Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/390b07ec-5dbd-4f87-81ae-9ed85c7be280.roa
File: 390b07ec-5dbd-4f87-81ae-9ed85c7be280.roa (raw, json)
Hash identifier: FMUk+u1NFf3Pgy2cBG2NLPaNuvVx6mE6SOKj/qcEkOQ=
Subject key identifier: 53:28:B8:46:55:53:3D:2C:7D:60:57:BD:FA:D2:55:AD:9D:CB:E0:E4
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2A1A985CC20E742B0E90122EE13E06C073356E53
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/390b07ec-5dbd-4f87-81ae-9ed85c7be280.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:1a:98:5c:c2:0e:74:2b:0e:90:12:2e:e1:3e:06:c0:73:35:6e:53
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a3:a4:0e:6d:cc:87:5b:96:2c:db:80:57:92:
42:9f:05:ed:2a:2c:fd:1e:6d:93:78:a4:72:4e:90:
b6:72:f9:ec:e3:27:b0:81:5f:5e:6d:3c:0e:f2:33:
54:ee:c4:bd:85:e1:45:98:13:fa:2b:a5:cd:e0:f4:
ad:54:01:e6:ea:36:21:20:c8:33:f7:b9:25:55:c3:
5d:cc:2c:ab:64:7f:5e:18:f8:af:b7:75:4b:bc:f1:
10:6e:83:9a:b5:50:90:7c:b1:90:26:8f:ae:ba:ae:
d3:41:05:d6:2a:7b:0c:b2:0c:a0:02:dc:5b:22:42:
1c:bf:92:10:04:9c:c3:a4:ae:4e:12:55:1b:13:34:
68:d7:34:82:35:6a:2f:3a:3c:7e:64:e6:f9:32:6e:
e2:23:ac:62:a9:d7:71:79:4b:89:af:9f:16:da:74:
5a:84:14:61:fd:7a:a0:7d:f1:b9:66:7f:52:9c:38:
25:b2:30:28:49:d2:f7:5f:19:8a:a3:90:31:4e:cb:
a0:4d:32:39:97:c6:ad:0b:5f:13:d1:d1:ca:87:45:
7c:f2:e7:e7:5c:3b:a2:e2:27:de:49:b2:ca:1c:cf:
50:61:e3:78:b4:91:e0:0a:4b:d1:f4:dd:65:9b:4f:
a5:32:a4:dd:7a:ab:e9:bd:df:36:de:5e:44:e4:53:
fd:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:28:B8:46:55:53:3D:2C:7D:60:57:BD:FA:D2:55:AD:9D:CB:E0:E4
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/390b07ec-5dbd-4f87-81ae-9ed85c7be280.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:2000::/40
Signature Algorithm: sha256WithRSAEncryption
7d:c6:34:5c:69:d4:25:87:bf:34:0b:e0:af:32:61:0d:45:1b:
8b:bc:1d:2e:e5:ff:fa:c6:54:39:8a:7f:02:50:7d:18:a3:76:
25:33:fc:ad:3e:3b:32:4b:11:49:6d:10:04:9f:b1:77:6e:e1:
45:b7:b1:5b:83:a8:1f:5e:3f:af:b4:0c:47:dc:53:66:e7:7c:
1b:fa:db:1b:4a:c1:57:26:db:3e:d5:97:cc:09:6f:f5:c8:e7:
77:41:5e:35:ef:7d:a0:ee:60:f9:7e:16:ad:11:23:33:d2:a7:
ac:08:a2:74:22:cb:b6:41:fd:c4:3d:ca:06:ae:1f:0a:1e:56:
82:0e:e5:2a:82:53:44:7c:b7:41:1c:94:d8:2d:44:0b:82:ed:
31:cb:45:4e:b0:a6:4f:6d:5c:af:f7:56:83:4f:b4:ca:39:69:
4d:d9:51:cd:af:9d:16:0d:ee:47:94:a3:6b:c2:31:43:70:3e:
22:a7:4b:51:3f:16:d1:43:10:95:69:59:f1:e8:d3:13:80:64:
44:6a:c2:dd:7c:c3:e0:f5:43:a6:e5:f6:38:15:e1:46:2f:db:
90:db:e8:60:fd:97:22:6f:b1:23:9a:4f:19:a6:20:e7:ab:99:
5d:32:19:70:3e:e2:37:4a:23:c8:77:e2:e7:8f:06:f2:b7:05:
83:36:48:97
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUKhqYXMIOdCsOkBIu4T4GwHM1blMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAYzkwYjJiZTBhZDE4NTJjODJlMmZj
YmFiOGUxMmE0ZjViNGY1YmQ0NGMzODA0ZmQ4YjNmM2M5NDdkZGMxOTc0ZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKOkDm3Mh1uWLNuAV5JCnwXtKiz9
Hm2TeKRyTpC2cvns4yewgV9ebTwO8jNU7sS9heFFmBP6K6XN4PStVAHm6jYhIMgz
97klVcNdzCyrZH9eGPivt3VLvPEQboOatVCQfLGQJo+uuq7TQQXWKnsMsgygAtxb
IkIcv5IQBJzDpK5OElUbEzRo1zSCNWovOjx+ZOb5Mm7iI6xiqddxeUuJr58W2nRa
hBRh/XqgffG5Zn9SnDglsjAoSdL3XxmKo5AxTsugTTI5l8atC18T0dHKh0V88ufn
XDui4ifeSbLKHM9QYeN4tJHgCkvR9N1lm0+lMqTdeqvpvd823l5E5FP9RQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFMouEZVUz0sfWBXvfrSVa2dy+DkMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzM5MGIwN2VjLTVkYmQtNGY4Ny04MWFlLTllZDg1YzdiZTI4MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+yAwDQYJKoZIhvcNAQELBQADggEBAH3GNFxp1CWHvzQL4K8y
YQ1FG4u8HS7l//rGVDmKfwJQfRijdiUz/K0+OzJLEUltEASfsXdu4UW3sVuDqB9e
P6+0DEfcU2bnfBv62xtKwVcm2z7Vl8wJb/XI53dBXjXvfaDuYPl+Fq0RIzPSp6wI
onQiy7ZB/cQ9ygauHwoeVoIO5SqCU0R8t0EclNgtRAuC7THLRU6wpk9tXK/3VoNP
tMo5aU3ZUc2vnRYN7keUo2vCMUNwPiKnS1E/FtFDEJVpWfHo0xOAZERqwt18w+D1
Q6bl9jgV4UYv25Db6GD9lyJvsSOaTxmmIOermV0yGXA+4jdKI8h34uePBvK3BYM2
SJc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:25 2025 by rpki-client