Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26b01a35-24ce-47cf-ab89-c7b5c276379b.roa
File: 26b01a35-24ce-47cf-ab89-c7b5c276379b.roa (raw, json)
Hash identifier: Idl2Ien7kNWWZsAj2aGGwYb03pJgHs3+mHhmZ8P9a3A=
Subject key identifier: D5:25:27:65:2E:ED:DB:F1:68:BE:C3:3F:1C:6A:3B:CA:59:73:79:0D
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6A884868DF8D060FCC6A4E5151C16ABCF00DE63C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26b01a35-24ce-47cf-ab89-c7b5c276379b.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf0:2800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:88:48:68:df:8d:06:0f:cc:6a:4e:51:51:c1:6a:bc:f0:0d:e6:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:db:d6:23:8f:ba:50:a4:69:f6:84:be:40:3a:
ec:91:0f:4f:55:ab:14:cb:d5:fe:ed:e7:5e:46:c4:
5b:e7:a1:4a:c4:73:33:26:e9:8e:55:2f:a4:85:51:
4d:5e:c9:9d:14:66:a2:42:7d:10:dc:ad:fb:88:b0:
d7:b5:f6:13:5d:cb:41:ae:d7:71:dd:59:9b:b4:6f:
04:81:59:03:b2:88:70:86:6e:70:da:7d:11:0d:13:
d3:0b:94:d3:1f:67:1f:a7:44:74:fe:f9:a6:3f:a5:
9f:18:52:6a:7c:ce:0a:ac:00:52:5a:2d:f5:c9:25:
54:e0:cf:3d:ac:ca:18:70:d3:38:07:5f:a5:eb:d3:
73:bb:2e:c3:21:1c:07:22:61:58:64:34:07:48:fe:
6d:0c:88:c6:f6:ae:35:6a:4e:ad:ba:10:6f:61:1c:
31:97:21:3c:e1:56:e7:ce:1b:42:5a:1a:4e:0c:fa:
61:4c:6e:74:0e:71:4d:fe:bb:89:0e:07:84:2b:2f:
ca:a0:dc:5e:42:fc:a9:e5:54:85:33:69:27:11:32:
3a:f3:8a:ee:cd:46:19:2c:72:b7:83:0a:fa:38:c3:
1b:af:63:89:7d:c5:72:fd:3b:38:e4:93:00:f1:ad:
0c:18:4b:0d:da:49:46:1d:d2:d6:f5:d1:14:b0:d8:
e8:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:25:27:65:2E:ED:DB:F1:68:BE:C3:3F:1C:6A:3B:CA:59:73:79:0D
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26b01a35-24ce-47cf-ab89-c7b5c276379b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf0:2800::/40
Signature Algorithm: sha256WithRSAEncryption
09:02:46:d7:2e:ee:80:16:d2:0e:3f:bc:35:d5:98:e4:76:8c:
4e:62:55:31:96:e0:ff:bd:eb:db:f0:20:47:4b:e4:b3:9a:51:
ab:ec:99:40:e2:e7:d3:c4:7b:95:bc:4d:f7:78:a4:b9:93:d8:
e3:5f:63:d8:c2:25:37:5b:10:4f:4d:fe:49:a9:fc:39:57:24:
16:40:9c:5b:e5:ef:05:05:49:e4:24:3c:91:d5:89:85:97:34:
8b:19:86:fb:b1:c9:54:18:e5:d7:7b:eb:c1:7e:a5:04:f5:c6:
f6:48:12:7d:fc:31:f5:14:4e:7b:f6:81:26:88:b5:06:7a:41:
f8:76:82:72:ec:94:6e:6b:84:dd:47:c5:9f:18:e3:68:15:d4:
db:22:1e:9c:e2:aa:1d:49:72:2e:15:e8:03:e0:f5:3e:df:a8:
39:a4:f7:be:d3:f1:9f:50:72:27:2d:9c:cf:a9:78:c1:7e:d5:
56:18:3d:86:b1:d2:04:6b:f8:8a:ec:11:67:52:74:be:4f:7b:
71:81:b6:ca:e3:44:6d:0b:71:dd:e0:8c:10:cd:f2:22:fe:11:
b1:ff:f5:1f:9d:da:c8:ca:e3:0d:75:80:dc:a3:2f:ca:17:d8:
17:e8:b5:51:6b:4c:c0:c6:68:e1:92:1d:01:fd:42:da:9c:8e:
9f:91:85:11
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUaohIaN+NBg/Mak5RUcFqvPAN5jwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAZDRmMzY2NGY3Y2Y3NjBmZjhiMmI2
MjBhYjY3YWRiZWE4MWIyZjA5ZjQyYjQ1OTg1YTczNDRjYTg1OWZiNDExNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqNvWI4+6UKRp9oS+QDrskQ9PVasU
y9X+7edeRsRb56FKxHMzJumOVS+khVFNXsmdFGaiQn0Q3K37iLDXtfYTXctBrtdx
3VmbtG8EgVkDsohwhm5w2n0RDRPTC5TTH2cfp0R0/vmmP6WfGFJqfM4KrABSWi31
ySVU4M89rMoYcNM4B1+l69Nzuy7DIRwHImFYZDQHSP5tDIjG9q41ak6tuhBvYRwx
lyE84VbnzhtCWhpODPphTG50DnFN/ruJDgeEKy/KoNxeQvyp5VSFM2knETI684ru
zUYZLHK3gwr6OMMbr2OJfcVy/Ts45JMA8a0MGEsN2klGHdLW9dEUsNjo4QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNUlJ2Uu7dvxaL7DPxxqO8pZc3kNMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI2YjAxYTM1LTI0Y2UtNDdjZi1hYjg5LWM3YjVjMjc2Mzc5Yi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8CgwDQYJKoZIhvcNAQELBQADggEBAAkCRtcu7oAW0g4/vDXV
mOR2jE5iVTGW4P+969vwIEdL5LOaUavsmUDi59PEe5W8Tfd4pLmT2ONfY9jCJTdb
EE9N/kmp/DlXJBZAnFvl7wUFSeQkPJHViYWXNIsZhvuxyVQY5dd768F+pQT1xvZI
En38MfUUTnv2gSaItQZ6Qfh2gnLslG5rhN1HxZ8Y42gV1NsiHpziqh1Jci4V6APg
9T7fqDmk977T8Z9QcictnM+peMF+1VYYPYax0gRr+IrsEWdSdL5Pe3GBtsrjRG0L
cd3gjBDN8iL+EbH/9R+d2sjK4w11gNyjL8oX2BfotVFrTMDGaOGSHQH9Qtqcjp+R
hRE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:07:49 2025 by rpki-client