Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/70933784-e712-42ef-a2e9-f2175b4ced03.roa
File: 70933784-e712-42ef-a2e9-f2175b4ced03.roa (raw, json)
Hash identifier: TWoqghc3nmJBYqtB6/HnlQ6aITJMjM3ebg4GUXoiqZg=
Subject key identifier: 34:6D:FE:70:92:FF:4E:39:D4:5F:74:EA:74:04:20:1C:3E:C7:09:62
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0F6F3308DE9A11E473002455ECD19DE3EF90FFB9
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/70933784-e712-42ef-a2e9-f2175b4ced03.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da19::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:6f:33:08:de:9a:11:e4:73:00:24:55:ec:d1:9d:e3:ef:90:ff:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:bc:83:73:da:a6:d7:eb:f5:fd:a8:93:91:f5:
4f:d3:1a:aa:fe:40:4d:fe:c4:46:90:48:a5:b0:9b:
2c:7b:ef:8b:ce:63:1e:cc:fc:ec:d8:42:62:c1:db:
0a:3d:85:7f:53:3e:06:a5:2e:37:f4:09:77:41:02:
ec:3a:1d:f8:fe:35:4c:0c:f6:49:6b:1f:38:66:98:
e4:78:82:fe:b7:25:de:0b:90:24:13:7c:98:8c:2e:
44:df:c9:41:72:c3:e3:d5:6c:99:5d:8b:92:49:10:
90:6c:4c:77:24:f4:11:e5:f7:c2:97:5c:13:ed:ac:
0b:1b:6c:b5:32:12:34:b7:c1:89:b8:27:9e:30:4e:
38:13:77:8f:ac:8f:96:21:62:bc:05:22:4b:08:f0:
db:18:78:b8:0b:56:0d:78:1b:b8:f2:03:fb:c8:ee:
56:1f:e5:8e:6f:12:d5:6f:41:d9:11:1f:ee:41:bb:
bd:77:cf:ff:72:a9:4e:9e:b4:ef:7d:60:2d:34:d3:
d1:7e:8f:e3:0c:cc:a6:58:cd:8a:8d:bd:d2:e1:60:
e6:ff:38:45:88:2b:86:0c:16:89:6f:2b:37:be:17:
b4:db:28:a8:50:ee:a7:3c:36:55:4c:d6:6e:a3:dc:
93:57:1a:a2:b4:01:a8:a2:4d:1e:2c:f6:c2:a9:08:
e0:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:6D:FE:70:92:FF:4E:39:D4:5F:74:EA:74:04:20:1C:3E:C7:09:62
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/70933784-e712-42ef-a2e9-f2175b4ced03.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da19::/36
Signature Algorithm: sha256WithRSAEncryption
70:3b:15:3b:29:9a:30:98:61:7a:40:2d:b5:03:a0:6f:35:1f:
a2:81:a5:c9:c8:44:e7:47:b2:24:e6:4a:83:d6:d4:e6:58:c0:
15:e1:5b:a7:d3:8a:6a:27:c8:42:c5:cb:aa:4e:b0:1d:69:5b:
0b:be:ed:57:a6:45:02:af:d4:99:dc:40:7d:e5:ff:12:d2:7f:
ad:91:1b:b7:c5:d2:97:36:0a:d1:95:d2:aa:22:6e:13:74:4b:
70:83:c2:ad:e2:e4:94:55:92:c4:c7:49:a3:a4:3d:07:33:d9:
a0:ff:a0:36:0d:fd:8f:65:71:82:20:41:79:c1:c4:97:f1:fd:
ab:fa:e7:03:60:74:41:b5:75:b3:1c:df:e5:2d:76:05:7b:55:
3f:c5:93:c8:0e:44:28:6d:77:67:1c:39:77:2b:ea:ed:a2:b2:
0b:5a:0d:47:59:48:c3:27:45:46:25:78:77:46:84:d1:d0:f4:
93:e6:ca:e7:ae:6b:f0:8f:3a:c7:cf:ae:4d:b0:24:0e:da:8b:
13:7a:5c:02:08:19:3a:26:26:ca:d6:08:91:90:7a:5f:aa:ad:
f1:74:35:49:e3:dc:e2:21:cb:3a:bb:75:49:8c:0d:62:87:e8:
78:eb:cd:57:18:90:6e:a9:dd:69:ff:71:af:50:82:32:e2:13:
71:b2:86:2f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUD28zCN6aEeRzACRV7NGd4++Q/7kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAMTdhOGUxOGNkYzZjYzk0YTBjZWMw
MTc4MTQ1OTUzM2MzN2ZlODZmYzZmNmUwMjk4NTM1Yzk3OTRkYTc5OTY4NDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsbyDc9qm1+v1/aiTkfVP0xqq/kBN
/sRGkEilsJsse++LzmMezPzs2EJiwdsKPYV/Uz4GpS439Al3QQLsOh34/jVMDPZJ
ax84ZpjkeIL+tyXeC5AkE3yYjC5E38lBcsPj1WyZXYuSSRCQbEx3JPQR5ffCl1wT
7awLG2y1MhI0t8GJuCeeME44E3ePrI+WIWK8BSJLCPDbGHi4C1YNeBu48gP7yO5W
H+WObxLVb0HZER/uQbu9d8//cqlOnrTvfWAtNNPRfo/jDMymWM2Kjb3S4WDm/zhF
iCuGDBaJbys3vhe02yioUO6nPDZVTNZuo9yTVxqitAGook0eLPbCqQjgPwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDRt/nCS/0451F906nQEIBw+xwliMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzcwOTMzNzg0LWU3MTItNDJlZi1hMmU5LWYyMTc1YjRjZWQwMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaGQAwDQYJKoZIhvcNAQELBQADggEBAHA7FTspmjCYYXpALbUD
oG81H6KBpcnIROdHsiTmSoPW1OZYwBXhW6fTimonyELFy6pOsB1pWwu+7VemRQKv
1JncQH3l/xLSf62RG7fF0pc2CtGV0qoibhN0S3CDwq3i5JRVksTHSaOkPQcz2aD/
oDYN/Y9lcYIgQXnBxJfx/av65wNgdEG1dbMc3+UtdgV7VT/Fk8gORChtd2ccOXcr
6u2isgtaDUdZSMMnRUYleHdGhNHQ9JPmyueua/CPOsfPrk2wJA7aixN6XAIIGTom
JsrWCJGQel+qrfF0NUnj3OIhyzq7dUmMDWKH6HjrzVcYkG6p3Wn/ca9QgjLiE3Gy
hi8=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:49:51 2025 by rpki-client