Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fe6a299-f119-4899-820b-ec885ec1a4a3.roa
File: 4fe6a299-f119-4899-820b-ec885ec1a4a3.roa (raw, json)
Hash identifier: U2GSkJaZtpxjCLKJGvTf5yx5LkHFB4DVqO+FacD0p1s=
Subject key identifier: 26:F7:7B:CE:C6:0B:C8:AB:55:33:36:6B:7C:BC:11:FB:9A:6C:BE:AA
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7FD5444EB1FE0D8D95C8333C8EB1565BB94D44EB
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fe6a299-f119-4899-820b-ec885ec1a4a3.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:d5:44:4e:b1:fe:0d:8d:95:c8:33:3c:8e:b1:56:5b:b9:4d:44:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:66:ef:3b:b3:2d:56:17:9a:35:99:83:1a:10:
6c:ff:4f:77:f4:1b:88:11:4c:ea:c6:dc:99:0c:ce:
46:f3:a6:5a:6a:a6:4c:a8:10:22:a6:a2:0f:f0:9a:
d3:82:fb:eb:ee:b3:0a:f0:5a:f1:3a:3f:df:3b:3d:
40:d3:58:e3:0b:6c:83:5b:34:e9:3b:51:2f:45:f4:
77:f1:cc:9d:c3:42:84:e8:59:31:6e:fd:8e:a6:9b:
71:45:24:e0:9a:0c:ac:00:46:e2:dc:9e:f4:30:b5:
ab:7c:46:c4:26:c5:3b:f9:16:4f:20:dc:63:73:9e:
e9:c8:de:d6:63:59:ea:3c:55:08:2d:b1:2a:18:98:
db:ba:aa:ed:89:75:03:95:80:95:65:64:b9:a7:47:
49:f5:e5:45:4a:cc:2a:8c:a8:4e:42:02:6c:87:50:
f0:02:29:14:c8:0e:ce:18:cc:66:37:84:8c:61:55:
11:ee:26:d2:b6:a1:68:59:84:8a:6e:14:29:0b:62:
ce:33:d0:1f:0d:96:13:a9:56:37:ba:4c:b9:df:69:
38:fc:4b:0b:6c:cc:7e:62:7f:20:1e:c5:63:9a:57:
42:dd:3b:40:28:ea:86:13:8e:10:96:0e:9d:14:c1:
bc:e4:9c:e4:31:09:51:8c:66:68:21:9d:ad:cc:0f:
bf:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:F7:7B:CE:C6:0B:C8:AB:55:33:36:6B:7C:BC:11:FB:9A:6C:BE:AA
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fe6a299-f119-4899-820b-ec885ec1a4a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:2000::/40
Signature Algorithm: sha256WithRSAEncryption
20:00:12:ba:46:84:d7:f5:b0:f0:c9:4a:5e:bb:49:08:ca:ca:
9a:ce:c9:a6:88:1b:0f:92:80:83:b2:ec:d7:bc:75:3f:10:1c:
f8:4f:60:20:a4:bf:c2:ad:78:64:cf:a2:30:31:65:00:09:75:
7a:59:a3:ca:f5:90:4a:a0:50:fd:7f:8d:9f:88:44:ac:b9:27:
3f:00:f0:43:97:09:92:95:e0:6a:b2:52:c4:46:8f:0f:75:52:
59:01:d9:14:b1:e7:a2:ec:47:a1:92:97:4a:15:a0:83:cc:df:
cb:90:4e:1d:9c:9d:01:09:26:a0:9e:7e:9e:6c:9f:43:d1:2a:
69:be:e3:58:da:c5:97:90:18:d3:30:52:62:24:ca:3c:d4:06:
79:fe:ba:17:58:31:18:5a:4d:4e:40:56:d7:c1:52:cc:68:1f:
27:f9:e2:47:99:89:ec:5d:4c:39:33:cb:86:6e:7f:59:7a:da:
e0:23:61:83:1b:d6:c4:c4:a3:94:4a:f1:8d:5e:f8:1f:d5:67:
fb:cd:a3:1d:74:11:70:41:5d:79:6e:9a:62:35:3b:d2:ec:e2:
97:c3:b7:5c:0e:9b:da:77:e4:fc:6f:dc:bc:e8:53:8f:59:bd:
ab:d9:46:47:15:fd:ee:e0:49:93:a6:40:52:6d:23:03:c1:d2:
bf:06:59:63
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUf9VETrH+DY2VyDM8jrFWW7lNROswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAMzQ3OTYzY2MxM2Q3OWEyNTllMDQ1
NTc4MzMwODliYjgxOWEwMTBkMGYxMmJiYzgwM2M0ZDMzZjQ3ZDk0ODEzNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjmbvO7MtVheaNZmDGhBs/0939BuI
EUzqxtyZDM5G86ZaaqZMqBAipqIP8JrTgvvr7rMK8FrxOj/fOz1A01jjC2yDWzTp
O1EvRfR38cydw0KE6Fkxbv2OpptxRSTgmgysAEbi3J70MLWrfEbEJsU7+RZPINxj
c57pyN7WY1nqPFUILbEqGJjbuqrtiXUDlYCVZWS5p0dJ9eVFSswqjKhOQgJsh1Dw
AikUyA7OGMxmN4SMYVUR7ibStqFoWYSKbhQpC2LOM9AfDZYTqVY3uky532k4/EsL
bMx+Yn8gHsVjmldC3TtAKOqGE44Qlg6dFMG85JzkMQlRjGZoIZ2tzA+/bQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCb3e87GC8irVTM2a3y8EfuabL6qMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRmZTZhMjk5LWYxMTktNDg5OS04MjBiLWVjODg1ZWMxYTRhMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9yAwDQYJKoZIhvcNAQELBQADggEBACAAErpGhNf1sPDJSl67
SQjKyprOyaaIGw+SgIOy7Ne8dT8QHPhPYCCkv8KteGTPojAxZQAJdXpZo8r1kEqg
UP1/jZ+IRKy5Jz8A8EOXCZKV4GqyUsRGjw91UlkB2RSx56LsR6GSl0oVoIPM38uQ
Th2cnQEJJqCefp5sn0PRKmm+41jaxZeQGNMwUmIkyjzUBnn+uhdYMRhaTU5AVtfB
UsxoHyf54keZiexdTDkzy4Zuf1l62uAjYYMb1sTEo5RK8Y1e+B/VZ/vNox10EXBB
XXlummI1O9Ls4pfDt1wOm9p35Pxv3LzoU49ZvavZRkcV/e7gSZOmQFJtIwPB0r8G
WWM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:22:22 2025 by rpki-client