Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26ca0066-aaba-402f-bd0c-068a6d724f95.roa
File: 26ca0066-aaba-402f-bd0c-068a6d724f95.roa (raw, json)
Hash identifier: P1Wv5ahQ9gPDGqoi39pKXFzLkxztwpYrFUvuTh2FPv0=
Subject key identifier: E9:F2:4E:00:1B:55:12:BC:B0:DD:8A:BD:3B:2C:A7:4B:1C:47:93:55
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5ECA8F42779D723210E6EAC96F84CEE124298C1B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26ca0066-aaba-402f-bd0c-068a6d724f95.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da70:7000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:ca:8f:42:77:9d:72:32:10:e6:ea:c9:6f:84:ce:e1:24:29:8c:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:70:35:27:12:01:31:95:61:85:80:1a:2c:f1:
de:8f:9a:39:85:f8:d3:f0:6a:68:64:6f:76:fd:0f:
bc:88:a9:8d:b4:9b:58:50:4f:c2:38:89:a1:42:cd:
61:94:cf:2c:14:83:af:3f:52:ee:58:da:de:18:c0:
0f:d3:ea:92:da:44:c6:56:75:b9:90:5f:db:3b:79:
2b:63:52:82:fa:d6:59:f7:c4:17:7c:b6:89:fd:25:
70:18:94:b8:84:f6:f4:13:3e:32:23:42:1f:37:a6:
ce:71:62:b2:64:9b:15:b9:53:a5:ba:cd:15:8f:66:
66:80:6c:b4:df:9c:73:71:48:d1:86:6a:b3:e9:0a:
01:aa:fa:04:3e:25:07:88:cc:2d:a4:c0:00:40:93:
cd:cb:f5:62:71:2d:a9:53:16:a8:21:ec:35:d8:8e:
4c:5a:31:11:6b:24:62:13:a2:0d:ec:ba:2c:f6:5b:
0f:6f:59:a2:4f:3a:d6:60:a8:4e:aa:4c:6a:39:f4:
6d:ab:f3:cd:0a:92:3b:3c:06:90:d3:82:c1:53:d7:
0e:78:8b:93:7f:54:f4:8f:14:88:bc:81:f3:a5:66:
80:1e:69:af:87:d0:7d:9d:60:92:9d:94:31:d5:9c:
09:61:05:2b:d7:de:fe:4d:66:82:f0:53:82:8d:3f:
5d:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:F2:4E:00:1B:55:12:BC:B0:DD:8A:BD:3B:2C:A7:4B:1C:47:93:55
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/26ca0066-aaba-402f-bd0c-068a6d724f95.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da70:7000::/40
Signature Algorithm: sha256WithRSAEncryption
6c:47:46:88:49:a5:6f:0c:6b:84:2c:67:12:f6:5e:db:ab:b6:
67:c6:f9:a5:19:2c:39:d9:73:29:c7:20:9b:da:f7:7b:48:58:
03:49:38:f2:27:e1:1e:dd:0a:19:86:77:a3:21:30:3d:da:fe:
ca:20:6b:3c:41:76:31:23:1a:22:1a:7a:4f:9f:ce:29:c7:84:
7d:e8:61:ca:13:26:ac:fe:de:d4:4d:c7:ed:6d:03:95:89:fc:
43:ea:35:d4:4a:be:cc:21:5a:5c:9e:ee:24:4c:d5:5b:cf:c7:
a5:e5:c6:1d:9d:14:5a:1a:b3:3b:74:f1:30:39:5e:a9:28:38:
36:2d:e2:3a:c7:13:d7:7d:e7:fb:ed:0e:12:e7:10:ab:db:98:
dd:94:5e:91:d0:6a:9c:c8:00:fb:78:54:a6:d6:05:13:15:4a:
4a:c8:9a:5e:75:20:d4:d4:22:d3:a1:51:18:14:38:25:0b:74:
83:51:b5:7a:0e:f4:fd:7c:0f:f7:3f:0d:6a:e6:2d:f5:bc:08:
20:3d:83:6a:a3:6d:84:69:d3:36:a7:0c:de:83:eb:7b:7f:b2:
79:2f:04:be:c2:9f:f6:6b:ff:f9:79:77:3c:c9:7f:d1:f2:fb:
00:98:2b:b0:40:33:06:38:ec:0d:6e:e1:3c:00:f1:75:1d:53:
6d:ae:0b:11
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUXsqPQnedcjIQ5urJb4TO4SQpjBswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAZmI5ZWQ3YzcxNDA3ZmE0YThkYTli
ZWIxNjQzNGVjMWQ0N2U3N2I4OWUwMTllOWI2M2JjNGM3MTk5YjI4YTUyMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnA1JxIBMZVhhYAaLPHej5o5hfjT
8GpoZG92/Q+8iKmNtJtYUE/COImhQs1hlM8sFIOvP1LuWNreGMAP0+qS2kTGVnW5
kF/bO3krY1KC+tZZ98QXfLaJ/SVwGJS4hPb0Ez4yI0IfN6bOcWKyZJsVuVOlus0V
j2ZmgGy035xzcUjRhmqz6QoBqvoEPiUHiMwtpMAAQJPNy/VicS2pUxaoIew12I5M
WjERayRiE6IN7Los9lsPb1miTzrWYKhOqkxqOfRtq/PNCpI7PAaQ04LBU9cOeIuT
f1T0jxSIvIHzpWaAHmmvh9B9nWCSnZQx1ZwJYQUr197+TWaC8FOCjT9dTwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOnyTgAbVRK8sN2KvTssp0scR5NVMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI2Y2EwMDY2LWFhYmEtNDAyZi1iZDBjLTA2OGE2ZDcyNGY5NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbacHAwDQYJKoZIhvcNAQELBQADggEBAGxHRohJpW8Ma4QsZxL2
XturtmfG+aUZLDnZcynHIJva93tIWANJOPIn4R7dChmGd6MhMD3a/sogazxBdjEj
GiIaek+fzinHhH3oYcoTJqz+3tRNx+1tA5WJ/EPqNdRKvswhWlye7iRM1VvPx6Xl
xh2dFFoaszt08TA5XqkoODYt4jrHE9d95/vtDhLnEKvbmN2UXpHQapzIAPt4VKbW
BRMVSkrIml51INTUItOhURgUOCULdINRtXoO9P18D/c/DWrmLfW8CCA9g2qjbYRp
0zanDN6D63t/snkvBL7Cn/Zr//l5dzzJf9Hy+wCYK7BAMwY47A1u4TwA8XUdU22u
CxE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:47:58 2025 by rpki-client