Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1df0543c-4352-44e4-aa97-4a21236b6215.roa
File: 1df0543c-4352-44e4-aa97-4a21236b6215.roa (raw, json)
Hash identifier: S2YlFPzlPIHgEF39PKxeV9BvgFpK8IunDv78h3+iBYY=
Subject key identifier: 14:D3:90:41:6A:FA:57:F1:BE:39:06:0F:F4:8A:2D:77:75:C0:10:1C
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2533B2BFBD4E31EC03EDEF74AE8ADC6C85A64AC4
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1df0543c-4352-44e4-aa97-4a21236b6215.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:33:b2:bf:bd:4e:31:ec:03:ed:ef:74:ae:8a:dc:6c:85:a6:4a:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:1f:6b:99:4e:cb:96:85:13:e0:98:de:99:97:
06:aa:97:83:fb:ab:61:20:ff:6c:f4:66:99:83:7a:
19:c1:b8:ba:ad:b3:e8:41:4d:f5:bb:65:cc:22:72:
85:b3:ce:4b:27:48:00:38:d2:e6:69:35:52:e1:86:
b8:fb:2b:97:b8:69:e5:50:14:41:e0:ce:70:db:d9:
ea:e6:89:f1:e4:72:2c:d3:69:4b:4e:d8:78:b3:9c:
63:0c:32:b0:44:46:b2:f7:85:dd:c6:c7:13:71:58:
ca:89:1b:39:8e:05:b8:19:91:eb:6b:ee:a7:b0:46:
d7:95:44:c1:fe:d4:70:73:29:4e:fa:a9:d7:09:a2:
9d:c6:07:0a:50:fb:06:35:4e:c3:82:40:ad:dd:1c:
95:52:8d:6d:70:06:5b:35:29:ec:6e:da:5c:80:80:
7f:5d:5a:7e:be:e3:ea:e3:09:07:82:3b:d7:67:be:
2f:4e:e8:ed:0d:3f:a4:f0:4a:33:d2:35:5f:64:96:
69:1b:91:5b:50:70:0d:2b:fa:70:e8:cf:77:e5:9f:
29:41:d9:96:d2:b5:0f:37:74:c4:f3:99:c9:e3:1f:
dc:cb:11:35:c4:fd:ee:dd:69:e9:5a:99:58:30:b2:
82:04:ba:fa:2f:43:9d:3f:3a:c1:74:1e:93:b5:ed:
dd:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:D3:90:41:6A:FA:57:F1:BE:39:06:0F:F4:8A:2D:77:75:C0:10:1C
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1df0543c-4352-44e4-aa97-4a21236b6215.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:8000::/40
Signature Algorithm: sha256WithRSAEncryption
76:dd:59:e8:d9:fb:1f:94:1d:3a:0b:34:8d:24:d5:63:fa:d1:
16:84:ec:34:a8:99:c6:b2:44:a7:c3:0f:53:16:8b:ed:41:b1:
a7:53:b3:90:24:45:8b:69:4a:4f:80:69:5d:8f:47:ac:a1:25:
09:1b:0a:ab:0e:96:7a:8a:14:c4:db:21:b1:0f:4b:9c:84:3e:
30:1b:f8:f1:f1:d9:9b:1e:ee:2f:f5:e2:fb:70:c9:e9:7c:f1:
bb:01:b4:e8:30:07:7f:b1:30:bb:b7:75:bf:60:4f:8d:71:a9:
c3:74:bc:4d:3f:45:23:48:52:fd:54:73:22:29:e3:7f:f2:84:
52:80:86:c2:d8:88:c4:72:1a:b6:d7:16:3a:d3:83:36:b7:30:
d2:83:74:cc:7d:09:8b:83:55:79:0a:39:23:a1:df:d0:a6:8c:
d2:9e:c8:94:d6:24:22:d2:ff:a9:73:94:9c:6a:ab:cd:16:b1:
a7:e9:43:ae:68:af:c4:06:f2:3d:5b:6c:66:b2:d2:d1:90:4f:
12:29:7a:79:0f:52:43:65:46:d5:94:7a:16:98:86:62:d5:c6:
c2:ef:13:d2:36:90:16:fa:bf:6a:75:8d:4d:a3:ab:98:31:05:
29:32:1c:1f:6a:e3:1d:46:c8:d6:92:52:c5:e7:c4:26:d0:af:
a9:85:bb:04
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUJTOyv71OMewD7e90rorcbIWmSsQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNANzlmOTlmYjA0ZGRhMDJiMTNmMDM2
ZmZhYTI0ZGQxYTRkNzljM2Q0MWJiYjcxMzZmYTg5ZTY3OGQzOWNjZGUwYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7B9rmU7LloUT4JjemZcGqpeD+6th
IP9s9GaZg3oZwbi6rbPoQU31u2XMInKFs85LJ0gAONLmaTVS4Ya4+yuXuGnlUBRB
4M5w29nq5onx5HIs02lLTth4s5xjDDKwREay94XdxscTcVjKiRs5jgW4GZHra+6n
sEbXlUTB/tRwcylO+qnXCaKdxgcKUPsGNU7DgkCt3RyVUo1tcAZbNSnsbtpcgIB/
XVp+vuPq4wkHgjvXZ74vTujtDT+k8Eoz0jVfZJZpG5FbUHANK/pw6M935Z8pQdmW
0rUPN3TE85nJ4x/cyxE1xP3u3WnpWplYMLKCBLr6L0OdPzrBdB6Tte3dXQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBTTkEFq+lfxvjkGD/SKLXd1wBAcMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzFkZjA1NDNjLTQzNTItNDRlNC1hYTk3LTRhMjEyMzZiNjIxNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYIAwDQYJKoZIhvcNAQELBQADggEBAHbdWejZ+x+UHToLNI0k
1WP60RaE7DSomcayRKfDD1MWi+1BsadTs5AkRYtpSk+AaV2PR6yhJQkbCqsOlnqK
FMTbIbEPS5yEPjAb+PHx2Zse7i/14vtwyel88bsBtOgwB3+xMLu3db9gT41xqcN0
vE0/RSNIUv1UcyIp43/yhFKAhsLYiMRyGrbXFjrTgza3MNKDdMx9CYuDVXkKOSOh
39CmjNKeyJTWJCLS/6lzlJxqq80WsafpQ65or8QG8j1bbGay0tGQTxIpenkPUkNl
RtWUehaYhmLVxsLvE9I2kBb6v2p1jU2jq5gxBSkyHB9q4x1GyNaSUsXnxCbQr6mF
uwQ=
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:25:13 2025 by rpki-client