Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75f54745-192b-433a-abc8-ed20883dd866.roa
File: 75f54745-192b-433a-abc8-ed20883dd866.roa (raw, json)
Hash identifier: av61gHLM0BXt974YaygHjJmlS1c9Ki5USNOwILdlIz0=
Subject key identifier: 2F:D0:C1:61:1E:F5:AE:4C:7C:E8:33:12:F1:45:2F:F6:82:D7:8A:C5
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 42BEACD2A056DDF569A926F847F40B956AFF98C1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75f54745-192b-433a-abc8-ed20883dd866.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:7000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:be:ac:d2:a0:56:dd:f5:69:a9:26:f8:47:f4:0b:95:6a:ff:98:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:37:ca:2c:b0:7b:9c:c6:a6:ba:4d:36:ee:4e:
69:9d:3f:d9:24:0b:9c:01:cc:28:77:10:a5:fb:0d:
c5:c2:6a:89:ae:ed:ad:cc:39:cb:ff:7b:43:71:90:
50:b3:43:f4:a2:a6:0c:ef:5d:9e:36:c7:5a:5b:cb:
e3:39:b7:98:4c:b5:d4:fb:f5:8c:3b:60:60:cf:74:
39:f2:6e:fe:32:19:0d:49:c8:be:6e:6f:16:ae:7d:
eb:52:09:87:75:f0:20:7f:35:07:a2:0f:cc:92:a1:
f8:58:ec:92:47:01:27:e0:0e:35:8f:54:a2:46:22:
27:24:3d:4d:fd:ff:3f:07:a0:a3:4c:f4:ba:70:71:
d8:3f:1b:9d:fc:b0:1e:a4:46:57:3f:34:de:0c:a9:
52:9e:c9:84:d8:d8:b8:05:a2:cc:03:5a:eb:45:0f:
ef:cd:ed:e0:e5:bc:b6:76:be:82:06:f3:97:4a:32:
98:57:75:34:45:9b:fb:3a:f7:e5:b1:ce:e6:c9:a4:
9f:5b:4b:71:91:14:af:c8:12:9d:ef:d8:8e:6b:7e:
2f:c6:4b:2b:65:27:2c:54:c3:91:95:cc:44:c7:89:
ac:14:d5:5b:4c:f0:e1:54:9e:2d:a6:72:a9:a7:88:
e2:89:7f:74:bc:5e:8e:28:ff:2b:94:a8:39:10:94:
8e:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D0:C1:61:1E:F5:AE:4C:7C:E8:33:12:F1:45:2F:F6:82:D7:8A:C5
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/75f54745-192b-433a-abc8-ed20883dd866.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:7000::/40
Signature Algorithm: sha256WithRSAEncryption
04:a0:96:3e:80:1e:90:50:8e:0e:92:4b:1e:a4:e6:82:60:e5:
5f:70:6a:0c:6a:13:4f:bf:09:45:7c:71:bb:08:c5:f2:cc:62:
ac:e1:90:c6:6c:c6:c6:30:2f:0c:ba:f0:9e:0f:fd:ee:74:bb:
24:1f:0b:29:24:e9:3e:8d:49:37:e2:87:34:79:f6:01:a1:9b:
76:a9:ca:1e:c9:e5:7d:5c:2b:64:41:a3:ae:f1:f3:ef:4f:0b:
c8:88:cf:8d:e9:8a:8c:f9:cd:89:9c:4f:66:b6:f3:42:05:29:
12:3f:26:6f:56:98:53:8d:ca:01:d3:eb:fa:19:51:b8:3a:b5:
5a:5b:70:c5:2d:d6:be:a4:e9:25:1f:cb:9b:83:ae:ad:dc:9a:
c0:67:ce:4e:f7:1a:ae:cf:73:06:e4:30:fa:2a:b2:fb:93:b0:
e6:10:b2:9d:15:5a:0f:36:2b:8c:0c:e8:dd:dd:bb:b6:5c:c0:
ed:12:31:b0:36:d0:b0:b7:ec:44:89:22:9e:9a:55:7f:2d:2a:
a3:9e:80:b5:a7:e0:72:81:28:1e:52:7c:af:e7:45:b8:c6:e3:
b7:97:74:56:38:15:53:03:22:bc:42:6e:d2:d9:b5:28:e5:ed:
3a:21:8d:96:fb:25:3c:9e:9d:ac:08:28:05:da:dd:fb:3e:b9:
96:3f:a1:3b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUQr6s0qBW3fVpqSb4R/QLlWr/mMEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNANDFlNjlkNjE3M2M3NmU3ZGI1Mjlk
ZmM4ZmYxZDYwMzFkN2FhNTRiZDk4NzNkMTk4NDE3Zjc4ZjkzYTE1NDUxMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjfKLLB7nMamuk027k5pnT/ZJAuc
AcwodxCl+w3FwmqJru2tzDnL/3tDcZBQs0P0oqYM712eNsdaW8vjObeYTLXU+/WM
O2Bgz3Q58m7+MhkNSci+bm8Wrn3rUgmHdfAgfzUHog/MkqH4WOySRwEn4A41j1Si
RiInJD1N/f8/B6CjTPS6cHHYPxud/LAepEZXPzTeDKlSnsmE2Ni4BaLMA1rrRQ/v
ze3g5by2dr6CBvOXSjKYV3U0RZv7Ovflsc7myaSfW0txkRSvyBKd79iOa34vxksr
ZScsVMORlcxEx4msFNVbTPDhVJ4tpnKpp4jiiX90vF6OKP8rlKg5EJSOPwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFC/QwWEe9a5MfOgzEvFFL/aC14rFMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc1ZjU0NzQ1LTE5MmItNDMzYS1hYmM4LWVkMjA4ODNkZDg2Ni5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaXAwDQYJKoZIhvcNAQELBQADggEBAASglj6AHpBQjg6SSx6k
5oJg5V9wagxqE0+/CUV8cbsIxfLMYqzhkMZsxsYwLwy68J4P/e50uyQfCykk6T6N
STfihzR59gGhm3apyh7J5X1cK2RBo67x8+9PC8iIz43pioz5zYmcT2a280IFKRI/
Jm9WmFONygHT6/oZUbg6tVpbcMUt1r6k6SUfy5uDrq3cmsBnzk73Gq7PcwbkMPoq
svuTsOYQsp0VWg82K4wM6N3du7ZcwO0SMbA20LC37ESJIp6aVX8tKqOegLWn4HKB
KB5SfK/nRbjG47eXdFY4FVMDIrxCbtLZtSjl7TohjZb7JTyenawIKAXa3fs+uZY/
oTs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:19:06 2025 by rpki-client