Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e2e2a48-a4b5-497a-978d-68330e53db91.roa
File: 5e2e2a48-a4b5-497a-978d-68330e53db91.roa (raw, json)
Hash identifier: qbWE+fKHPVg/1ejChFr+s7nPva5MDeiXpR/rZhqtEKQ=
Subject key identifier: F1:55:DA:6D:7A:79:98:58:73:F3:D3:0B:7D:0D:40:41:45:20:6D:FE
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5493A7C992DB3251B346E45027E72615582DC15F
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e2e2a48-a4b5-497a-978d-68330e53db91.roa
Signing time: Sat 08 Mar 2025 00:00:17 +0000
ROA not before: Sat 08 Mar 2025 00:00:17 +0000
ROA not after: Sat 12 Apr 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2406:daef:f000::/40 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:93:a7:c9:92:db:32:51:b3:46:e4:50:27:e7:26:15:58:2d:c1:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 8 00:00:17 2025 GMT
Not After : Apr 12 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:a7:06:1a:aa:d8:d9:45:e7:d8:cf:af:e9:aa:
eb:61:46:fc:f7:8a:24:ea:4b:48:50:f8:b1:05:75:
87:ca:f9:3c:e1:5f:f6:d1:5c:25:4c:91:4f:39:a5:
df:45:68:04:dd:c9:f7:f3:b8:f3:68:bd:a5:e2:73:
a6:33:36:bc:ef:12:b1:85:29:99:02:9c:14:32:58:
06:28:09:09:9a:11:22:6a:e9:c1:53:a7:9f:ec:82:
9e:86:48:47:4b:91:42:1f:e8:d4:46:30:57:46:4a:
0b:92:d2:a8:b1:a2:e3:b6:ca:b1:8d:08:13:d5:5c:
34:6f:f3:0c:fc:0a:79:9d:96:85:f7:d3:b8:97:89:
9e:22:bb:f5:06:04:ac:c5:9b:a9:f4:e8:1e:4b:f9:
30:86:35:bf:c2:9d:b5:b4:7c:55:ff:1e:b9:f5:76:
c6:72:8c:65:6f:2d:0c:ef:b2:65:0f:26:7d:7d:92:
9e:cd:f8:11:8d:3b:4c:bb:7b:df:d7:d8:ab:7a:76:
15:89:4c:75:15:13:c6:04:65:64:68:fd:15:6b:2d:
37:c2:c5:c6:4a:82:9c:1f:bb:f4:d3:16:4c:ac:1a:
9d:6a:2d:25:41:c8:62:85:06:eb:70:82:be:5f:82:
bd:79:05:00:f2:a0:1a:9c:44:5b:55:f7:dc:f4:f5:
1b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:55:DA:6D:7A:79:98:58:73:F3:D3:0B:7D:0D:40:41:45:20:6D:FE
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/5e2e2a48-a4b5-497a-978d-68330e53db91.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daef:f000::/40
Signature Algorithm: sha256WithRSAEncryption
35:69:ab:45:7e:8c:5f:f3:0b:f3:da:86:61:6e:2c:62:77:a9:
be:6a:48:3a:f1:cd:d9:f0:21:27:9d:3d:05:5c:6f:83:5a:5e:
a2:19:42:be:46:56:d6:c3:f9:7f:5b:da:4e:7b:a9:2b:1a:91:
6f:0a:4f:f4:c9:f8:0b:b1:e8:f9:16:24:43:93:e1:8e:50:db:
40:4e:b6:a2:d6:a8:40:51:2e:0b:4a:d2:11:e2:77:22:0a:8d:
5b:0e:3f:ab:4b:1e:a2:50:aa:e4:66:57:4b:d4:48:d6:2b:b5:
07:37:cf:42:25:9f:61:82:1a:7d:0b:7b:c3:d9:af:ae:cd:39:
89:0d:46:26:b9:19:05:45:6d:ef:de:35:f2:f8:58:c3:72:a1:
cd:71:b8:24:21:85:91:55:9b:c0:20:1a:9d:57:85:b4:67:40:
2c:b6:82:79:79:5c:8d:8c:2a:ea:2b:8a:0e:4a:90:b2:cc:a4:
1b:3c:70:76:2d:42:fc:9f:34:b8:3a:72:d3:b6:ff:95:66:4e:
db:ab:9f:1f:72:94:f2:95:2b:d4:3e:58:1f:f9:3c:84:f7:7b:
1d:34:48:e4:fe:db:55:24:4b:fd:aa:d8:db:e8:be:d4:06:c5:
0a:15:d9:82:6b:d2:78:e6:06:59:12:5e:3e:1a:e7:5c:97:e9:
23:0d:ef:d8
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUVJOnyZLbMlGzRuRQJ+cmFVgtwV8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMwODAwMDAxN1oX
DTI1MDQxMjIzNTk1OVowejFJMEcGA1UEBRNAMWNkNmE2Mzk2N2RhYmMxZjY1M2Rm
YmQ4OTdhN2I5ZmI4YzNmYTQyMTNkOGUyYWRmN2ZhNjZkOWQ2OGY2ZDY3MzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsacGGqrY2UXn2M+v6arrYUb894ok
6ktIUPixBXWHyvk84V/20VwlTJFPOaXfRWgE3cn387jzaL2l4nOmMza87xKxhSmZ
ApwUMlgGKAkJmhEiaunBU6ef7IKehkhHS5FCH+jURjBXRkoLktKosaLjtsqxjQgT
1Vw0b/MM/Ap5nZaF99O4l4meIrv1BgSsxZup9OgeS/kwhjW/wp21tHxV/x659XbG
coxlby0M77JlDyZ9fZKezfgRjTtMu3vf19irenYViUx1FRPGBGVkaP0Vay03wsXG
SoKcH7v00xZMrBqdai0lQchihQbrcIK+X4K9eQUA8qAanERbVffc9PUb1wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPFV2m16eZhYc/PTC30NQEFFIG3+MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzVlMmUyYTQ4LWE0YjUtNDk3YS05NzhkLTY4MzMwZTUzZGI5MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba7/AwDQYJKoZIhvcNAQELBQADggEBADVpq0V+jF/zC/PahmFu
LGJ3qb5qSDrxzdnwISedPQVcb4NaXqIZQr5GVtbD+X9b2k57qSsakW8KT/TJ+Aux
6PkWJEOT4Y5Q20BOtqLWqEBRLgtK0hHidyIKjVsOP6tLHqJQquRmV0vUSNYrtQc3
z0Iln2GCGn0Le8PZr67NOYkNRia5GQVFbe/eNfL4WMNyoc1xuCQhhZFVm8AgGp1X
hbRnQCy2gnl5XI2MKuorig5KkLLMpBs8cHYtQvyfNLg6ctO2/5VmTturnx9ylPKV
K9Q+WB/5PIT3ex00SOT+21UkS/2q2NvovtQGxQoV2YJr0njmBlkSXj4a51yX6SMN
79g=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:29:07 2025 by rpki-client