Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35bca639-71e4-47d0-9dc9-56e49e20a899.roa
File: 35bca639-71e4-47d0-9dc9-56e49e20a899.roa (raw, json)
Hash identifier: GIvAjcMVwgArcsWb/WCx+7CxRWVa/u6JNVG5/37Aarg=
Subject key identifier: 01:94:E5:FC:45:46:4C:95:39:E7:56:D6:FE:78:A2:CE:D4:BF:51:D6
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 78122374DD30D1FDD2D09C3E6B009EA93EDEBEEC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35bca639-71e4-47d0-9dc9-56e49e20a899.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab8:8800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:12:23:74:dd:30:d1:fd:d2:d0:9c:3e:6b:00:9e:a9:3e:de:be:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:d0:1a:fe:46:05:fc:e0:e7:aa:8b:f3:b3:bd:
82:63:f5:f3:3d:31:fd:7e:fe:c9:38:3f:9a:58:d2:
fd:1a:05:c4:b1:f6:4c:70:82:3e:5c:2f:4f:b9:59:
07:3c:8d:98:9b:4c:97:08:9c:f3:39:32:2f:b2:bf:
58:58:ed:3f:08:21:b1:70:6d:c3:8b:0a:02:7f:6c:
9d:dd:11:0c:b3:bd:92:aa:70:0f:69:56:f9:ca:28:
d8:07:b5:ff:bf:6c:63:82:77:61:f4:3b:21:34:ad:
d3:6c:d4:d6:e2:d0:a5:64:26:99:f1:ba:ee:cf:a6:
1d:da:9b:cf:d2:61:45:f4:b3:09:ed:9b:87:c1:b6:
2a:56:f1:f4:14:61:f4:58:92:1b:26:3e:ea:4f:9f:
91:10:a8:12:b1:9b:d1:63:ee:39:d1:0e:3a:d2:1e:
fd:f3:51:64:0e:c2:69:fc:9a:b7:5c:c6:12:a9:71:
53:91:50:8d:1b:3a:87:d3:02:5b:1c:e0:bc:74:81:
46:f7:6f:13:df:a4:66:31:ad:99:0c:0b:d7:96:55:
0f:04:b6:8d:f9:2e:1e:d1:7e:0e:50:3a:ec:99:1e:
2a:0a:d0:98:56:74:dd:e4:5c:de:ef:ae:d8:5a:e0:
25:29:73:1d:80:bc:07:20:4c:e2:c0:36:f1:e1:75:
dc:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:94:E5:FC:45:46:4C:95:39:E7:56:D6:FE:78:A2:CE:D4:BF:51:D6
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/35bca639-71e4-47d0-9dc9-56e49e20a899.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab8:8800::/40
Signature Algorithm: sha256WithRSAEncryption
4b:a3:a4:d2:e7:a2:83:39:ce:00:f1:db:83:de:3c:c3:5f:cb:
40:b2:ba:41:eb:71:03:82:bf:d5:1b:48:9b:3e:01:d8:ef:0c:
f3:7d:1d:ad:cc:66:f0:ce:a9:54:7d:84:33:71:89:56:1c:ab:
bb:97:14:79:d2:fa:7a:73:45:c6:81:f5:ed:46:01:d6:0b:63:
b6:f4:7c:48:63:e0:26:ee:88:17:39:dd:a2:13:3f:c0:2c:fe:
39:f1:ad:fe:05:54:f5:58:80:c4:3a:23:5b:0a:a6:54:38:34:
98:f4:71:c0:9d:c4:e5:cb:d2:45:bb:07:62:91:73:93:e1:37:
6a:21:0d:dc:eb:02:f7:04:a9:c6:22:35:71:03:6f:1a:98:43:
41:75:40:93:58:0e:ff:d1:b5:b1:10:7a:75:19:a2:4b:ce:da:
6f:ee:ab:88:3f:fd:64:44:71:8d:95:78:f5:cf:ed:57:55:5c:
0b:86:e7:06:6c:15:80:58:04:5d:97:7b:7b:cd:d7:dd:38:81:
89:97:ae:07:68:29:fa:2e:b0:60:68:86:71:df:bf:85:b5:71:
ce:33:29:c6:2b:c0:b0:aa:e4:b3:40:11:a1:cf:ea:af:eb:e6:
63:fc:75:8b:b5:2d:42:e3:58:52:89:c0:aa:6b:58:34:15:24:
4e:8a:de:f4
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUeBIjdN0w0f3S0Jw+awCeqT7evuwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIzMTAwMDAwMFoX
DTI1MDIwNDIzNTk1OVowejFJMEcGA1UEBRNAYTAyMjVhZGY3YWUxYzZjMWIzMjIy
OTI3MGVjNzFkZmFkNTMxY2FlZmY0NmRmZWU3Y2M3ZjdkN2RjMzg5YWQxYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAodAa/kYF/ODnqovzs72CY/XzPTH9
fv7JOD+aWNL9GgXEsfZMcII+XC9PuVkHPI2Ym0yXCJzzOTIvsr9YWO0/CCGxcG3D
iwoCf2yd3REMs72SqnAPaVb5yijYB7X/v2xjgndh9DshNK3TbNTW4tClZCaZ8bru
z6Yd2pvP0mFF9LMJ7ZuHwbYqVvH0FGH0WJIbJj7qT5+REKgSsZvRY+450Q460h79
81FkDsJp/Jq3XMYSqXFTkVCNGzqH0wJbHOC8dIFG928T36RmMa2ZDAvXllUPBLaN
+S4e0X4OUDrsmR4qCtCYVnTd5Fze767YWuAlKXMdgLwHIEziwDbx4XXcYQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAGU5fxFRkyVOedW1v54os7Uv1HWMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzM1YmNhNjM5LTcxZTQtNDdkMC05ZGM5LTU2ZTQ5ZTIwYTg5OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauIgwDQYJKoZIhvcNAQELBQADggEBAEujpNLnooM5zgDx24Pe
PMNfy0CyukHrcQOCv9UbSJs+AdjvDPN9Ha3MZvDOqVR9hDNxiVYcq7uXFHnS+npz
RcaB9e1GAdYLY7b0fEhj4CbuiBc53aITP8As/jnxrf4FVPVYgMQ6I1sKplQ4NJj0
ccCdxOXL0kW7B2KRc5PhN2ohDdzrAvcEqcYiNXEDbxqYQ0F1QJNYDv/RtbEQenUZ
okvO2m/uq4g//WREcY2VePXP7VdVXAuG5wZsFYBYBF2Xe3vN1904gYmXrgdoKfou
sGBohnHfv4W1cc4zKcYrwLCq5LNAEaHP6q/r5mP8dYu1LULjWFKJwKprWDQVJE6K
3vQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:09 2025 by rpki-client