Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25baa77a-b09f-47d1-b869-2a366621789a.roa
File: 25baa77a-b09f-47d1-b869-2a366621789a.roa (raw, json)
Hash identifier: Caj+HkbnRPp4ClQW6nbLIQqCYhMR+Bm/Mgq8H/ykrwg=
Subject key identifier: 4D:E0:A5:75:69:23:29:6A:84:BE:C2:5B:7E:20:29:AB:D8:E4:B8:EA
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1913C315AC795C99B3F71E43C37C879818186980
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25baa77a-b09f-47d1-b869-2a366621789a.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafc:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:13:c3:15:ac:79:5c:99:b3:f7:1e:43:c3:7c:87:98:18:18:69:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:12:f4:ed:c4:19:69:ff:86:51:8f:b4:45:cf:
f7:e6:db:bd:89:d6:f8:87:3e:a8:87:b9:b1:6b:91:
8c:2e:55:96:e6:03:c2:14:91:61:03:b1:3e:e1:c8:
ef:2a:27:e5:de:6b:a4:37:23:10:e1:cf:ad:92:38:
04:68:5a:c1:8e:c4:ad:44:2d:05:b6:8e:64:fb:10:
5b:f3:e4:af:19:f5:ac:94:b0:70:fb:02:5e:d8:1e:
35:fc:3d:7d:a1:1d:1c:b2:cd:b8:8d:3c:98:46:b5:
24:26:bf:27:c3:89:d6:f8:6c:52:fe:ef:e9:61:5a:
7c:cd:03:2a:b7:98:0d:6b:0c:ea:a2:e7:b1:bd:79:
77:fb:45:18:6c:46:19:44:4e:76:ce:b0:5e:b9:61:
58:8f:8b:d1:c8:41:29:0d:dd:0e:74:c8:0b:d6:73:
1d:d2:1c:53:47:fb:27:e4:bd:c3:81:92:e7:61:01:
61:9d:ba:a0:92:ff:b4:f1:c5:80:52:39:7a:7e:47:
6e:87:02:9e:00:71:a0:49:e1:c7:b3:ab:07:04:2a:
12:25:1b:88:77:98:fe:c0:e6:9e:9a:f3:a0:01:d5:
8b:09:af:3c:82:ac:18:a1:28:39:bd:45:24:9d:cd:
8f:e2:51:78:52:ea:5b:88:84:a0:38:dc:4d:c4:cd:
07:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E0:A5:75:69:23:29:6A:84:BE:C2:5B:7E:20:29:AB:D8:E4:B8:EA
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/25baa77a-b09f-47d1-b869-2a366621789a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafc:4000::/40
Signature Algorithm: sha256WithRSAEncryption
61:0f:10:10:8c:b8:b5:50:19:f7:d0:3c:a2:75:d1:5d:c0:5b:
f2:48:41:9a:63:c2:8e:b8:eb:73:57:eb:36:cf:fb:87:a4:ca:
18:19:9d:2f:46:97:3f:51:77:38:c6:64:e4:48:f7:e6:21:c8:
44:60:fe:67:40:5b:2c:4b:4f:f7:01:10:5c:85:e2:0e:be:69:
b6:da:fe:6e:3a:96:56:3f:9d:b1:a0:1d:c5:ce:46:84:f7:87:
b6:1e:0a:98:90:a9:c9:d7:2b:7f:0e:fa:24:47:a0:b0:37:e1:
1a:b1:b1:8f:2f:87:58:4b:56:ce:17:79:88:75:18:4d:99:34:
0f:b7:3f:06:a5:43:d8:24:40:32:43:0f:47:53:32:d6:77:15:
5a:99:49:9a:0b:d4:e0:d2:42:ef:a9:7d:67:83:71:9f:c7:a7:
f0:be:72:83:7d:4f:1f:2e:16:4a:fd:60:d6:83:a9:ef:7c:5a:
b7:17:ee:6f:8d:44:f5:ca:42:fd:52:63:14:a9:38:f3:cb:f8:
24:90:d4:1b:74:78:5d:9a:60:95:99:d9:d3:9e:7b:0d:d7:15:
c4:86:8e:23:06:7c:02:1f:f3:ce:53:02:8b:b2:f1:33:e3:7b:
86:e8:94:73:ce:d1:85:e1:0b:89:a2:28:70:64:44:a5:40:a3:
85:fe:03:ca
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUGRPDFax5XJmz9x5Dw3yHmBgYaYAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAYzFkYzBjZjkyY2M1YjM3ZjU3ZWYx
YWI4MzM3ZmExZWVjNDQwNjg2ODE1ZGM1ODdjNGY5ZTUyYzNkMGVkYTczZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjhL07cQZaf+GUY+0Rc/35tu9idb4
hz6oh7mxa5GMLlWW5gPCFJFhA7E+4cjvKifl3mukNyMQ4c+tkjgEaFrBjsStRC0F
to5k+xBb8+SvGfWslLBw+wJe2B41/D19oR0css24jTyYRrUkJr8nw4nW+GxS/u/p
YVp8zQMqt5gNawzqouexvXl3+0UYbEYZRE52zrBeuWFYj4vRyEEpDd0OdMgL1nMd
0hxTR/sn5L3DgZLnYQFhnbqgkv+08cWAUjl6fkduhwKeAHGgSeHHs6sHBCoSJRuI
d5j+wOaemvOgAdWLCa88gqwYoSg5vUUknc2P4lF4UupbiISgONxNxM0HpQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFE3gpXVpIylqhL7CW34gKavY5LjqMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI1YmFhNzdhLWIwOWYtNDdkMS1iODY5LTJhMzY2NjIxNzg5YS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/EAwDQYJKoZIhvcNAQELBQADggEBAGEPEBCMuLVQGffQPKJ1
0V3AW/JIQZpjwo6463NX6zbP+4ekyhgZnS9Glz9RdzjGZORI9+YhyERg/mdAWyxL
T/cBEFyF4g6+abba/m46llY/nbGgHcXORoT3h7YeCpiQqcnXK38O+iRHoLA34Rqx
sY8vh1hLVs4XeYh1GE2ZNA+3PwalQ9gkQDJDD0dTMtZ3FVqZSZoL1ODSQu+pfWeD
cZ/Hp/C+coN9Tx8uFkr9YNaDqe98WrcX7m+NRPXKQv1SYxSpOPPL+CSQ1Bt0eF2a
YJWZ2dOeew3XFcSGjiMGfAIf885TAouy8TPje4bolHPO0YXhC4miKHBkRKVAo4X+
A8o=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:34:53 2025 by rpki-client