Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd4f1fa-ef72-445b-8178-cdb0ba581ea1.roa
File: 4fd4f1fa-ef72-445b-8178-cdb0ba581ea1.roa (raw, json)
Hash identifier: ya1eQihVBPefTKWHOU0NVqAxHf5IlBBENxgFJfUHea0=
Subject key identifier: 66:06:90:6D:71:38:29:CC:67:7E:63:8C:47:F3:2E:34:10:73:D8:A9
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 19B22E62D001D471E40A068FB9381ED71A6E4FC6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd4f1fa-ef72-445b-8178-cdb0ba581ea1.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:a000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:b2:2e:62:d0:01:d4:71:e4:0a:06:8f:b9:38:1e:d7:1a:6e:4f:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:9c:81:72:ac:fc:b0:80:52:2e:dc:bb:48:5c:
ca:56:a2:32:1b:96:16:e7:96:d6:ed:17:cc:a5:6d:
6e:39:69:08:1b:3a:33:47:69:24:19:fe:a7:10:60:
7d:cc:82:64:73:d9:9a:0c:12:4b:3a:2e:7d:44:2d:
7c:de:fd:c3:5d:b9:a3:cf:fb:a9:72:a6:d9:e0:22:
a8:38:a0:01:a2:da:30:f7:d0:76:32:e3:ae:02:d6:
74:7e:7f:87:96:d4:1d:f4:10:a0:47:98:c5:63:a6:
6f:37:60:bf:32:23:b6:15:0a:e5:cb:cc:fe:86:0b:
71:f7:30:ee:c9:44:4b:2e:26:f3:ce:10:61:e5:28:
0e:08:b9:a2:7b:b0:14:eb:ba:f2:87:d5:f0:7c:36:
d8:12:5d:99:22:68:ca:37:f3:4c:8d:19:d5:27:18:
be:b2:65:d7:dc:bf:c0:33:d4:cc:3e:01:8e:f9:db:
2d:41:1b:fb:89:58:f7:77:22:16:e1:c3:91:0c:35:
bd:96:28:6a:0b:a5:e3:be:94:f4:63:f4:94:32:8c:
32:c2:30:53:99:96:a1:fe:a4:9d:a1:3a:e4:38:d0:
b2:bb:b2:d1:3d:c4:8f:b1:a7:80:32:61:1d:c7:86:
fe:5f:6d:dc:54:56:83:05:7b:47:4d:d7:9d:78:d4:
6b:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:06:90:6D:71:38:29:CC:67:7E:63:8C:47:F3:2E:34:10:73:D8:A9
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd4f1fa-ef72-445b-8178-cdb0ba581ea1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:a000::/40
Signature Algorithm: sha256WithRSAEncryption
95:fa:7a:a3:c0:af:95:83:8c:40:ba:0d:bc:09:6a:f2:4f:7a:
68:e8:ab:e8:d0:79:43:df:76:f5:64:0f:61:20:9e:4d:36:e1:
83:cc:10:5d:a3:24:c0:8b:e5:c9:ee:84:b5:1e:2c:23:c2:bf:
4a:d4:50:61:05:95:04:d0:09:b5:cc:4e:79:4a:75:a5:bb:23:
de:bf:38:84:d9:5f:d3:0f:cd:ca:7f:64:f2:a2:e6:2f:92:cb:
7f:38:d1:63:7e:a5:32:6b:d3:36:72:5f:1f:32:64:0a:46:b9:
bc:5f:6b:a3:3b:d1:c5:8c:fd:e3:a6:98:cc:ad:4b:83:bd:4c:
75:92:c9:a2:cc:e6:cf:cb:01:c1:40:55:fc:e2:77:ca:1c:b7:
1c:b9:c7:ce:c8:3b:83:c0:84:fc:69:5b:52:f7:00:8f:56:b4:
9e:b2:29:84:d5:01:9d:82:24:4f:4d:f8:0b:fc:77:75:51:3f:
e4:00:e7:75:00:8b:dd:9b:2c:bf:18:c5:a7:e9:ed:72:3f:94:
9b:29:45:e5:9f:16:ef:4f:58:81:93:57:52:b5:6f:9e:d8:87:
cc:24:6a:ad:be:a9:76:87:44:8a:cc:95:92:4b:10:ce:97:ba:
c5:4f:de:7b:fd:0e:98:53:47:17:15:ad:30:05:ff:af:e1:d2:
81:da:0c:ea
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUGbIuYtAB1HHkCgaPuTge1xpuT8YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAZDU3NzUxOTkxZTExYjJlNjA1MmU2
MzZkMWY0MTQwNGYxYWQ4ZjA4ZDhmMWRlZTVhYzE3NGFkZjA0MTBhN2MwZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvJyBcqz8sIBSLty7SFzKVqIyG5YW
55bW7RfMpW1uOWkIGzozR2kkGf6nEGB9zIJkc9maDBJLOi59RC183v3DXbmjz/up
cqbZ4CKoOKABotow99B2MuOuAtZ0fn+HltQd9BCgR5jFY6ZvN2C/MiO2FQrly8z+
hgtx9zDuyURLLibzzhBh5SgOCLmie7AU67ryh9XwfDbYEl2ZImjKN/NMjRnVJxi+
smXX3L/AM9TMPgGO+dstQRv7iVj3dyIW4cORDDW9lihqC6XjvpT0Y/SUMowywjBT
mZah/qSdoTrkONCyu7LRPcSPsaeAMmEdx4b+X23cVFaDBXtHTdedeNRrDQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGYGkG1xOCnMZ35jjEfzLjQQc9ipMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRmZDRmMWZhLWVmNzItNDQ1Yi04MTc4LWNkYjBiYTU4MWVhMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaAKAwDQYJKoZIhvcNAQELBQADggEBAJX6eqPAr5WDjEC6DbwJ
avJPemjoq+jQeUPfdvVkD2Egnk024YPMEF2jJMCL5cnuhLUeLCPCv0rUUGEFlQTQ
CbXMTnlKdaW7I96/OITZX9MPzcp/ZPKi5i+Sy3840WN+pTJr0zZyXx8yZApGubxf
a6M70cWM/eOmmMytS4O9THWSyaLM5s/LAcFAVfzid8octxy5x87IO4PAhPxpW1L3
AI9WtJ6yKYTVAZ2CJE9N+Av8d3VRP+QA53UAi92bLL8Yxafp7XI/lJspReWfFu9P
WIGTV1K1b57Yh8wkaq2+qXaHRIrMlZJLEM6XusVP3nv9DphTRxcVrTAF/6/h0oHa
DOo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:52 2025 by rpki-client