Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4ee28c39-6f60-49b5-822e-66d0c4fed628.roa
File: 4ee28c39-6f60-49b5-822e-66d0c4fed628.roa (raw, json)
Hash identifier: 78FBY+HvoWfIx0XOZy/cYItuZTUxrqJmi5kWG0gv+PM=
Subject key identifier: 50:DA:DA:2E:52:DC:FD:F2:82:DB:98:AA:9F:7A:4D:B4:78:85:B1:49
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 59CCFC4AACA0861E93F7C8B139EA6A1750AB4BE0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4ee28c39-6f60-49b5-822e-66d0c4fed628.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:c800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:cc:fc:4a:ac:a0:86:1e:93:f7:c8:b1:39:ea:6a:17:50:ab:4b:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ed:4a:98:58:a4:6d:22:5f:1b:3d:61:24:42:3e:
9d:2f:13:92:67:ed:4e:67:c7:1b:a1:90:5c:9c:0d:
7e:24:b1:27:50:b7:51:5f:b0:f2:d4:cc:b8:97:57:
a7:58:3f:a9:e2:78:99:90:e9:84:68:5c:df:b7:14:
93:c1:0d:ae:b9:f2:fa:8c:61:f8:6e:c2:db:bb:f8:
f9:90:9c:dd:5b:ce:fd:f2:18:dd:c1:cc:23:d3:07:
b3:ad:45:c8:00:6c:60:75:c5:de:70:c2:2e:4b:00:
ef:2f:8a:b5:0a:a7:cc:35:d4:cd:13:05:2a:0a:03:
f3:81:b7:a3:39:58:82:74:d4:b0:6d:41:ba:44:72:
57:04:35:69:db:1b:70:34:08:6a:a7:71:ee:22:1c:
3b:ba:40:5d:46:36:29:04:12:f9:67:cf:00:8c:e3:
92:6d:55:7d:07:b1:ad:8d:9f:6e:93:89:71:8d:1f:
71:31:1b:db:ca:9e:c0:e5:f2:74:af:ab:35:f0:71:
35:f3:31:c6:e0:94:26:3e:41:ce:e5:15:e8:15:7a:
12:11:98:23:85:f5:06:05:03:66:1e:b4:ef:d2:29:
ad:89:b7:6a:d8:e5:b0:89:49:37:0d:13:ab:c7:be:
f7:57:b1:fd:d7:5d:cd:91:ec:76:d6:ab:4d:16:e5:
a2:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:DA:DA:2E:52:DC:FD:F2:82:DB:98:AA:9F:7A:4D:B4:78:85:B1:49
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4ee28c39-6f60-49b5-822e-66d0c4fed628.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:c800::/40
Signature Algorithm: sha256WithRSAEncryption
34:28:4e:ca:2a:d3:54:3d:cc:0b:a9:52:5d:10:96:f1:bd:69:
00:58:49:cd:db:78:55:08:9b:c4:22:27:e0:bb:78:77:51:09:
a2:e8:68:a9:14:c8:a2:ad:39:f1:5d:a9:32:fd:16:e2:7e:31:
a9:45:b1:6f:bf:a0:f5:4c:f8:ca:0c:bb:c8:da:c7:d8:f8:41:
db:85:65:59:55:43:86:c7:c8:69:a7:ed:7e:cf:ed:05:91:d6:
fd:db:e0:8a:50:22:d7:56:05:61:b8:a1:e9:f4:f3:a0:a7:ba:
45:21:01:9a:71:6a:7e:a7:04:fc:f0:6c:1a:c8:96:58:f9:ce:
db:50:a6:93:1d:36:5f:68:7e:d1:17:54:47:31:49:7a:a3:01:
7f:7d:38:ab:c9:f2:ba:ff:1d:73:92:8d:c9:a3:a6:02:cc:2f:
70:87:df:43:e2:da:ac:1b:36:51:a4:78:f0:73:c1:ad:07:49:
9d:6a:73:59:b5:d6:39:15:6e:02:0b:1a:63:e9:70:d2:22:0a:
45:a2:47:b0:3d:e4:fe:e5:0e:5a:66:b7:7b:4b:ea:2d:34:69:
22:32:93:a1:81:21:90:4c:55:3d:42:d7:97:15:3c:60:6d:8d:
0a:3f:a3:fd:1f:ca:ee:9a:6e:23:8e:52:5b:e8:54:14:9d:9e:
02:6e:0a:c5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUWcz8Sqyghh6T98ixOepqF1CrS+AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIzMTAwMDAwMFoX
DTI1MDIwNDIzNTk1OVowejFJMEcGA1UEBRNAZjAzNDViNDQ4OWY1Y2VmNjE2ZWFi
MGVkNTkzZWFkOTk0OTQ0YjNiNWUwNTYwMzk2ODZkODczYmJiOTlhMTBjNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7UqYWKRtIl8bPWEkQj6dLxOSZ+1O
Z8cboZBcnA1+JLEnULdRX7Dy1My4l1enWD+p4niZkOmEaFzftxSTwQ2uufL6jGH4
bsLbu/j5kJzdW8798hjdwcwj0wezrUXIAGxgdcXecMIuSwDvL4q1CqfMNdTNEwUq
CgPzgbejOViCdNSwbUG6RHJXBDVp2xtwNAhqp3HuIhw7ukBdRjYpBBL5Z88AjOOS
bVV9B7GtjZ9uk4lxjR9xMRvbyp7A5fJ0r6s18HE18zHG4JQmPkHO5RXoFXoSEZgj
hfUGBQNmHrTv0imtibdq2OWwiUk3DROrx773V7H9113Nkex21qtNFuWiYwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFDa2i5S3P3ygtuYqp96TbR4hbFJMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRlZTI4YzM5LTZmNjAtNDliNS04MjJlLTY2ZDBjNGZlZDYyOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYcgwDQYJKoZIhvcNAQELBQADggEBADQoTsoq01Q9zAupUl0Q
lvG9aQBYSc3beFUIm8QiJ+C7eHdRCaLoaKkUyKKtOfFdqTL9FuJ+MalFsW+/oPVM
+MoMu8jax9j4QduFZVlVQ4bHyGmn7X7P7QWR1v3b4IpQItdWBWG4oen086CnukUh
AZpxan6nBPzwbBrIllj5zttQppMdNl9oftEXVEcxSXqjAX99OKvJ8rr/HXOSjcmj
pgLML3CH30Pi2qwbNlGkePBzwa0HSZ1qc1m11jkVbgILGmPpcNIiCkWiR7A95P7l
Dlpmt3tL6i00aSIyk6GBIZBMVT1C15cVPGBtjQo/o/0fyu6abiOOUlvoVBSdngJu
CsU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:32 2025 by rpki-client