Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67271318-4a3b-4256-a685-4530831f03f1.roa
File: 67271318-4a3b-4256-a685-4530831f03f1.roa (raw, json)
Hash identifier: 3fm4Z/72U2ueO3E9GXDgVnVkmeQH/s/aQlLUE71TTnQ=
Subject key identifier: E6:A5:78:22:3E:72:37:5F:05:C9:92:97:BA:67:D6:ED:7A:28:37:62
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 74E264C74ABAE3C00E6825D6553C6CF5F3004F56
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67271318-4a3b-4256-a685-4530831f03f1.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:c800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
74:e2:64:c7:4a:ba:e3:c0:0e:68:25:d6:55:3c:6c:f5:f3:00:4f:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:8d:70:4e:78:bf:6d:3c:8e:35:e2:12:76:d1:
2c:f2:d5:f8:e4:14:35:16:9f:3c:7b:25:a9:25:ec:
86:b6:01:34:21:6f:30:15:35:54:1e:e0:a5:cc:67:
4b:a4:b2:4a:20:52:a0:b1:2f:79:49:72:4d:cf:e6:
ad:22:e2:95:50:3b:12:66:27:b9:a0:0c:fb:80:87:
6f:ae:1f:14:64:4c:65:a5:a0:30:b2:64:d4:02:d0:
e0:26:2d:ff:35:c0:e3:b1:06:bb:29:d6:36:d8:23:
c7:ac:65:2e:b2:4b:81:f1:88:9b:4c:3b:38:9e:08:
2d:3e:a8:38:bb:e7:8b:4e:de:44:05:20:72:07:06:
5e:f1:a5:5b:24:7d:b4:ae:d4:e7:23:a4:72:56:27:
71:ee:23:b7:0d:13:19:33:4f:d5:20:af:15:a7:35:
92:a8:89:b1:c1:b5:68:05:77:bf:4e:e6:e6:23:d9:
91:02:7b:ed:7a:d0:d8:0a:bd:1c:e6:da:92:a9:d5:
51:b5:3d:c0:2b:86:b1:98:33:f6:36:69:60:86:b6:
28:83:f1:ca:d4:39:5a:5e:6b:4c:09:e0:40:5d:c4:
58:6d:29:d0:b7:21:c9:3a:5a:63:5b:3c:06:f9:6e:
94:0b:d2:19:3b:cc:ad:d1:76:2e:bd:c5:41:75:5f:
f2:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:A5:78:22:3E:72:37:5F:05:C9:92:97:BA:67:D6:ED:7A:28:37:62
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/67271318-4a3b-4256-a685-4530831f03f1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:c800::/40
Signature Algorithm: sha256WithRSAEncryption
a3:6c:af:26:e2:6a:e5:3f:fb:13:54:b4:5a:ca:08:f6:c3:a1:
f7:10:f0:5f:81:27:d1:c1:72:99:a9:ab:eb:59:18:78:ff:a8:
03:92:14:2d:d8:2c:f7:dd:99:98:e5:b1:1b:14:dd:89:ae:fd:
36:4c:37:ca:74:a1:7d:45:87:d3:be:7a:0e:58:62:ef:f1:f8:
bc:89:9a:33:1a:74:7f:2b:1c:e4:67:ee:2c:f5:67:20:97:4f:
e5:12:cd:e9:35:96:41:11:82:5c:6a:d5:87:99:35:8c:ee:33:
3d:b1:c9:aa:5f:f1:75:21:ce:a2:08:dc:1b:d0:78:31:37:8e:
88:9b:ab:88:bc:b4:fc:fd:be:52:95:ce:c9:d9:35:9f:39:2d:
d8:11:eb:0a:da:eb:ac:f1:38:9e:74:b6:31:c4:bd:30:67:bc:
36:51:79:5d:45:c3:f3:ef:d5:b6:09:8e:8b:fa:d5:7d:d0:d9:
47:63:78:9c:38:d9:e1:79:9e:ac:54:58:93:9a:04:39:35:28:
e7:73:95:2f:4d:2e:42:4f:99:9c:7d:57:e2:6b:c0:87:58:84:
c2:d0:99:db:65:87:7d:92:35:ef:85:29:b1:51:ef:a5:fe:7e:
42:e5:c6:74:65:a1:b5:5a:2b:4c:a7:a1:a2:95:df:9f:68:d2:
91:f8:b0:a4
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUdOJkx0q648AOaCXWVTxs9fMAT1YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIzMTAwMDAwMFoX
DTI1MDIwNDIzNTk1OVowejFJMEcGA1UEBRNANGJlYmM5Njk3NjM4NTJjMzMzNGY2
YzIxNjA3ODkzYmMwMDY2M2QzNzRmYWE0OWE3Y2FkODExZGY5ODE2ZWFlMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxI1wTni/bTyONeISdtEs8tX45BQ1
Fp88eyWpJeyGtgE0IW8wFTVUHuClzGdLpLJKIFKgsS95SXJNz+atIuKVUDsSZie5
oAz7gIdvrh8UZExlpaAwsmTUAtDgJi3/NcDjsQa7KdY22CPHrGUuskuB8YibTDs4
nggtPqg4u+eLTt5EBSByBwZe8aVbJH20rtTnI6RyVidx7iO3DRMZM0/VIK8VpzWS
qImxwbVoBXe/TubmI9mRAnvtetDYCr0c5tqSqdVRtT3AK4axmDP2NmlghrYog/HK
1DlaXmtMCeBAXcRYbSnQtyHJOlpjWzwG+W6UC9IZO8yt0XYuvcVBdV/yLwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOaleCI+cjdfBcmSl7pn1u16KDdiMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzY3MjcxMzE4LTRhM2ItNDI1Ni1hNjg1LTQ1MzA4MzFmMDNmMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+8gwDQYJKoZIhvcNAQELBQADggEBAKNsrybiauU/+xNUtFrK
CPbDofcQ8F+BJ9HBcpmpq+tZGHj/qAOSFC3YLPfdmZjlsRsU3Ymu/TZMN8p0oX1F
h9O+eg5YYu/x+LyJmjMadH8rHORn7iz1ZyCXT+USzek1lkERglxq1YeZNYzuMz2x
yapf8XUhzqII3BvQeDE3joibq4i8tPz9vlKVzsnZNZ85LdgR6wra66zxOJ50tjHE
vTBnvDZReV1Fw/Pv1bYJjov61X3Q2UdjeJw42eF5nqxUWJOaBDk1KOdzlS9NLkJP
mZx9V+JrwIdYhMLQmdtlh32SNe+FKbFR76X+fkLlxnRlobVaK0ynoaKV359o0pH4
sKQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:19:53 2025 by rpki-client