Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd1d514-e9ac-44a6-93a0-af9ce79fc3de.roa
File: 4fd1d514-e9ac-44a6-93a0-af9ce79fc3de.roa (raw, json)
Hash identifier: CTP6apNotq9LGZ5eaLuq+4Fds3ZZo/n6yrUIjUy/WPQ=
Subject key identifier: 6D:C3:9E:7E:47:05:F9:71:2E:5D:47:39:02:A5:04:15:F1:1E:E2:84
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6A136CEB64BF7CD8AE916D03E0A9C4039B1EA1F3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd1d514-e9ac-44a6-93a0-af9ce79fc3de.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da38:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:13:6c:eb:64:bf:7c:d8:ae:91:6d:03:e0:a9:c4:03:9b:1e:a1:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:b1:8d:47:b8:1c:46:a7:81:c1:7b:90:5f:4f:
11:ff:89:0c:90:12:eb:3c:c3:06:53:74:e4:b3:e0:
87:ec:4e:f1:a7:14:1e:d6:77:8b:eb:3a:60:78:d9:
53:96:1e:f9:10:02:9d:5e:c2:77:b0:fa:44:65:d8:
d0:f4:0c:05:de:14:83:6c:dd:86:05:83:09:df:ff:
7b:d3:0f:c1:03:b5:f6:40:a5:90:c3:9f:46:dd:5b:
80:6b:0d:8a:8f:2f:a3:6a:04:6d:d7:27:1d:76:67:
93:c3:9b:80:f1:93:53:5a:32:ae:12:86:c8:ac:cb:
02:9d:3c:f5:a1:32:d3:22:32:df:0a:c7:6a:d9:b7:
40:c3:16:7f:f1:1f:7f:29:e8:5c:9d:9a:1c:87:98:
25:b3:73:83:96:a3:9a:0c:80:ab:40:5e:db:a5:55:
80:c4:bd:6e:cb:36:8e:3f:a8:78:14:df:c2:f7:87:
ca:74:a1:6b:28:8e:c2:7e:74:46:12:8e:41:7e:4e:
44:f6:47:75:39:44:8e:ed:42:6c:e0:77:fd:30:27:
40:14:22:93:5a:f0:b4:f8:cc:71:2c:6a:1b:9d:06:
22:24:bb:a4:a2:e4:3c:3f:d5:df:ed:24:55:7d:b6:
be:86:a5:96:a7:98:92:7a:d0:55:37:95:dc:3e:39:
15:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:C3:9E:7E:47:05:F9:71:2E:5D:47:39:02:A5:04:15:F1:1E:E2:84
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd1d514-e9ac-44a6-93a0-af9ce79fc3de.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da38:4000::/40
Signature Algorithm: sha256WithRSAEncryption
35:0c:cc:3d:4f:8b:ed:5b:b8:7c:85:87:09:3a:f1:c3:ae:b8:
21:18:71:a3:30:0c:f5:21:28:29:85:93:48:a7:0a:88:ad:4e:
4d:57:37:9c:55:fb:3a:51:19:e0:ec:d7:03:bf:15:93:7f:75:
df:68:86:04:07:a4:a9:4b:be:a4:38:76:22:ba:ab:a6:c9:79:
f2:a7:f1:38:a2:aa:a0:32:0f:b2:55:e1:42:ea:9f:d6:2f:01:
ff:d1:97:35:1f:57:f9:15:75:93:c8:22:84:3d:3a:a2:75:e8:
38:8a:18:9f:f7:9f:8a:60:9f:04:6b:95:ba:aa:75:43:d3:a2:
c0:55:8d:a1:cb:da:9d:6a:67:01:05:39:8c:6b:62:a9:ed:5c:
f2:81:8e:f5:cd:6c:0f:8f:20:4d:93:86:82:4a:00:18:32:c9:
7d:63:86:e9:98:21:36:17:2d:f6:d2:f4:58:fc:7c:c0:d3:e4:
00:d5:a6:03:2b:a2:ef:30:46:00:8d:b0:a4:eb:3d:7c:ba:49:
60:a4:eb:cf:ad:60:6f:7a:7f:68:d1:fa:6a:b6:1e:e1:75:92:
ac:1a:d9:12:0f:82:e4:ef:b9:cd:51:de:84:20:8c:46:d6:78:
46:30:20:5d:49:8e:2d:29:18:b3:00:6f:9c:0d:98:14:7c:76:
1e:b0:f8:95
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUahNs62S/fNiukW0D4KnEA5seofMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNANmU0MjJhYTI4N2ZjNmUzODMyMWE4
ZjgyMzM2ODc3ZjI4NDRhNzgyNzBjOGQ1MGU5N2I1ZGNiNDY4YzQ1OWRhNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm7GNR7gcRqeBwXuQX08R/4kMkBLr
PMMGU3Tks+CH7E7xpxQe1neL6zpgeNlTlh75EAKdXsJ3sPpEZdjQ9AwF3hSDbN2G
BYMJ3/970w/BA7X2QKWQw59G3VuAaw2Kjy+jagRt1ycddmeTw5uA8ZNTWjKuEobI
rMsCnTz1oTLTIjLfCsdq2bdAwxZ/8R9/KehcnZoch5gls3ODlqOaDICrQF7bpVWA
xL1uyzaOP6h4FN/C94fKdKFrKI7CfnRGEo5Bfk5E9kd1OUSO7UJs4Hf9MCdAFCKT
WvC0+MxxLGobnQYiJLukouQ8P9Xf7SRVfba+hqWWp5iSetBVN5XcPjkVJQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFG3Dnn5HBflxLl1HOQKlBBXxHuKEMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRmZDFkNTE0LWU5YWMtNDRhNi05M2EwLWFmOWNlNzlmYzNkZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOEAwDQYJKoZIhvcNAQELBQADggEBADUMzD1Pi+1buHyFhwk6
8cOuuCEYcaMwDPUhKCmFk0inCoitTk1XN5xV+zpRGeDs1wO/FZN/dd9ohgQHpKlL
vqQ4diK6q6bJefKn8TiiqqAyD7JV4ULqn9YvAf/RlzUfV/kVdZPIIoQ9OqJ16DiK
GJ/3n4pgnwRrlbqqdUPTosBVjaHL2p1qZwEFOYxrYqntXPKBjvXNbA+PIE2ThoJK
ABgyyX1jhumYITYXLfbS9Fj8fMDT5ADVpgMrou8wRgCNsKTrPXy6SWCk68+tYG96
f2jR+mq2HuF1kqwa2RIPguTvuc1R3oQgjEbWeEYwIF1Jji0pGLMAb5wNmBR8dh6w
+JU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:24 2025 by rpki-client