Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4446f271-be12-4319-a620-28e5c3c29271.roa
File: 4446f271-be12-4319-a620-28e5c3c29271.roa (raw, json)
Hash identifier: upUOQ6FbVdTfNXabZgyJyN2UuTwY4jNlUyBOBMOvxt8=
Subject key identifier: 84:E6:B8:E7:B8:05:BC:CB:1F:01:8D:37:61:AD:21:DA:BB:BC:DF:2C
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 511713BB1CDEA1B5D83B5DE0CBFD1BF71931A6AD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4446f271-be12-4319-a620-28e5c3c29271.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da36:e000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:17:13:bb:1c:de:a1:b5:d8:3b:5d:e0:cb:fd:1b:f7:19:31:a6:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:ed:ab:9b:09:9a:ab:32:d8:19:db:10:d4:3d:
a0:6a:bb:9a:0a:cf:ed:e7:ff:53:47:c0:d4:6d:fc:
4e:5f:47:92:04:d8:1d:77:53:17:75:73:40:64:cd:
84:b4:d2:16:c3:33:de:ad:ee:e8:8d:08:7a:0f:dd:
03:ad:49:85:f2:89:e4:b4:49:dc:0f:7e:5d:8a:b1:
5e:5e:24:f5:bf:a4:4c:4b:f8:93:6f:88:72:87:1f:
8e:04:37:4e:85:9a:4d:e6:56:7c:4d:48:9d:6c:ca:
2d:6e:4e:c5:bd:29:a8:fd:d8:e6:14:45:a1:61:0b:
c8:5e:55:20:8b:99:94:2e:5c:9c:7c:af:03:f9:36:
16:0d:6f:a2:ec:ca:0a:0c:fb:fe:5f:e7:95:01:83:
94:e5:0c:c3:a3:1b:70:ab:32:9b:cd:f8:8d:14:94:
94:8c:a4:09:e0:6e:22:7a:6b:ef:63:b5:c7:35:49:
4a:a1:ef:8a:35:3e:95:e0:3e:49:2d:8c:48:15:c4:
a7:61:a1:d6:15:70:e1:d7:56:19:86:20:a2:64:be:
73:87:c4:f0:37:5d:20:91:5c:4e:83:b3:0a:b5:ee:
65:c2:88:5f:c2:9e:d2:b2:aa:5e:58:9e:62:97:0b:
3b:55:b6:6c:db:60:14:c7:7a:a1:bf:49:62:4a:ac:
2d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E6:B8:E7:B8:05:BC:CB:1F:01:8D:37:61:AD:21:DA:BB:BC:DF:2C
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4446f271-be12-4319-a620-28e5c3c29271.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da36:e000::/40
Signature Algorithm: sha256WithRSAEncryption
5c:44:01:57:28:0c:6f:ac:2a:06:fe:db:3d:37:b8:96:c3:2e:
d5:a8:c9:0b:de:ad:06:a3:f0:17:2a:c9:cb:da:c3:72:01:33:
eb:d9:f1:20:40:f4:ac:28:a4:98:48:d6:02:75:71:57:6f:ba:
12:3a:a0:47:66:5a:ba:ab:0c:6a:49:f5:8f:96:0b:7d:0d:82:
78:f0:19:cf:91:9a:1b:97:56:c3:27:36:b4:19:f6:a3:83:fc:
97:b5:e5:e8:a5:9f:ca:e4:91:a1:d0:3e:fc:a2:98:ba:ad:a8:
11:02:68:ec:fb:e4:8d:4e:79:1b:34:e6:c7:e6:d5:17:b5:e4:
30:1c:16:ed:de:73:c6:61:56:fb:6b:f5:fc:6e:04:7e:7f:f5:
42:e4:49:ab:2e:2f:65:8f:c4:0a:40:d0:4e:71:fd:62:77:f2:
7b:ef:7f:10:07:b3:d8:c3:3c:1e:16:60:3e:25:62:30:e3:e6:
9b:97:e9:49:b4:14:80:eb:07:08:1f:27:5b:e1:b2:b4:4d:e4:
04:81:29:a0:da:4a:af:7f:cb:13:2b:32:46:bf:28:04:23:24:
70:79:e7:c9:50:df:25:e0:db:b0:5a:40:2f:ba:a3:98:3b:e4:
e8:29:bb:c4:cc:9b:7a:79:41:c5:46:a8:96:07:c6:63:81:d1:
b2:08:46:5f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUURcTuxzeobXYO13gy/0b9xkxpq0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNANmJiOTVkZjZmMmJiMmY2MzMyMDMx
OTg4ZDQwZTQyMTdjOGU4NmE2ZWUxODRlZmZhMGYyODE4OTZmNjAzZmFjZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2+2rmwmaqzLYGdsQ1D2garuaCs/t
5/9TR8DUbfxOX0eSBNgdd1MXdXNAZM2EtNIWwzPere7ojQh6D90DrUmF8onktEnc
D35dirFeXiT1v6RMS/iTb4hyhx+OBDdOhZpN5lZ8TUidbMotbk7FvSmo/djmFEWh
YQvIXlUgi5mULlycfK8D+TYWDW+i7MoKDPv+X+eVAYOU5QzDoxtwqzKbzfiNFJSU
jKQJ4G4iemvvY7XHNUlKoe+KNT6V4D5JLYxIFcSnYaHWFXDh11YZhiCiZL5zh8Tw
N10gkVxOg7MKte5lwohfwp7SsqpeWJ5ilws7VbZs22AUx3qhv0liSqwtDQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFITmuOe4BbzLHwGNN2GtIdq7vN8sMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQ0NDZmMjcxLWJlMTItNDMxOS1hNjIwLTI4ZTVjM2MyOTI3MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaNuAwDQYJKoZIhvcNAQELBQADggEBAFxEAVcoDG+sKgb+2z03
uJbDLtWoyQverQaj8Bcqycvaw3IBM+vZ8SBA9KwopJhI1gJ1cVdvuhI6oEdmWrqr
DGpJ9Y+WC30NgnjwGc+RmhuXVsMnNrQZ9qOD/Je15eiln8rkkaHQPvyimLqtqBEC
aOz75I1OeRs05sfm1Re15DAcFu3ec8ZhVvtr9fxuBH5/9ULkSasuL2WPxApA0E5x
/WJ38nvvfxAHs9jDPB4WYD4lYjDj5puX6Um0FIDrBwgfJ1vhsrRN5ASBKaDaSq9/
yxMrMka/KAQjJHB558lQ3yXg27BaQC+6o5g75Ogpu8TMm3p5QcVGqJYHxmOB0bII
Rl8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:42 2025 by rpki-client