:
f7:35:ae:51:d6:93:6d:f3:49:0d:81:17:f0:de:0c:59:99:f8:
2f:5c:49:fa:23:13:b8:36:12:2f:02:86:12:d7:74:8c:72:72:
3f:97:61:b6:c0:7e:60:75:c1:79:ad:81:87:e2:3e:e5:e3:bb:
fb:43:91:27:8a:90:19:d9:6f:bb:0e:f1:6b:6d:ef:16:ba:20:
1b:06:3f:7c:3b:27:07:74:25:b3:90:30:42:cb:19:34:e1:ea:
45:52:07:34:f0:22:be:27:45:7e:9a:2d:81:bc:50:dd:3d:b7:
6d:43:e0:b0
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFM8WX6B9cKBYXFZt0YgoTWhm5lAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAZTA5Y2I0ZGYzYTdkYzY3ZWE4NTQ3
NDljNDRhNDdmYTIyNjAwNDVlZjdjY2YyNzIzYmNlZDA3ZDFjNzNmZjRkZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzxydMpMoyHVBePifS8TulBV0gQTn
MEjSnuta6zW+JSgWU+qkSW3A+pPrOUMNHg0EtsJh8a4ymeZ8u0+YrT6pag3VVuet
7enTREoRGjxr8ORtpjTMld6hhPF43NpixuhnjoPD8FyWYq6MiTHjD9teTXs8HnvP
cVd3YuaFNpcpuoZXf4/qil6CNJ5j2G7NOe3nRArtlOlyj9C9ap1V96ZvG1ITWPCN
phG4EKk1VG7uJjmGDHgY6WGh8gmv4Lf4H2lLqdLi74M8kGXx2cfb22Fq6PEz9uWl
iKpXNzjRjZHzX+MsKhgR7ndoxe32/yWEePmt4F3d19d6T4ehhC2XOV2IYQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLci+RlqoF4qZhc4OIILL4sL0aYgMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzE5ZGU2OGUzLTg0NGUtNGUzMy04MWI2LTVjNTkyNmU0NmYyMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9LAwDQYJKoZIhvcNAQELBQADggEBACxhiojPdyqh5nXtOgNr
iPAOpxQRND9bNwD96Ka3zTPoNzYOHdUd4Xy1wKqExDjRLYtAIHu2ComG6fnWZ1W4
MhAgC6jdrplALOW6+bOXFqdvmq+MVIhkgsRJsynw/2YipXgA5NeGwe/2IAr86Owf
ef43d7yYz8J4SFpZ1cRxFYWSxxBA3lQSVHHV8m7sQWuqiPc1rlHWk23zSQ2BF/De
DFmZ+C9cSfojE7g2Ei8ChhLXdIxycj+XYbbAfmB1wXmtgYfiPuXju/tDkSeKkBnZ
b7sO8Wtt7xa6IBsGP3w7Jwd0JbOQMELLGTTh6kVSBzTwIr4nRX6aLYG8UN09t21D
4LA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:04:20 2025 by rpki-client