Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/219aee64-c881-4b13-a416-9181a73877a8.roa
File: 219aee64-c881-4b13-a416-9181a73877a8.roa (raw, json)
Hash identifier: DRANr16sKqL2crJ4vzfBdOuqPjtakJr5pHh2TllBg9w=
Subject key identifier: 71:1A:8F:36:93:C3:BE:03:AF:36:55:6C:7F:F7:21:56:5D:89:5C:69
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 15A2BB7FF52FA63F42A83BC422C1FAAC7CE01557
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/219aee64-c881-4b13-a416-9181a73877a8.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da22:8000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:a2:bb:7f:f5:2f:a6:3f:42:a8:3b:c4:22:c1:fa:ac:7c:e0:15:57
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:61:fa:00:2e:b9:4e:88:7f:c0:5e:ff:95:a4:
8a:d2:72:a7:0a:b0:13:44:c1:ff:a9:34:fe:12:67:
03:cb:68:65:e5:6c:fe:db:29:8e:67:a4:27:7c:ee:
db:18:b4:bd:32:50:a7:8e:ce:1b:6c:7b:cd:6f:ed:
5f:a0:5a:a2:af:a4:cb:c5:f0:b8:be:f2:f5:07:91:
db:68:e4:ef:6a:a0:56:e8:4a:b6:bf:e2:bf:17:1d:
6f:90:2c:f1:11:84:cb:5b:c4:be:cc:4e:96:80:27:
ca:d2:41:bf:64:59:cd:3a:9d:a1:6c:46:20:2b:0e:
48:c9:61:1f:1d:72:d6:1a:08:2e:af:64:99:bf:47:
f9:17:99:59:58:75:81:f5:04:0f:64:75:bf:8f:85:
93:05:2e:04:b8:4d:f4:83:04:e3:d9:18:c3:16:c8:
45:07:41:ed:f8:ef:28:86:14:bd:6c:72:e9:d1:8c:
7d:47:7c:b6:74:bb:2a:e7:18:e6:72:71:fa:81:be:
b8:5b:d5:c4:ca:13:b9:07:98:31:80:d6:fc:b3:13:
92:83:ab:11:55:8b:de:7a:d5:f1:00:e0:f1:1e:0b:
cd:7c:7d:49:9f:95:1a:de:8e:53:c0:90:49:4b:33:
95:ed:d7:e0:c3:61:01:a0:f3:dd:5b:98:b9:d5:5d:
4d:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:1A:8F:36:93:C3:BE:03:AF:36:55:6C:7F:F7:21:56:5D:89:5C:69
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/219aee64-c881-4b13-a416-9181a73877a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da22:8000::/36
Signature Algorithm: sha256WithRSAEncryption
29:1e:17:9f:8f:fb:7e:fb:0b:ea:3e:63:76:5c:e0:c8:59:f4:
4a:ac:a6:85:74:05:30:6a:e5:76:9d:e7:7c:87:7a:17:a6:5a:
4b:e5:d0:79:3e:da:6e:dd:a6:ce:42:be:8a:29:48:b7:87:8c:
47:63:fe:c9:55:cc:9c:db:fe:19:0d:34:6f:f3:8e:b0:5e:66:
e9:5a:db:4f:0b:ba:a3:9e:10:ea:11:2c:78:20:3d:99:a6:c7:
92:07:96:82:39:a2:bb:56:0b:bb:3b:b5:6b:4b:26:14:18:2b:
b8:83:94:90:91:34:20:24:6f:9c:da:7d:5f:4d:c1:5f:4a:d9:
b6:01:d8:30:d1:ca:9b:2d:45:5a:8b:e3:12:fc:d4:9b:56:dc:
1d:2f:d8:4c:2d:47:b9:59:5e:59:24:7e:29:3c:77:e3:6c:b7:
3e:98:56:1c:96:cf:38:83:21:04:25:9e:69:19:d6:6d:21:47:
fd:ee:f6:7b:bd:1c:ef:89:36:54:cc:77:df:55:50:ff:bc:bd:
53:9b:37:84:8f:70:1d:4b:a6:33:9f:85:6a:89:d7:45:c0:63:
54:cf:9e:89:02:16:2e:b1:3d:ac:8e:59:d8:06:6c:9f:77:95:
08:a4:0d:35:ee:63:0a:8e:c9:33:ac:ad:ca:fa:e6:2a:a8:f4:
38:1a:b6:0e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFaK7f/Uvpj9CqDvEIsH6rHzgFVcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAYTEzYWM4MDY4NmY3OTg2NjliOWMz
NGVlZjFjZDE3NjEyMGExMzQ2NjU2YTVhMTA2YTBmMjVlYzUxYzc5ZGIyMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyWH6AC65Toh/wF7/laSK0nKnCrAT
RMH/qTT+EmcDy2hl5Wz+2ymOZ6QnfO7bGLS9MlCnjs4bbHvNb+1foFqir6TLxfC4
vvL1B5HbaOTvaqBW6Eq2v+K/Fx1vkCzxEYTLW8S+zE6WgCfK0kG/ZFnNOp2hbEYg
Kw5IyWEfHXLWGggur2SZv0f5F5lZWHWB9QQPZHW/j4WTBS4EuE30gwTj2RjDFshF
B0Ht+O8ohhS9bHLp0Yx9R3y2dLsq5xjmcnH6gb64W9XEyhO5B5gxgNb8sxOSg6sR
VYveetXxAODxHgvNfH1Jn5Ua3o5TwJBJSzOV7dfgw2EBoPPdW5i51V1NYwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHEajzaTw74DrzZVbH/3IVZdiVxpMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzIxOWFlZTY0LWM4ODEtNGIxMy1hNDE2LTkxODFhNzM4NzdhOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaIoAwDQYJKoZIhvcNAQELBQADggEBACkeF5+P+377C+o+Y3Zc
4MhZ9EqspoV0BTBq5Xad53yHehemWkvl0Hk+2m7dps5CvoopSLeHjEdj/slVzJzb
/hkNNG/zjrBeZula208LuqOeEOoRLHggPZmmx5IHloI5ortWC7s7tWtLJhQYK7iD
lJCRNCAkb5zafV9NwV9K2bYB2DDRypstRVqL4xL81JtW3B0v2EwtR7lZXlkkfik8
d+Nstz6YVhyWzziDIQQlnmkZ1m0hR/3u9nu9HO+JNlTMd99VUP+8vVObN4SPcB1L
pjOfhWqJ10XAY1TPnokCFi6xPayOWdgGbJ93lQikDTXuYwqOyTOsrcr65iqo9Dga
tg4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:19:21 2025 by rpki-client