Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d3ca5a8-d6d1-42f0-a0f6-be78a237e8f2.roa
File: 5d3ca5a8-d6d1-42f0-a0f6-be78a237e8f2.roa (raw, json)
Hash identifier: Vd+vWRe3uWTiJPvF7nj2cngDtf6ja907ffOIDHZK16Q=
Subject key identifier: 60:25:15:80:58:1B:E8:EE:93:FF:06:E4:76:35:81:69:D6:B3:A8:72
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 71A23F65EDB4E29D9F773997884F09815058CA48
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d3ca5a8-d6d1-42f0-a0f6-be78a237e8f2.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2406:da00::/24 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:a2:3f:65:ed:b4:e2:9d:9f:77:39:97:88:4f:09:81:50:58:ca:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:0d:a3:d4:07:ee:d6:a3:29:25:07:36:c9:9b:
00:20:79:08:44:73:bd:f5:c9:e5:5c:75:fc:a4:b3:
ea:cc:d7:f6:72:c1:05:88:28:f5:78:dc:e9:9e:89:
2c:3c:39:bf:14:c9:b9:66:f8:0e:d3:18:42:75:2c:
a6:8b:86:96:05:58:f4:46:ae:78:05:f4:02:cb:25:
a6:a0:74:4a:fb:13:18:3b:b8:80:d4:e1:c6:80:8c:
45:e5:6e:d4:d3:a5:20:bc:6c:53:76:0e:8b:0a:3b:
29:f7:87:f3:33:f9:02:4f:5b:d4:7e:ad:27:ac:af:
1f:e5:4a:9d:da:40:2f:e3:08:fe:77:ee:97:ac:49:
a7:56:77:e4:c7:c3:52:72:d5:0c:9d:50:91:e0:2e:
ca:f2:7f:bf:4a:a7:80:bc:d9:65:5b:c0:03:e1:5b:
69:2b:3a:68:80:29:79:13:59:d4:d8:6e:cd:91:27:
c4:2d:f7:1a:92:98:2d:29:52:9a:c8:a1:40:8f:e5:
7d:61:a2:f2:cd:44:63:7f:4c:76:49:20:09:4a:38:
82:ec:53:77:1d:19:f7:73:2e:80:2c:39:58:c5:37:
cb:69:50:77:b7:da:4f:5e:ce:57:8e:a8:14:66:d3:
48:b1:d3:5f:25:cd:da:2a:45:7a:87:38:e8:2a:bd:
00:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:25:15:80:58:1B:E8:EE:93:FF:06:E4:76:35:81:69:D6:B3:A8:72
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5d3ca5a8-d6d1-42f0-a0f6-be78a237e8f2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00::/24
Signature Algorithm: sha256WithRSAEncryption
54:41:c6:1d:51:b5:c6:d9:ae:a7:94:82:fd:aa:5a:6d:6a:d3:
71:83:41:b3:56:5d:5b:73:58:a5:9e:94:06:57:2a:8b:0f:b2:
61:f7:30:41:24:e6:8b:95:ce:8b:68:db:19:1d:f2:8f:b5:41:
2b:c2:95:b5:ea:97:e4:02:40:bb:0d:dc:06:92:cb:3f:3b:6b:
a4:fd:e8:e7:8b:a5:ec:aa:c9:ad:93:2b:fd:dc:2b:5c:e8:37:
80:90:a6:57:0b:40:40:ea:3b:53:73:7d:a3:0c:e4:cc:a2:20:
bf:da:36:2c:28:7b:b8:66:c6:f2:f3:5c:d3:77:9c:d6:54:9a:
0f:60:40:8f:7c:55:23:5e:33:ac:a1:69:b6:74:7c:09:c9:b2:
25:aa:d9:76:aa:e2:12:6c:dc:fe:3b:d9:96:cc:01:80:34:e3:
3a:8d:eb:22:6c:81:bf:f9:03:4e:16:fc:90:7e:31:fb:6e:b8:
32:12:0b:40:38:17:99:55:c3:40:4f:aa:3d:56:d8:54:e2:35:
b9:d2:c4:b5:48:8b:1c:80:da:1a:23:4f:9a:dd:2b:f5:bc:50:
cc:d9:11:f3:8f:e7:50:e1:e5:f5:7c:57:bd:90:f2:52:e1:37:
68:67:7a:d5:38:8a:15:2a:a3:6d:97:06:1f:2d:5d:e0:65:46:
75:c2:23:ba
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUcaI/Ze204p2fdzmXiE8JgVBYykgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAOGZkODBmZjU1NDFmNThjNzhlMTUz
OWMxODFiYTU0OGU3NDBjOWRlMDI4ZDY0MTI1Y2Q3NWRkYTJjZjNiNDNiMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtQ2j1Afu1qMpJQc2yZsAIHkIRHO9
9cnlXHX8pLPqzNf2csEFiCj1eNzpnoksPDm/FMm5ZvgO0xhCdSymi4aWBVj0Rq54
BfQCyyWmoHRK+xMYO7iA1OHGgIxF5W7U06UgvGxTdg6LCjsp94fzM/kCT1vUfq0n
rK8f5Uqd2kAv4wj+d+6XrEmnVnfkx8NSctUMnVCR4C7K8n+/SqeAvNllW8AD4Vtp
KzpogCl5E1nU2G7NkSfELfcakpgtKVKayKFAj+V9YaLyzURjf0x2SSAJSjiC7FN3
HRn3cy6ALDlYxTfLaVB3t9pPXs5XjqgUZtNIsdNfJc3aKkV6hzjoKr0AOQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGAlFYBYG+juk/8G5HY1gWnWs6hyMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVkM2NhNWE4LWQ2ZDEtNDJmMC1hMGY2LWJlNzhhMjM3ZThmMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAAjAGAwQAJAbaMA0GCSqGSIb3DQEBCwUAA4IBAQBUQcYdUbXG2a6nlIL9qlpt
atNxg0GzVl1bc1ilnpQGVyqLD7Jh9zBBJOaLlc6LaNsZHfKPtUErwpW16pfkAkC7
DdwGkss/O2uk/ejni6Xsqsmtkyv93Ctc6DeAkKZXC0BA6jtTc32jDOTMoiC/2jYs
KHu4Zsby81zTd5zWVJoPYECPfFUjXjOsoWm2dHwJybIlqtl2quISbNz+O9mWzAGA
NOM6jesibIG/+QNOFvyQfjH7brgyEgtAOBeZVcNAT6o9VthU4jW50sS1SIscgNoa
I0+a3Sv1vFDM2RHzj+dQ4eX1fFe9kPJS4TdoZ3rVOIoVKqNtlwYfLV3gZUZ1wiO6
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:44 2025 by rpki-client