Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6f721af0-1647-4840-9982-a0cc396f0f0a.roa
File: 6f721af0-1647-4840-9982-a0cc396f0f0a.roa (raw, json)
Hash identifier: 5dmBg+x5mbtgoYXv1rU48Onv03+FVuBK0xbZaKxCsmo=
Subject key identifier: 47:FE:FA:9C:30:13:8E:BE:AA:B7:EB:4C:D4:36:DF:34:A2:6C:57:59
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 61675A7D718AFAEA70C517ECDB0AA6B4472CDF74
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6f721af0-1647-4840-9982-a0cc396f0f0a.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da36:2800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:67:5a:7d:71:8a:fa:ea:70:c5:17:ec:db:0a:a6:b4:47:2c:df:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:bc:a8:c9:dd:50:f0:5c:8a:a4:d2:37:19:af:
44:dd:f5:b0:99:d2:c4:44:00:1d:34:20:4c:7a:e1:
cf:ef:a0:7d:a3:87:f0:5f:9d:78:78:80:2b:79:84:
93:97:aa:80:4d:90:50:a1:1c:4e:55:a9:16:a0:bc:
ee:d2:6e:41:98:eb:df:bf:12:25:c7:38:e0:61:8c:
b6:3e:8e:d4:d1:c4:aa:51:7c:d4:8d:73:58:c5:9a:
db:90:92:0a:44:c6:16:49:58:f3:9d:db:0f:7f:b5:
13:f3:97:ab:ae:10:dd:e2:2f:0f:9b:25:0b:28:f1:
a0:5c:29:69:8f:5d:97:77:08:d7:12:74:fe:d7:50:
82:ab:8c:6a:c8:02:fa:22:05:6c:d8:dd:9a:cd:31:
a5:99:33:2b:a5:81:4a:06:22:46:87:a4:a2:d3:82:
fb:48:c1:c9:b2:d9:31:d7:9d:f0:b2:35:f4:ce:6c:
d7:33:50:39:77:26:3b:25:ca:06:e3:8c:5a:cc:39:
b7:69:d0:d0:89:c9:9a:7c:cc:aa:2e:ac:ff:8d:a9:
dc:24:6b:73:8f:10:cf:46:97:a5:58:be:b2:44:b4:
49:ec:1d:0b:13:e7:62:3f:7c:d9:68:bc:62:a4:09:
2b:b6:25:33:52:cd:55:90:c6:0a:eb:46:d0:6d:6c:
a6:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:FE:FA:9C:30:13:8E:BE:AA:B7:EB:4C:D4:36:DF:34:A2:6C:57:59
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6f721af0-1647-4840-9982-a0cc396f0f0a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da36:2800::/40
Signature Algorithm: sha256WithRSAEncryption
90:f8:d2:16:8b:be:f0:59:bb:68:6d:a3:20:5e:4b:92:41:58:
c5:f9:8d:ca:2c:1b:cf:a1:74:f9:4b:72:1f:a1:23:a0:b8:54:
e0:0f:58:08:08:d6:c6:b7:ae:92:77:d3:e4:0d:3f:33:d4:4e:
1f:04:f1:c8:2e:e1:b5:91:dc:0d:4b:48:55:cb:f8:66:be:f3:
c2:8e:1e:98:ba:c4:73:5d:a1:ec:b6:00:ee:be:45:8b:c7:ec:
41:b1:eb:d2:7d:27:1b:a2:89:9c:fe:80:11:d2:bd:7f:c7:64:
2f:03:57:8a:0b:7b:b7:3d:dd:4a:57:fc:b4:6a:de:81:e1:12:
f6:b9:e8:f0:a5:d2:f2:11:79:76:95:41:07:e2:67:91:c9:4b:
c5:5c:6f:06:d2:68:33:33:00:bc:fc:de:93:34:e9:41:84:10:
5d:44:82:65:68:c4:30:ed:1d:7a:4b:64:e8:a2:b4:fc:a5:f6:
ad:2b:9e:ad:ef:af:92:43:c0:80:2f:e5:e8:21:da:17:43:92:
2e:c3:fe:09:0e:a1:40:bc:3e:2e:ca:fe:5e:86:3b:a2:5e:d4:
96:e4:91:70:ad:ce:b4:6a:05:36:e9:f2:72:d4:89:64:8d:f2:
2c:5d:f0:d9:d5:48:74:42:9c:df:ec:b3:6c:97:be:fe:e4:11:
5b:94:ca:ab
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUYWdafXGK+upwxRfs2wqmtEcs33QwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAYjZjZmNiNDY0NDkwMWFhZDc2ODU4
ZWE1NWU4NTJkYTZmZTU2ZGE3MjlkOWNiMjM2ZjYzMzRmNmE4N2VjYTc5MTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoryoyd1Q8FyKpNI3Ga9E3fWwmdLE
RAAdNCBMeuHP76B9o4fwX514eIAreYSTl6qATZBQoRxOVakWoLzu0m5BmOvfvxIl
xzjgYYy2Po7U0cSqUXzUjXNYxZrbkJIKRMYWSVjzndsPf7UT85errhDd4i8PmyUL
KPGgXClpj12XdwjXEnT+11CCq4xqyAL6IgVs2N2azTGlmTMrpYFKBiJGh6Si04L7
SMHJstkx153wsjX0zmzXM1A5dyY7JcoG44xazDm3adDQicmafMyqLqz/jancJGtz
jxDPRpelWL6yRLRJ7B0LE+diP3zZaLxipAkrtiUzUs1VkMYK60bQbWymswIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEf++pwwE46+qrfrTNQ23zSibFdZMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzZmNzIxYWYwLTE2NDctNDg0MC05OTgyLWEwY2MzOTZmMGYwYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaNigwDQYJKoZIhvcNAQELBQADggEBAJD40haLvvBZu2htoyBe
S5JBWMX5jcosG8+hdPlLch+hI6C4VOAPWAgI1sa3rpJ30+QNPzPUTh8E8cgu4bWR
3A1LSFXL+Ga+88KOHpi6xHNdoey2AO6+RYvH7EGx69J9JxuiiZz+gBHSvX/HZC8D
V4oLe7c93UpX/LRq3oHhEva56PCl0vIReXaVQQfiZ5HJS8VcbwbSaDMzALz83pM0
6UGEEF1EgmVoxDDtHXpLZOiitPyl9q0rnq3vr5JDwIAv5egh2hdDki7D/gkOoUC8
Pi7K/l6GO6Je1JbkkXCtzrRqBTbp8nLUiWSN8ixd8NnVSHRCnN/ss2yXvv7kEVuU
yqs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:57 2025 by rpki-client