Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/70e55437-ce96-4bf3-8dd8-f983f03a928f.roa
File: 70e55437-ce96-4bf3-8dd8-f983f03a928f.roa (raw, json)
Hash identifier: Xx2Reo3Lir6pNZWzAfjPTQrpwRiG17PpY2PIEXCqTxQ=
Subject key identifier: 05:4E:0F:65:31:E5:39:D0:8A:C9:8E:A8:77:E7:1C:B0:7C:62:84:6E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4D33E60E7BCC707969C84D285C75E02F7D9E048D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/70e55437-ce96-4bf3-8dd8-f983f03a928f.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf1:2800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:33:e6:0e:7b:cc:70:79:69:c8:4d:28:5c:75:e0:2f:7d:9e:04:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:7b:85:df:c2:6b:2a:8b:a5:a4:ec:c4:0d:94:
df:e9:1b:99:d6:4c:51:a3:5d:0b:b7:e6:08:66:d8:
ad:32:bd:ae:8e:0f:f4:ff:2c:39:da:15:f6:6e:7c:
5c:fe:ff:e8:ba:23:ae:08:87:47:fe:8a:20:bc:17:
11:83:3f:6b:d4:6e:64:be:54:f4:e2:7c:86:53:ee:
f6:16:10:30:41:54:40:91:49:7d:cc:a4:44:28:c9:
4a:ce:b8:44:f5:b6:da:81:24:ff:a1:13:ca:76:32:
0a:3f:da:80:c9:87:d9:39:72:a4:b8:0e:92:59:dc:
cb:8b:79:52:2f:17:32:94:6d:04:70:30:a7:d5:6c:
1c:f2:36:b4:23:57:f2:f2:9c:96:11:c8:af:8f:28:
6c:9a:55:12:0d:f2:7e:ac:fd:e9:2c:c9:ee:15:74:
a5:5e:8c:4a:6f:8e:78:e7:d5:e4:78:d1:45:26:2a:
5f:56:35:b2:9a:da:7e:80:31:43:c3:e0:c5:81:74:
d7:92:65:15:ac:c3:ca:de:e0:a5:6d:c5:4d:02:d5:
10:24:bb:af:b2:88:b9:ee:19:89:9c:bb:78:a9:22:
09:28:8e:f2:c2:ef:2f:2c:71:ea:8b:2c:7c:0c:75:
b1:bb:36:ad:7b:75:e3:e4:45:55:90:e6:b6:bf:59:
cd:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:4E:0F:65:31:E5:39:D0:8A:C9:8E:A8:77:E7:1C:B0:7C:62:84:6E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/70e55437-ce96-4bf3-8dd8-f983f03a928f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf1:2800::/40
Signature Algorithm: sha256WithRSAEncryption
c0:47:4d:26:35:ba:74:9a:1a:13:aa:4b:4a:bc:c1:6c:2c:0b:
c3:31:b9:aa:29:58:d0:14:c0:1b:f0:ad:6e:18:d3:65:0e:4b:
8d:2a:83:0e:f1:56:cf:c7:f3:c5:e3:03:e2:a8:da:a6:50:1f:
da:f1:0c:84:dc:ff:0f:80:6a:bb:ed:96:6b:fe:69:92:e6:0a:
46:11:24:fb:35:08:69:21:98:f1:1c:d0:bf:04:7f:90:3d:6c:
31:b0:93:fb:eb:65:b7:7e:b9:69:a6:87:f8:30:fe:7e:44:b9:
77:6b:6d:eb:45:23:e3:1c:81:ca:b8:b8:55:25:e9:d7:d0:d0:
47:b4:70:41:f4:76:30:39:86:49:3e:27:5e:3e:4d:d7:0f:0b:
6f:20:5e:21:f3:6b:e1:5e:de:68:fa:7c:3b:6b:8e:7c:0f:ce:
91:7b:b6:24:c4:2f:cf:20:78:f3:a6:dd:43:da:20:7d:32:fd:
ce:b7:d8:21:0f:be:ba:ca:d1:e9:76:d8:cf:29:17:63:db:1f:
72:d3:24:72:3c:56:c2:c2:55:23:02:b7:59:60:e2:67:ee:b5:
c5:bd:98:b5:94:cd:ec:cb:8a:7a:64:25:ca:db:0d:02:76:13:
f8:22:0b:b1:7a:85:79:8e:d8:e0:3a:67:ee:74:85:f7:c9:26:
6c:7b:33:98
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUTTPmDnvMcHlpyE0oXHXgL32eBI0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAMTI2ZTQ4NzE0MDhiMGRiMTEwN2I4
N2RjNGRjOGY3Y2I4MDUwMGZmYjYxNjA1ODc3MmNlZmZkMDQwN2Q3NTFjOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvXuF38JrKoulpOzEDZTf6RuZ1kxR
o10Lt+YIZtitMr2ujg/0/yw52hX2bnxc/v/ouiOuCIdH/oogvBcRgz9r1G5kvlT0
4nyGU+72FhAwQVRAkUl9zKREKMlKzrhE9bbagST/oRPKdjIKP9qAyYfZOXKkuA6S
WdzLi3lSLxcylG0EcDCn1Wwc8ja0I1fy8pyWEcivjyhsmlUSDfJ+rP3pLMnuFXSl
XoxKb45459XkeNFFJipfVjWymtp+gDFDw+DFgXTXkmUVrMPK3uClbcVNAtUQJLuv
soi57hmJnLt4qSIJKI7ywu8vLHHqiyx8DHWxuzate3Xj5EVVkOa2v1nNfwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAVOD2Ux5TnQismOqHfnHLB8YoRuMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzcwZTU1NDM3LWNlOTYtNGJmMy04ZGQ4LWY5ODNmMDNhOTI4Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8SgwDQYJKoZIhvcNAQELBQADggEBAMBHTSY1unSaGhOqS0q8
wWwsC8MxuaopWNAUwBvwrW4Y02UOS40qgw7xVs/H88XjA+Ko2qZQH9rxDITc/w+A
arvtlmv+aZLmCkYRJPs1CGkhmPEc0L8Ef5A9bDGwk/vrZbd+uWmmh/gw/n5EuXdr
betFI+Mcgcq4uFUl6dfQ0Ee0cEH0djA5hkk+J14+TdcPC28gXiHza+Fe3mj6fDtr
jnwPzpF7tiTEL88gePOm3UPaIH0y/c632CEPvrrK0el22M8pF2PbH3LTJHI8VsLC
VSMCt1lg4mfutcW9mLWUzezLinpkJcrbDQJ2E/giC7F6hXmO2OA6Z+50hffJJmx7
M5g=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:00 2025 by rpki-client