Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4ba2d501-1c38-4106-bc33-e82203eb29c5.roa
File: 4ba2d501-1c38-4106-bc33-e82203eb29c5.roa (raw, json)
Hash identifier: h4yrm0K1a81v2onkuUevcrHYhZnfkeQJMax79UUs97E=
Subject key identifier: 80:4B:AE:2C:7B:E2:B5:02:3E:86:8C:14:C4:E2:DF:02:63:AD:B1:41
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7925AF739F8D0EB1807451A4D2FC7733C366F693
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4ba2d501-1c38-4106-bc33-e82203eb29c5.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:f000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:25:af:73:9f:8d:0e:b1:80:74:51:a4:d2:fc:77:33:c3:66:f6:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:e8:c7:df:90:cb:96:d7:ab:14:ad:be:ef:4b:
ca:fa:a8:8d:52:f8:2f:81:df:d0:8d:9a:f7:db:73:
c5:07:3b:b3:89:6e:06:50:80:ef:d4:28:92:b6:73:
bf:6e:a7:cc:29:a6:a8:30:77:a4:eb:3f:f8:6d:d7:
35:8a:93:25:1e:ec:1f:88:28:39:9d:ca:8e:4a:32:
7a:2b:87:1e:e7:39:4b:32:29:51:c9:7d:00:2b:ea:
96:d4:e1:8f:17:41:83:9d:40:46:e9:6b:4d:d9:dc:
4f:b8:63:62:0e:20:8c:c2:6a:bc:4d:b6:9c:c2:c1:
ea:00:52:0a:c0:eb:fa:c0:38:96:dc:0a:bf:12:7c:
d0:60:f2:96:dd:e0:d4:58:fa:45:51:3e:d6:c9:37:
6d:92:7c:d8:7e:2a:43:eb:e2:1f:21:d2:52:81:6c:
b2:bd:8b:89:dd:71:82:5c:d6:68:9a:5e:3d:14:a3:
b8:e3:00:3c:8b:3a:9e:bf:70:d0:76:03:aa:89:54:
1d:9b:50:f8:9f:2c:53:8e:24:16:48:dc:b3:36:99:
ce:ea:87:3e:a0:81:88:c5:d7:a5:c9:b1:87:a3:84:
a9:5a:27:50:5d:bf:f8:fe:ad:1f:5a:38:a7:08:a8:
04:cd:ce:b9:ba:c8:2b:2f:72:6f:74:62:ba:df:70:
12:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:4B:AE:2C:7B:E2:B5:02:3E:86:8C:14:C4:E2:DF:02:63:AD:B1:41
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4ba2d501-1c38-4106-bc33-e82203eb29c5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:f000::/40
Signature Algorithm: sha256WithRSAEncryption
8c:68:91:ac:32:34:88:f1:44:29:3b:3e:4a:e6:61:1d:ca:91:
7b:43:c2:af:2b:f0:f1:ec:11:d1:64:a3:ac:8f:51:b4:39:72:
21:f3:fc:d6:d2:85:1d:3e:16:b0:66:2f:ea:ab:61:e3:6e:57:
e8:e4:1a:86:21:49:7e:d7:12:c3:d4:66:63:b0:d8:82:45:21:
52:81:8b:95:e4:79:03:2e:9a:67:f3:87:aa:bd:42:5c:bb:76:
95:f0:7c:5a:7c:3c:bf:a9:56:1d:a4:98:e8:0e:f5:3c:7c:cf:
1e:62:16:40:25:59:a8:c2:46:b5:ca:a8:6e:96:31:31:bd:35:
99:f4:66:2b:01:2e:ca:e2:e6:d7:66:d7:58:29:be:45:11:3e:
f7:c0:3c:7b:18:61:0e:2a:26:2c:73:7e:cf:37:aa:45:a6:52:
04:e4:b0:dd:86:12:b1:e2:be:60:3d:f9:43:19:f5:0b:95:8c:
af:cb:20:81:e3:ae:ef:bd:60:9a:af:74:88:bd:7f:c6:c8:e8:
28:55:1c:bf:24:9c:96:31:2f:0a:0f:65:a8:5e:a8:ca:7d:db:
79:e5:08:46:90:fb:90:2a:f6:4d:7e:d8:a7:f9:c3:a4:af:78:
6b:8b:ff:79:a1:29:33:70:6b:a9:ae:a7:d5:0a:21:3f:cf:4c:
38:a4:9e:41
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUeSWvc5+NDrGAdFGk0vx3M8Nm9pMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAZDdmZmZiNWMzMTc0ODc1OTkzNmFi
MWQzMTI4OTM0ZTBjYmQ2MTZiOGJmMzI2OTY3MTc3MjA3NDRiZjQ2MjE4YzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0OjH35DLlterFK2+70vK+qiNUvgv
gd/QjZr323PFBzuziW4GUIDv1CiStnO/bqfMKaaoMHek6z/4bdc1ipMlHuwfiCg5
ncqOSjJ6K4ce5zlLMilRyX0AK+qW1OGPF0GDnUBG6WtN2dxPuGNiDiCMwmq8Tbac
wsHqAFIKwOv6wDiW3Aq/EnzQYPKW3eDUWPpFUT7WyTdtknzYfipD6+IfIdJSgWyy
vYuJ3XGCXNZoml49FKO44wA8izqev3DQdgOqiVQdm1D4nyxTjiQWSNyzNpnO6oc+
oIGIxdelybGHo4SpWidQXb/4/q0fWjinCKgEzc65usgrL3JvdGK633ASBQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIBLrix74rUCPoaMFMTi3wJjrbFBMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRiYTJkNTAxLTFjMzgtNDEwNi1iYzMzLWU4MjIwM2ViMjljNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYPAwDQYJKoZIhvcNAQELBQADggEBAIxokawyNIjxRCk7Pkrm
YR3KkXtDwq8r8PHsEdFko6yPUbQ5ciHz/NbShR0+FrBmL+qrYeNuV+jkGoYhSX7X
EsPUZmOw2IJFIVKBi5XkeQMummfzh6q9Qly7dpXwfFp8PL+pVh2kmOgO9Tx8zx5i
FkAlWajCRrXKqG6WMTG9NZn0ZisBLsri5tdm11gpvkURPvfAPHsYYQ4qJixzfs83
qkWmUgTksN2GErHivmA9+UMZ9QuVjK/LIIHjru+9YJqvdIi9f8bI6ChVHL8knJYx
LwoPZaheqMp923nlCEaQ+5Aq9k1+2Kf5w6SveGuL/3mhKTNwa6mup9UKIT/PTDik
nkE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:34:19 2025 by rpki-client