Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3ea6b312-7b38-4ea1-b02d-674fb5a5448e.roa
File: 3ea6b312-7b38-4ea1-b02d-674fb5a5448e.roa (raw, json)
Hash identifier: zttF2ljnAkX0qJaqsaxm3c2qiavUIvTyg46RFCF0uKE=
Subject key identifier: 33:64:63:56:92:50:4D:35:4B:73:88:F7:04:6C:0C:82:13:77:B1:E4
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 06020F6A31AFF5DF0222354FC961747D5D9065BB
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3ea6b312-7b38-4ea1-b02d-674fb5a5448e.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:c800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:02:0f:6a:31:af:f5:df:02:22:35:4f:c9:61:74:7d:5d:90:65:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:74:ba:6a:ec:8c:d5:99:72:7d:4f:27:7a:0c:
6b:68:f3:c9:2a:74:a0:0c:45:e8:86:9e:66:68:a5:
d0:cd:30:f4:d7:73:1f:79:eb:4c:7b:38:d5:7d:27:
8b:d0:8d:5e:1a:9a:4a:31:a4:f3:f6:d3:00:14:33:
80:33:cd:2d:a3:46:38:0c:c1:64:1a:64:97:27:c7:
dc:ed:72:37:be:d6:99:1c:b4:ce:40:ad:4d:8c:56:
eb:01:63:86:3d:66:2c:3b:24:d5:6f:f6:c0:02:9d:
db:78:3f:78:a7:ef:6b:84:c1:6c:ba:57:2e:bb:90:
28:c9:9c:6e:95:4e:dd:88:6e:97:65:8e:e4:4e:37:
16:b6:2f:99:02:22:70:60:a9:07:8e:8a:9c:fc:d4:
f4:c0:0f:9b:08:08:4a:26:fb:18:5a:79:e4:48:c0:
d6:2b:cc:09:bb:dd:3c:37:0d:11:d0:91:01:94:d6:
5b:bd:b6:59:4b:1f:12:76:0f:bd:a0:52:2e:bf:2c:
1f:c5:3b:38:7c:f3:5e:e2:ef:45:1b:78:50:8d:e3:
b4:7d:18:33:44:fb:b1:91:00:22:ba:4c:a0:cf:3c:
18:3d:1a:f6:bf:1b:4b:5f:72:ae:f5:41:56:cf:a0:
20:53:3c:79:05:e2:ca:9a:09:0c:f7:73:ac:41:d1:
48:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:64:63:56:92:50:4D:35:4B:73:88:F7:04:6C:0C:82:13:77:B1:E4
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3ea6b312-7b38-4ea1-b02d-674fb5a5448e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:c800::/40
Signature Algorithm: sha256WithRSAEncryption
7b:39:ac:04:ae:79:f5:c7:7c:13:08:33:cb:62:43:53:7d:13:
e6:c2:3c:c7:d8:08:3f:a8:bb:94:58:28:1f:57:4b:5f:cb:25:
29:c1:aa:49:6f:f8:21:6e:93:92:d2:f0:4a:ea:6d:95:05:aa:
77:e5:c7:7f:cb:64:fb:29:5e:30:6c:0c:04:50:47:47:89:04:
8e:39:7c:82:8c:62:b9:85:d8:76:17:af:33:69:b6:9c:a9:fc:
39:c5:ca:b3:a5:11:89:7c:95:27:1a:47:0a:92:1a:f8:71:72:
72:4c:02:8b:d6:c1:bf:04:53:31:29:5b:4f:ed:5a:a2:ac:38:
1c:8d:7b:54:46:dd:47:4d:d4:33:09:a2:c3:f5:bb:30:04:a6:
a9:8b:7e:fa:92:96:b7:83:7a:df:ce:ad:b5:37:74:ac:b0:ab:
c5:20:0b:c9:c7:f3:f3:b7:df:22:b2:35:ae:5e:ec:8c:a0:2d:
ff:fd:63:d7:1b:60:55:7e:48:98:0d:c2:80:c0:c5:d2:4a:ef:
79:ca:bc:b0:89:2b:5b:90:31:a0:9e:be:5a:54:ff:be:ea:64:
8d:63:80:99:ca:f5:9a:1b:cc:01:4c:31:e5:8f:5c:ed:a4:1f:
3b:21:81:c5:da:ea:73:5f:03:44:6f:a8:37:48:44:18:cb:e3:
d6:0b:1a:8d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUBgIPajGv9d8CIjVPyWF0fV2QZbswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIzMTAwMDAwMFoX
DTI1MDIwNDIzNTk1OVowejFJMEcGA1UEBRNANzYzODBmZDA2YWVkZmYxNmI0MDY0
MDQxNDY2YTEzYjQzYmUyNGVhODVkZWM5NGY5ZjI0YmM1YTk1YmQzZWY4MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiHS6auyM1ZlyfU8negxraPPJKnSg
DEXohp5maKXQzTD013MfeetMezjVfSeL0I1eGppKMaTz9tMAFDOAM80to0Y4DMFk
GmSXJ8fc7XI3vtaZHLTOQK1NjFbrAWOGPWYsOyTVb/bAAp3beD94p+9rhMFsulcu
u5AoyZxulU7diG6XZY7kTjcWti+ZAiJwYKkHjoqc/NT0wA+bCAhKJvsYWnnkSMDW
K8wJu908Nw0R0JEBlNZbvbZZSx8Sdg+9oFIuvywfxTs4fPNe4u9FG3hQjeO0fRgz
RPuxkQAiukygzzwYPRr2vxtLX3Ku9UFWz6AgUzx5BeLKmgkM93OsQdFICwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDNkY1aSUE01S3OI9wRsDIITd7HkMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzNlYTZiMzEyLTdiMzgtNGVhMS1iMDJkLTY3NGZiNWE1NDQ4ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8sgwDQYJKoZIhvcNAQELBQADggEBAHs5rASuefXHfBMIM8ti
Q1N9E+bCPMfYCD+ou5RYKB9XS1/LJSnBqklv+CFuk5LS8ErqbZUFqnflx3/LZPsp
XjBsDARQR0eJBI45fIKMYrmF2HYXrzNptpyp/DnFyrOlEYl8lScaRwqSGvhxcnJM
AovWwb8EUzEpW0/tWqKsOByNe1RG3UdN1DMJosP1uzAEpqmLfvqSlreDet/OrbU3
dKywq8UgC8nH8/O33yKyNa5e7IygLf/9Y9cbYFV+SJgNwoDAxdJK73nKvLCJK1uQ
MaCevlpU/77qZI1jgJnK9ZobzAFMMeWPXO2kHzshgcXa6nNfA0RvqDdIRBjL49YL
Go0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:38:36 2025 by rpki-client