Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c46839c-3f15-4f81-8b34-6fe264045216.roa
File: 4c46839c-3f15-4f81-8b34-6fe264045216.roa (raw, json)
Hash identifier: wux0egfRw0A7dUa2skaDq6agbq132SY+wOEdVAJhIMU=
Subject key identifier: 01:82:84:0E:71:DE:35:81:D7:E7:47:0F:0A:A7:4F:7C:74:C0:00:83
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 58E2C77390C0F522DDE9A82885579E2BF6C1CC1E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c46839c-3f15-4f81-8b34-6fe264045216.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da70:9000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
58:e2:c7:73:90:c0:f5:22:dd:e9:a8:28:85:57:9e:2b:f6:c1:cc:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:2a:ab:c7:cb:81:07:f9:5d:bd:4f:72:f4:3e:
96:01:98:0f:24:d2:8f:a2:9d:4a:56:26:ca:30:c1:
49:0a:e9:e2:aa:dd:a4:1c:f1:1e:96:c5:e8:19:e3:
66:5b:2b:69:d3:6e:45:ec:98:40:31:ce:c0:cd:c4:
09:db:5b:9e:ed:6b:c9:29:91:17:7d:33:65:cf:44:
a4:90:34:ba:c5:20:70:eb:f7:03:19:2b:a0:59:d0:
ca:55:0b:55:5f:cd:6d:4f:f2:19:4c:b6:46:74:0b:
22:c4:80:93:4a:31:e5:ef:e2:83:d1:41:8f:8c:db:
65:7b:9c:cc:bb:51:e8:42:d4:7d:d6:53:76:86:cd:
af:0b:f8:b2:ad:d8:f9:b3:ee:82:14:fc:ce:3a:3a:
0e:be:f5:96:a6:23:98:05:e0:83:fc:ad:78:60:1c:
33:5a:60:8d:fb:eb:7c:0c:dc:86:32:39:40:22:47:
ae:eb:14:87:5e:b5:d6:af:2f:40:02:01:1a:11:ec:
b0:2a:f4:73:26:89:65:95:8b:46:fd:4f:96:17:48:
fc:3d:91:f6:93:07:2f:46:0e:69:e0:bd:1f:69:ac:
1f:1a:6f:72:9b:60:02:76:11:9c:44:ee:95:1d:d4:
a0:11:f6:51:7e:d2:c4:70:ad:b7:c5:49:52:8f:76:
4f:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:82:84:0E:71:DE:35:81:D7:E7:47:0F:0A:A7:4F:7C:74:C0:00:83
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4c46839c-3f15-4f81-8b34-6fe264045216.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da70:9000::/40
Signature Algorithm: sha256WithRSAEncryption
b7:d6:11:94:3a:b2:d8:53:37:17:e1:94:66:33:8d:9f:5d:a6:
52:97:f1:a7:d7:26:b2:29:a4:1b:a2:92:66:1c:fa:3f:0c:18:
d7:f6:00:ef:e4:41:79:90:4b:ad:44:5f:e1:5c:9b:aa:9c:11:
3d:df:46:d4:30:72:1e:5d:0e:d4:06:52:8a:af:0b:f7:e1:56:
a6:d4:7f:c2:11:57:0b:8e:9c:8e:51:b5:42:46:19:57:1b:6a:
d2:aa:5b:25:27:6d:9c:bb:09:3e:35:d8:2f:5b:79:39:36:86:
fa:31:58:3c:0d:a4:53:35:78:01:cb:ab:09:71:74:4f:89:11:
c5:c6:5b:b7:57:ad:a5:54:a3:06:55:b6:af:61:35:4c:78:8a:
fc:ab:4a:7a:a3:33:22:71:ca:9f:10:61:17:5d:8b:96:18:b2:
b4:35:20:25:f3:6c:29:84:1a:d0:2e:8e:0a:81:1c:75:7b:bd:
b4:d1:22:e0:e3:e2:9e:68:3e:19:a4:08:ce:2d:00:98:f5:81:
c7:ae:d6:df:d7:7d:55:90:cb:9d:44:ef:09:dd:ce:75:d5:1d:
02:86:fa:d9:4f:fb:e8:cd:57:c1:5a:8e:53:fe:25:9c:01:b0:
7e:f1:2b:cf:97:85:93:cf:7b:f4:4f:18:b5:06:f6:17:42:9a:
6d:05:16:94
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUWOLHc5DA9SLd6agohVeeK/bBzB4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAZmE3YjU2YTczYzExNjczOWNjYzhh
N2U3YzJjZGUwZTQyY2YzMmUzMTMxZTg2MTc0Y2M5ZTgxYWQ4ZWE4OWIxZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxiqrx8uBB/ldvU9y9D6WAZgPJNKP
op1KVibKMMFJCuniqt2kHPEelsXoGeNmWytp025F7JhAMc7AzcQJ21ue7WvJKZEX
fTNlz0SkkDS6xSBw6/cDGSugWdDKVQtVX81tT/IZTLZGdAsixICTSjHl7+KD0UGP
jNtle5zMu1HoQtR91lN2hs2vC/iyrdj5s+6CFPzOOjoOvvWWpiOYBeCD/K14YBwz
WmCN++t8DNyGMjlAIkeu6xSHXrXWry9AAgEaEeywKvRzJolllYtG/U+WF0j8PZH2
kwcvRg5p4L0faawfGm9ym2ACdhGcRO6VHdSgEfZRftLEcK23xUlSj3ZPmQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAGChA5x3jWB1+dHDwqnT3x0wACDMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRjNDY4MzljLTNmMTUtNGY4MS04YjM0LTZmZTI2NDA0NTIxNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbacJAwDQYJKoZIhvcNAQELBQADggEBALfWEZQ6sthTNxfhlGYz
jZ9dplKX8afXJrIppBuikmYc+j8MGNf2AO/kQXmQS61EX+Fcm6qcET3fRtQwch5d
DtQGUoqvC/fhVqbUf8IRVwuOnI5RtUJGGVcbatKqWyUnbZy7CT412C9beTk2hvox
WDwNpFM1eAHLqwlxdE+JEcXGW7dXraVUowZVtq9hNUx4ivyrSnqjMyJxyp8QYRdd
i5YYsrQ1ICXzbCmEGtAujgqBHHV7vbTRIuDj4p5oPhmkCM4tAJj1gceu1t/XfVWQ
y51E7wndznXVHQKG+tlP++jNV8FajlP+JZwBsH7xK8+XhZPPe/RPGLUG9hdCmm0F
FpQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:36 2025 by rpki-client