Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/73a866d8-ff00-4acb-b036-c9dab4d498e7.roa
File: 73a866d8-ff00-4acb-b036-c9dab4d498e7.roa (raw, json)
Hash identifier: 8jOzk61zHt37OkQW4xPNmlRK5g06gg0IphmtmtQuSy8=
Subject key identifier: 91:C3:82:F3:77:61:A9:95:52:DE:DC:75:AC:FE:56:1A:7B:00:AC:6C
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 34742486286C1135B197829A9065607A7379DEFD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/73a866d8-ff00-4acb-b036-c9dab4d498e7.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da36:8800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:74:24:86:28:6c:11:35:b1:97:82:9a:90:65:60:7a:73:79:de:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:ab:51:c6:79:65:6f:c4:85:5c:f9:da:67:e6:
d2:b8:b8:86:b0:6e:55:0c:a3:de:a3:68:a6:e7:c1:
11:ca:ec:2d:18:45:b1:14:41:b9:b8:49:48:a3:d4:
2b:63:4f:77:98:eb:00:f2:9c:22:47:c7:25:f2:41:
c6:2b:dd:a7:c8:11:1c:2a:67:7e:4a:ed:13:d1:05:
ad:9a:a2:16:13:20:2a:ae:cd:d7:f9:96:a5:7e:85:
68:3b:fe:1a:91:20:8e:ab:93:19:0d:6e:18:d4:8d:
3e:27:1d:c6:ef:66:0d:86:be:8a:96:dd:85:84:51:
5c:5b:69:40:0a:6a:e0:ec:88:39:b4:73:14:a6:f6:
ea:fe:d6:cd:a9:df:bb:66:d2:5c:cc:66:38:bc:ce:
07:02:13:d0:6f:ed:96:8c:16:f5:3f:69:92:d1:45:
f7:3d:77:3f:75:4a:61:45:b5:3e:48:b5:10:88:54:
54:98:6c:7d:dd:c4:ef:83:bf:65:60:1e:ec:ab:cc:
a3:f4:39:4b:6e:84:f0:aa:ed:8d:bc:02:55:17:65:
d6:02:a8:8f:12:00:92:6d:f4:de:8a:da:29:f8:df:
ab:e6:d5:d1:be:7f:d8:ac:61:41:b3:87:44:cc:8d:
ca:05:42:33:8a:9d:a7:94:9f:c3:9e:cf:24:2d:32:
08:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:C3:82:F3:77:61:A9:95:52:DE:DC:75:AC:FE:56:1A:7B:00:AC:6C
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/73a866d8-ff00-4acb-b036-c9dab4d498e7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da36:8800::/40
Signature Algorithm: sha256WithRSAEncryption
5b:eb:67:75:88:42:ac:3e:64:5f:03:42:97:40:19:b8:fd:30:
18:c1:79:46:f0:b7:18:6c:cd:12:c0:cb:01:c3:c5:d3:0c:db:
a4:f0:9f:5d:6a:03:8a:ae:c4:b8:43:7a:eb:96:94:40:a4:da:
d2:07:fa:22:28:37:fa:5b:38:5c:d8:bd:ed:fd:94:24:2d:26:
b6:e0:75:cb:4e:31:42:15:24:78:cd:ff:92:28:2a:6c:da:81:
87:04:5e:5e:0e:0a:59:1c:a7:74:26:eb:1d:a7:d5:9c:d3:c0:
66:df:30:74:32:c4:60:57:83:3b:c9:e8:bc:c1:aa:31:e9:3d:
8d:00:35:9b:ef:06:f7:1b:91:df:68:97:d7:39:fb:ac:bb:72:
17:c5:3c:7e:72:75:06:58:87:ec:aa:0d:7c:a3:2a:e8:af:46:
95:ce:68:8c:4d:d5:ca:5e:09:1b:9f:f1:cb:9e:11:61:72:7b:
83:29:d2:94:8f:61:c6:2e:16:ee:28:c1:e6:b1:da:ba:e8:c7:
40:39:17:71:32:eb:25:5e:b0:ff:f2:be:9a:12:62:05:cd:94:
5c:de:20:1e:4b:f9:cb:9c:43:b0:e4:c1:60:67:4a:86:96:4d:
23:e3:e4:06:a9:43:e4:08:75:c8:72:0c:cb:db:39:33:9b:ae:
3f:a1:0b:5b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUNHQkhihsETWxl4KakGVgenN53v0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAYmFmOWIyYTc2OWRlYmMyZWY4N2E5
NmY1ODA0YzViN2M5Zjg5OTg5N2JhYzcyOGRhMWM2NWRmNTI3NTg4YmRhYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2KtRxnllb8SFXPnaZ+bSuLiGsG5V
DKPeo2im58ERyuwtGEWxFEG5uElIo9QrY093mOsA8pwiR8cl8kHGK92nyBEcKmd+
Su0T0QWtmqIWEyAqrs3X+ZalfoVoO/4akSCOq5MZDW4Y1I0+Jx3G72YNhr6Klt2F
hFFcW2lACmrg7Ig5tHMUpvbq/tbNqd+7ZtJczGY4vM4HAhPQb+2WjBb1P2mS0UX3
PXc/dUphRbU+SLUQiFRUmGx93cTvg79lYB7sq8yj9DlLboTwqu2NvAJVF2XWAqiP
EgCSbfTeitop+N+r5tXRvn/YrGFBs4dEzI3KBUIzip2nlJ/Dns8kLTIIGwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJHDgvN3YamVUt7cdaz+Vhp7AKxsMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzczYTg2NmQ4LWZmMDAtNGFjYi1iMDM2LWM5ZGFiNGQ0OThlNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaNogwDQYJKoZIhvcNAQELBQADggEBAFvrZ3WIQqw+ZF8DQpdA
Gbj9MBjBeUbwtxhszRLAywHDxdMM26Twn11qA4quxLhDeuuWlECk2tIH+iIoN/pb
OFzYve39lCQtJrbgdctOMUIVJHjN/5IoKmzagYcEXl4OClkcp3Qm6x2n1ZzTwGbf
MHQyxGBXgzvJ6LzBqjHpPY0ANZvvBvcbkd9ol9c5+6y7chfFPH5ydQZYh+yqDXyj
KuivRpXOaIxN1cpeCRuf8cueEWFye4Mp0pSPYcYuFu4oweax2rrox0A5F3Ey6yVe
sP/yvpoSYgXNlFzeIB5L+cucQ7DkwWBnSoaWTSPj5AapQ+QIdchyDMvbOTObrj+h
C1s=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:09:33 2025 by rpki-client