Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6347c501-49db-4824-84b7-42ef12c9b450.roa
File: 6347c501-49db-4824-84b7-42ef12c9b450.roa (raw, json)
Hash identifier: YrYNsudMEdFWpeRG3Rk+QYlWWCHwARCqVu1ZgHd0GsE=
Subject key identifier: 24:48:31:9F:4F:56:DB:4F:BE:DE:92:81:D4:9B:CF:82:1D:69:C8:DE
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 06D35DE23D00467F8D7A5AC2160C1FF3795EF215
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6347c501-49db-4824-84b7-42ef12c9b450.roa
Signing time: Wed 01 Jan 2025 00:00:00 +0000
ROA not before: Wed 01 Jan 2025 00:00:00 +0000
ROA not after: Wed 05 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafc:c800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:d3:5d:e2:3d:00:46:7f:8d:7a:5a:c2:16:0c:1f:f3:79:5e:f2:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Jan 1 00:00:00 2025 GMT
Not After : Feb 5 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:12:c4:53:8f:f1:4e:1b:c8:59:19:7d:73:38:
7f:7f:fe:10:78:1f:f9:12:2d:7a:15:09:d4:dd:f9:
79:10:4e:1b:9f:0f:2d:fb:ed:55:b3:96:0f:4d:a6:
33:88:ec:67:53:40:26:4c:6c:84:6e:e1:e6:96:e9:
ef:31:e7:ea:0e:18:f7:1c:af:28:22:02:8b:12:9a:
c2:56:92:b2:c5:a8:f7:04:96:e1:81:87:43:f5:85:
34:55:c5:c8:68:65:7e:b3:c4:2f:0c:aa:47:2d:fc:
b5:36:18:ee:99:12:8d:fd:ca:85:f3:e4:b0:4f:40:
81:fa:84:9c:5c:30:a9:70:82:28:32:2d:46:9c:df:
08:6a:b9:70:56:6b:a4:95:00:49:73:54:ce:aa:73:
7e:fd:b8:cc:ac:d0:0f:17:61:7c:9d:31:a8:38:22:
1f:34:df:9e:97:c3:99:89:4f:45:4f:89:ab:bd:8a:
3e:79:de:52:87:1b:df:01:59:31:19:15:63:03:6d:
7f:a4:b9:f7:db:9b:d1:1c:68:9a:59:20:b9:83:5d:
39:20:aa:43:9e:88:78:c7:0f:ba:4d:14:f0:98:16:
46:d9:6a:31:a9:20:2e:16:19:d8:6d:09:bb:25:17:
63:3f:d6:67:f9:dd:1f:a7:49:59:0a:05:f0:4c:6b:
06:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:48:31:9F:4F:56:DB:4F:BE:DE:92:81:D4:9B:CF:82:1D:69:C8:DE
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6347c501-49db-4824-84b7-42ef12c9b450.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafc:c800::/40
Signature Algorithm: sha256WithRSAEncryption
24:e0:13:55:8b:e7:f2:d7:55:f9:6b:fc:cb:a2:cc:2e:9c:22:
09:b7:49:43:65:2d:02:f0:3b:1d:a5:cc:5a:fc:b1:e3:1d:6e:
d2:26:15:d0:0a:1c:95:a2:67:f5:0e:66:e5:f6:8e:5a:6c:fe:
af:c4:0f:0c:0c:4d:71:28:1a:6e:3e:a1:ae:1c:a4:9c:18:31:
c2:92:55:bb:47:28:db:e5:03:68:25:bf:89:3b:1a:fd:2c:49:
12:03:38:76:c7:d5:51:92:b2:81:ff:18:b4:9d:47:dc:ce:36:
e1:77:67:8e:04:08:f2:f8:b2:69:01:de:dc:73:21:de:43:27:
bb:88:b9:29:b1:2d:5f:38:c5:ed:28:ae:90:ca:ad:ee:f5:27:
f3:eb:3e:b3:b0:8f:36:e2:28:c7:0e:54:8d:c2:00:41:e8:91:
d7:d1:39:8a:b7:9a:8b:9f:7e:00:b8:70:0f:f8:cc:bc:b2:3d:
ad:49:29:88:53:6c:99:c4:9d:3c:ca:e1:9c:0e:ce:2b:9a:a2:
19:84:69:b8:0c:96:b6:91:b1:6f:ee:bd:bb:1f:4e:0a:a5:a7:
7c:61:a7:17:76:bd:42:39:db:a5:bb:a5:15:29:cd:08:ce:91:
78:6e:3e:27:4c:3e:23:06:e8:40:a2:fa:b7:4e:1b:83:51:82:
06:d7:25:7d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUBtNd4j0ARn+NelrCFgwf83le8hUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwMTAwMDAwMFoX
DTI1MDIwNTIzNTk1OVowejFJMEcGA1UEBRNAMGZjMmI0Y2ZkNGU4YmY3MWQ2OTE2
N2M4YmYxNWUyOTBlNzQwODYyZmQ4NzVkYjIwMmFjMjMwNDc0ODY0NWRlMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoxLEU4/xThvIWRl9czh/f/4QeB/5
Ei16FQnU3fl5EE4bnw8t++1Vs5YPTaYziOxnU0AmTGyEbuHmlunvMefqDhj3HK8o
IgKLEprCVpKyxaj3BJbhgYdD9YU0VcXIaGV+s8QvDKpHLfy1NhjumRKN/cqF8+Sw
T0CB+oScXDCpcIIoMi1GnN8IarlwVmuklQBJc1TOqnN+/bjMrNAPF2F8nTGoOCIf
NN+el8OZiU9FT4mrvYo+ed5ShxvfAVkxGRVjA21/pLn325vRHGiaWSC5g105IKpD
noh4xw+6TRTwmBZG2WoxqSAuFhnYbQm7JRdjP9Zn+d0fp0lZCgXwTGsGuQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCRIMZ9PVttPvt6SgdSbz4IdacjeMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzYzNDdjNTAxLTQ5ZGItNDgyNC04NGI3LTQyZWYxMmM5YjQ1MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/MgwDQYJKoZIhvcNAQELBQADggEBACTgE1WL5/LXVflr/Mui
zC6cIgm3SUNlLQLwOx2lzFr8seMdbtImFdAKHJWiZ/UOZuX2jlps/q/EDwwMTXEo
Gm4+oa4cpJwYMcKSVbtHKNvlA2glv4k7Gv0sSRIDOHbH1VGSsoH/GLSdR9zONuF3
Z44ECPL4smkB3txzId5DJ7uIuSmxLV84xe0orpDKre71J/PrPrOwjzbiKMcOVI3C
AEHokdfROYq3mouffgC4cA/4zLyyPa1JKYhTbJnEnTzK4ZwOziuaohmEabgMlraR
sW/uvbsfTgqlp3xhpxd2vUI526W7pRUpzQjOkXhuPidMPiMG6ECi+rdOG4NRggbX
JX0=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:12:29 2025 by rpki-client