Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/60bdc157-596d-496e-bdbc-bada0f6826ad.roa
File: 60bdc157-596d-496e-bdbc-bada0f6826ad.roa (raw, json)
Hash identifier: fM6eWVT1mezK1VIuV/N2zVrMECDcWoUpFXelN/Q10O8=
Subject key identifier: 54:FE:25:B4:1D:CC:C4:DB:BC:D1:6A:48:32:CD:92:76:21:33:70:FE
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 30DF08B625CA7A0D7D42ECD8265280DB858F8DC3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/60bdc157-596d-496e-bdbc-bada0f6826ad.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafc:a000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:df:08:b6:25:ca:7a:0d:7d:42:ec:d8:26:52:80:db:85:8f:8d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:66:3e:5f:e2:a8:60:d1:43:9d:53:43:22:ac:
8b:d3:f5:e5:15:7d:99:28:c4:a0:ff:37:c2:d4:88:
3f:0e:3b:c4:39:53:f3:b8:33:35:c3:f5:ba:55:54:
e5:ce:8c:92:16:b1:1f:90:e7:1f:28:6e:a1:c1:e0:
c5:5f:f6:58:a0:3d:92:51:b2:35:54:5a:e8:c5:2b:
ae:ef:8d:e6:0d:da:81:c8:2e:9d:82:5d:61:72:af:
60:0d:0f:49:91:7d:82:f9:73:95:b8:3c:ee:7a:5b:
ec:87:f6:2a:f5:ff:9d:15:d6:8e:f4:c4:b2:7f:66:
5e:03:89:8c:b4:48:ae:c3:fb:6d:20:6b:52:8c:06:
43:64:93:21:f3:db:93:de:8d:60:0e:b0:9c:5e:b4:
b5:ab:21:0e:90:25:c3:8f:8e:8e:45:03:79:f1:d0:
98:c8:c6:3f:c0:b5:56:b3:96:67:96:86:c8:06:48:
23:25:09:3f:57:67:16:e3:33:e3:52:4c:7c:13:b2:
f9:be:1b:19:f6:62:a1:21:60:ed:3e:6d:0c:e4:9d:
af:6e:fe:5c:87:9d:ca:6a:77:3e:e9:99:bf:fb:4b:
3d:29:8f:d4:cd:6d:df:c9:00:b0:26:86:eb:4d:ab:
ef:17:09:b0:4b:5c:3d:c3:6d:8d:bd:b2:05:52:2a:
ef:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:FE:25:B4:1D:CC:C4:DB:BC:D1:6A:48:32:CD:92:76:21:33:70:FE
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/60bdc157-596d-496e-bdbc-bada0f6826ad.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafc:a000::/40
Signature Algorithm: sha256WithRSAEncryption
38:9b:a6:98:a4:7d:92:74:15:26:12:0f:d9:b4:23:7b:61:16:
a2:f0:4e:00:04:2d:93:76:dc:5c:ed:85:54:9a:43:7c:8a:04:
69:82:e5:e4:ad:45:11:5b:62:81:11:b9:58:db:bc:0a:6b:bd:
6b:ca:61:69:c2:22:21:36:9a:23:11:f0:e5:df:eb:9f:e5:37:
45:9b:cd:9b:5a:63:37:a4:3c:15:31:ca:c4:82:00:4f:31:70:
1e:5a:68:84:20:c4:2e:e1:20:32:2e:c2:f6:c9:a4:be:c8:9e:
b8:77:93:37:13:4c:e7:87:99:19:51:52:6d:c4:c2:3d:06:e8:
34:14:6a:5c:42:ff:47:5a:b3:6f:bd:08:ac:61:2a:89:81:7c:
77:7e:9b:63:3e:be:eb:76:12:85:e6:ff:b9:b4:93:f3:e7:ea:
0c:8e:c1:fc:4e:e5:7e:18:b2:d7:d5:02:5f:5e:38:00:c5:50:
21:96:11:97:9b:09:e8:f5:1f:2e:3e:27:de:99:df:6a:8d:f0:
d4:60:a7:c2:88:b5:b1:c8:0a:8f:b8:54:95:ef:75:d9:50:d2:
80:74:45:db:7f:62:3a:8a:42:e1:ab:90:62:f6:48:cb:7b:64:
89:2c:73:76:83:87:49:fb:b8:62:74:17:38:e2:c5:1f:b3:32:
a3:a0:25:b6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUMN8ItiXKeg19QuzYJlKA24WPjcMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAMmM2YzQ0MjI1ZjQ5Yzg2OWQzYjU0
NDIwNzQ0MWM5ODNjMzZkMTgwZmViYTdjZWVmY2NlMzQwYTliNmIzMjc5ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8mY+X+KoYNFDnVNDIqyL0/XlFX2Z
KMSg/zfC1Ig/DjvEOVPzuDM1w/W6VVTlzoySFrEfkOcfKG6hweDFX/ZYoD2SUbI1
VFroxSuu743mDdqByC6dgl1hcq9gDQ9JkX2C+XOVuDzuelvsh/Yq9f+dFdaO9MSy
f2ZeA4mMtEiuw/ttIGtSjAZDZJMh89uT3o1gDrCcXrS1qyEOkCXDj46ORQN58dCY
yMY/wLVWs5ZnlobIBkgjJQk/V2cW4zPjUkx8E7L5vhsZ9mKhIWDtPm0M5J2vbv5c
h53Kanc+6Zm/+0s9KY/UzW3fyQCwJobrTavvFwmwS1w9w22NvbIFUirvvQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFT+JbQdzMTbvNFqSDLNknYhM3D+MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzYwYmRjMTU3LTU5NmQtNDk2ZS1iZGJjLWJhZGEwZjY4MjZhZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/KAwDQYJKoZIhvcNAQELBQADggEBADibppikfZJ0FSYSD9m0
I3thFqLwTgAELZN23FzthVSaQ3yKBGmC5eStRRFbYoERuVjbvAprvWvKYWnCIiE2
miMR8OXf65/lN0WbzZtaYzekPBUxysSCAE8xcB5aaIQgxC7hIDIuwvbJpL7Inrh3
kzcTTOeHmRlRUm3Ewj0G6DQUalxC/0das2+9CKxhKomBfHd+m2M+vut2EoXm/7m0
k/Pn6gyOwfxO5X4YstfVAl9eOADFUCGWEZebCej1Hy4+J96Z32qN8NRgp8KItbHI
Co+4VJXvddlQ0oB0Rdt/YjqKQuGrkGL2SMt7ZIksc3aDh0n7uGJ0FzjixR+zMqOg
JbY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:58 2025 by rpki-client