Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6111e375-8b37-46b7-8884-66a6b6c6fa47.roa
File: 6111e375-8b37-46b7-8884-66a6b6c6fa47.roa (raw, json)
Hash identifier: ZmHSjy2yDc8+WVun687b0FhLt07XNUP0J1pPPqLHrgk=
Subject key identifier: 91:D6:6C:A1:66:1D:E5:38:C5:5D:06:D5:86:50:4A:26:72:BE:FC:FD
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0A502BBD037AA0E917F76DDB4130A5E29A29CC96
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6111e375-8b37-46b7-8884-66a6b6c6fa47.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf0:4800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:50:2b:bd:03:7a:a0:e9:17:f7:6d:db:41:30:a5:e2:9a:29:cc:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:74:db:8a:a9:15:41:be:ea:33:3a:37:d5:22:
a9:8c:bb:75:10:0e:48:3a:5e:f9:d0:9a:1f:ea:6e:
21:42:0e:32:f5:22:74:a6:9b:ac:9b:8e:5c:a0:36:
c7:b2:7b:e1:da:9c:2f:5a:5c:59:68:bc:7c:40:80:
af:fa:1e:9b:c3:5b:58:9f:4f:2f:15:12:90:60:ff:
7a:ee:ef:c1:98:f3:58:ec:34:0a:6e:6b:d5:f5:60:
56:3a:c5:1a:e4:64:d2:97:ff:79:6a:d6:4a:80:b9:
17:6f:d9:c9:4d:ea:65:c3:a9:11:6d:34:fe:5c:37:
c8:f0:a7:76:7e:45:32:8a:f4:5c:2d:87:01:42:01:
14:34:27:e7:7b:9b:2f:8e:68:8f:2c:b5:17:94:21:
71:51:61:13:a2:bc:f2:07:87:9f:83:9b:58:ba:a9:
95:95:bd:28:b5:15:2b:5e:37:93:e3:d8:5c:e5:27:
d9:69:10:1f:22:89:f8:56:43:bf:e3:9b:94:90:58:
03:b4:b6:f9:91:5c:bf:84:4a:04:dd:44:92:67:dd:
3f:61:ff:60:b8:8d:1a:19:af:1c:fa:8c:e8:f3:8f:
47:24:71:95:4e:b5:40:d9:0a:79:f7:bc:23:ac:81:
2c:0b:5d:6c:a2:05:63:55:a3:a6:2c:1b:61:c5:fa:
2f:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:D6:6C:A1:66:1D:E5:38:C5:5D:06:D5:86:50:4A:26:72:BE:FC:FD
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6111e375-8b37-46b7-8884-66a6b6c6fa47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf0:4800::/40
Signature Algorithm: sha256WithRSAEncryption
20:64:19:7f:44:3b:92:b0:cf:26:0c:3d:8e:f3:3b:ae:45:8d:
f0:df:0b:ec:4c:97:fa:11:ea:df:dd:05:9e:43:3b:14:f2:9e:
3e:72:d0:8e:c4:06:67:47:32:b9:46:34:c6:21:6a:47:42:90:
3c:16:ef:0c:4f:df:0f:6d:db:c5:dc:46:96:f1:8c:13:4b:4e:
02:d6:fe:4c:5f:df:27:9b:79:30:1a:50:a7:f1:51:c0:64:22:
d5:53:6b:24:f3:b5:c0:6f:23:36:81:95:f4:5b:60:cf:e3:da:
e0:a8:27:0e:3e:e3:a4:b3:d2:50:ea:9a:9c:bc:cc:1b:8c:0f:
95:e4:19:9e:00:bc:09:24:51:f9:87:c4:dd:84:d5:1f:f3:a5:
13:ea:b0:70:f8:b3:04:29:88:30:c1:f4:d4:32:3a:b6:de:9b:
09:8a:36:60:45:8d:12:69:89:45:bb:a9:74:fd:fe:1b:d6:90:
9b:84:73:2e:ec:51:84:be:d0:39:f7:c2:de:5e:d7:76:5f:6f:
0d:79:fa:be:d3:c4:35:f0:26:4f:2a:af:1d:4f:b1:e5:a8:c0:
b0:68:88:de:80:53:35:3d:93:4d:6c:54:5e:a1:fc:96:8c:26:
c1:00:5e:86:15:db:88:64:7a:a9:a1:4f:ec:40:14:30:4f:3f:
c8:37:12:46
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUClArvQN6oOkX923bQTCl4popzJYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAZDJjN2Y2ODZhZWVhNDhhZTBkNzA5
OWIyMTczYTgyNTczZTcxMjg5ODE5NmZlMGY0N2Q1YmE1NDdmYzU3OWQ4MTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApnTbiqkVQb7qMzo31SKpjLt1EA5I
Ol750Jof6m4hQg4y9SJ0ppusm45coDbHsnvh2pwvWlxZaLx8QICv+h6bw1tYn08v
FRKQYP967u/BmPNY7DQKbmvV9WBWOsUa5GTSl/95atZKgLkXb9nJTeplw6kRbTT+
XDfI8Kd2fkUyivRcLYcBQgEUNCfne5svjmiPLLUXlCFxUWETorzyB4efg5tYuqmV
lb0otRUrXjeT49hc5SfZaRAfIon4VkO/45uUkFgDtLb5kVy/hEoE3USSZ90/Yf9g
uI0aGa8c+ozo849HJHGVTrVA2Qp597wjrIEsC11sogVjVaOmLBthxfov4QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJHWbKFmHeU4xV0G1YZQSiZyvvz9MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzYxMTFlMzc1LThiMzctNDZiNy04ODg0LTY2YTZiNmM2ZmE0Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8EgwDQYJKoZIhvcNAQELBQADggEBACBkGX9EO5KwzyYMPY7z
O65FjfDfC+xMl/oR6t/dBZ5DOxTynj5y0I7EBmdHMrlGNMYhakdCkDwW7wxP3w9t
28XcRpbxjBNLTgLW/kxf3yebeTAaUKfxUcBkItVTayTztcBvIzaBlfRbYM/j2uCo
Jw4+46Sz0lDqmpy8zBuMD5XkGZ4AvAkkUfmHxN2E1R/zpRPqsHD4swQpiDDB9NQy
OrbemwmKNmBFjRJpiUW7qXT9/hvWkJuEcy7sUYS+0Dn3wt5e13Zfbw15+r7TxDXw
Jk8qrx1PseWowLBoiN6AUzU9k01sVF6h/JaMJsEAXoYV24hkeqmhT+xAFDBPP8g3
EkY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:21 2025 by rpki-client