Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e351fa8-3b89-4512-a16b-5c307fc6f611.roa
File: 4e351fa8-3b89-4512-a16b-5c307fc6f611.roa (raw, json)
Hash identifier: 7BGqVsjoJRw81SxXK7GTBv7S3jQrbUWzjWs4OT39qc4=
Subject key identifier: E2:DD:80:30:40:BF:08:52:32:43:3F:66:EE:9B:9E:03:48:52:A5:3F
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0ADA90DC21C40F53D5E7AEAA9A82835C16A518D1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e351fa8-3b89-4512-a16b-5c307fc6f611.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf0:800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:da:90:dc:21:c4:0f:53:d5:e7:ae:aa:9a:82:83:5c:16:a5:18:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:40:24:bd:48:16:39:d2:90:92:39:3d:1a:74:
ab:29:cb:4a:c5:9a:2b:8d:f9:45:1d:4a:5c:c0:5f:
6b:2b:b1:47:3d:fd:81:d6:7c:0e:69:7c:05:a6:0e:
64:50:60:00:03:b7:c6:a8:f8:92:2c:1f:53:20:3f:
44:33:6c:b6:c7:e5:67:63:16:9a:ca:24:e2:bc:62:
4b:20:0e:6c:6b:c4:90:74:7d:97:69:b2:32:ae:39:
66:e0:2f:4e:70:b0:88:79:7a:dd:f2:86:dd:5d:84:
ac:e6:8c:27:c2:48:2e:ca:c3:57:e6:dc:7e:43:71:
10:4c:9e:7e:d4:25:f7:49:a3:cc:58:d5:19:d3:06:
a1:de:d7:4f:43:c9:7a:ba:98:20:70:ab:9b:9d:46:
ee:47:a4:16:be:b1:51:6d:fc:18:ad:3a:0d:1b:40:
f5:35:97:04:30:55:2f:9d:4a:8d:76:d6:e7:66:ec:
fc:78:3c:31:fc:80:fe:81:e9:48:47:47:58:30:ab:
f7:82:f7:5b:be:e3:dc:b4:18:8a:02:f3:21:dc:c4:
23:fe:de:e5:df:37:dd:16:cf:2a:6d:12:59:7f:f2:
40:38:58:61:b2:27:0b:9a:bf:2a:62:6a:91:12:4d:
93:68:36:d2:de:76:1d:3e:6c:0b:22:1b:bd:7a:04:
e8:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E2:DD:80:30:40:BF:08:52:32:43:3F:66:EE:9B:9E:03:48:52:A5:3F
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4e351fa8-3b89-4512-a16b-5c307fc6f611.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf0:800::/40
Signature Algorithm: sha256WithRSAEncryption
86:96:9d:12:9a:8f:ad:e2:2a:b2:50:2f:bd:52:fa:8f:21:82:
22:7c:8b:c0:f8:a2:77:2e:96:06:f7:39:ce:9b:6d:69:d5:3d:
c0:f0:2a:df:d9:2f:55:cb:46:d9:76:85:d9:ce:84:15:68:bf:
3c:c6:4d:48:55:7d:ba:20:80:5f:9e:12:0f:a0:ae:5d:c7:09:
5a:71:0f:a4:e6:18:e2:e8:35:5b:ab:47:7f:71:7d:a6:08:cf:
68:05:c7:63:74:d3:a4:f5:0c:b3:47:d0:6e:a3:cd:87:1d:a6:
c3:b4:77:34:39:e3:56:13:19:b4:0a:42:0d:6a:76:35:05:e1:
42:23:52:28:a2:c5:9d:f3:f7:73:54:ae:3b:8d:5b:3c:9e:34:
45:22:14:c2:ec:5f:19:c5:87:ee:d5:76:82:3e:d0:34:f4:3c:
f3:b0:e4:c9:3e:59:79:96:1c:d4:0a:b7:f0:1f:70:bc:28:d1:
78:30:57:b3:0b:26:7b:d3:c6:61:da:2c:ef:0c:c5:8e:d6:e2:
ac:e4:8b:1b:88:88:1f:46:63:91:e9:c5:a7:28:e1:d9:39:b7:
e7:57:01:62:a9:f6:96:d7:f6:f1:37:73:69:83:de:18:bc:5c:
4f:4f:3c:f0:bc:da:6e:c6:7b:7f:13:f4:31:6e:da:3a:b7:cd:
2f:0d:f4:a5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUCtqQ3CHED1PV566qmoKDXBalGNEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNANjFkZjM3M2RlNjM2YmNiMTQwZTdj
ODAzZmI4M2ZhMTNmNGJmNGRiNDIwMTdjNjRkMTM3YmQzOWNhNDJkMDBmMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA20AkvUgWOdKQkjk9GnSrKctKxZor
jflFHUpcwF9rK7FHPf2B1nwOaXwFpg5kUGAAA7fGqPiSLB9TID9EM2y2x+VnYxaa
yiTivGJLIA5sa8SQdH2XabIyrjlm4C9OcLCIeXrd8obdXYSs5ownwkguysNX5tx+
Q3EQTJ5+1CX3SaPMWNUZ0wah3tdPQ8l6upggcKubnUbuR6QWvrFRbfwYrToNG0D1
NZcEMFUvnUqNdtbnZuz8eDwx/ID+gelIR0dYMKv3gvdbvuPctBiKAvMh3MQj/t7l
3zfdFs8qbRJZf/JAOFhhsicLmr8qYmqREk2TaDbS3nYdPmwLIhu9egToNQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOLdgDBAvwhSMkM/Zu6bngNIUqU/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRlMzUxZmE4LTNiODktNDUxMi1hMTZiLTVjMzA3ZmM2ZjYxMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8AgwDQYJKoZIhvcNAQELBQADggEBAIaWnRKaj63iKrJQL71S
+o8hgiJ8i8D4onculgb3Oc6bbWnVPcDwKt/ZL1XLRtl2hdnOhBVovzzGTUhVfbog
gF+eEg+grl3HCVpxD6TmGOLoNVurR39xfaYIz2gFx2N006T1DLNH0G6jzYcdpsO0
dzQ541YTGbQKQg1qdjUF4UIjUiiixZ3z93NUrjuNWzyeNEUiFMLsXxnFh+7VdoI+
0DT0PPOw5Mk+WXmWHNQKt/AfcLwo0XgwV7MLJnvTxmHaLO8MxY7W4qzkixuIiB9G
Y5Hpxaco4dk5t+dXAWKp9pbX9vE3c2mD3hi8XE9PPPC82m7Ge38T9DFu2jq3zS8N
9KU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:24:26 2025 by rpki-client