Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/769845d8-20c6-4639-a605-e6db7bfa4f8f.roa
File: 769845d8-20c6-4639-a605-e6db7bfa4f8f.roa (raw, json)
Hash identifier: 0gr/fr8d44jhlIW48/QH4A11csi1b8vi5o3ihRz5fGY=
Subject key identifier: 6D:1A:06:45:D4:BA:9F:28:3B:24:D3:70:15:63:E6:39:2E:01:24:17
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5905BC6A7F229E3775B29F039EFDCBB24F0A41A5
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/769845d8-20c6-4639-a605-e6db7bfa4f8f.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf0:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
59:05:bc:6a:7f:22:9e:37:75:b2:9f:03:9e:fd:cb:b2:4f:0a:41:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:6d:f4:11:24:e0:fa:e5:92:2a:52:66:e8:2c:
92:18:37:a8:0f:d0:ad:79:e6:70:94:2f:c3:47:34:
bd:1d:6f:e3:3e:23:45:ab:3e:79:4b:f8:f8:dc:09:
2b:7b:25:b5:4c:cd:f0:19:40:2f:4a:c2:b1:10:aa:
2c:c7:e7:d8:9c:34:c0:f9:43:41:1c:21:7b:5d:6a:
91:bb:94:bd:c0:e3:0d:17:6b:90:97:dd:6e:6d:18:
8f:96:c4:34:bb:9f:0a:6d:1e:f8:ce:05:f7:7b:69:
6f:00:8d:0d:01:b6:d6:76:2a:71:ae:93:21:a3:a1:
e5:8e:fb:e3:4c:d9:bb:46:dc:4a:2c:29:36:4e:61:
a7:62:d8:29:13:29:2d:b3:6b:a2:0d:93:11:4f:78:
1d:ba:96:ca:49:d8:17:85:ca:2e:fc:b4:6a:75:1b:
a9:8f:4f:75:b0:6b:51:fd:e9:e1:52:a1:bf:07:fb:
be:ef:83:8f:9a:42:1c:39:cd:2d:ea:ba:2d:cc:79:
c9:d6:d7:0a:7e:b7:b4:ce:8a:0b:8a:6f:86:51:0b:
c6:e4:7d:e1:52:34:e1:f5:01:c0:fe:33:f0:33:0f:
1b:ca:3c:a9:bb:2f:e7:06:3e:c1:77:68:68:9a:dd:
21:31:38:17:db:b2:a0:cd:75:cf:f9:04:7f:42:1e:
b1:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:1A:06:45:D4:BA:9F:28:3B:24:D3:70:15:63:E6:39:2E:01:24:17
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/769845d8-20c6-4639-a605-e6db7bfa4f8f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf0:4000::/40
Signature Algorithm: sha256WithRSAEncryption
33:35:f4:c1:d1:f1:d1:e1:54:69:8e:9d:ad:99:2c:5b:1f:94:
6e:cb:4f:26:67:ea:8d:73:24:c1:56:37:a9:6d:08:2a:9a:98:
df:58:c7:47:b6:cb:14:00:fa:85:97:25:ed:b3:5d:fb:57:4f:
f7:94:f0:62:22:36:1f:d3:7f:f4:7a:07:9d:dc:a4:66:9d:f1:
54:80:c3:aa:c2:87:dd:05:35:29:3f:34:6c:1a:07:54:90:6e:
c2:94:60:ff:79:8b:79:c4:4c:1b:04:36:f5:b9:59:03:fc:01:
e2:7f:df:f8:56:61:25:c8:21:22:e5:af:1d:0f:36:39:45:58:
e3:c8:c5:7c:f8:5c:81:d1:0b:d7:01:ad:2e:42:2b:73:df:bb:
4d:2c:8a:19:f8:74:ca:b0:87:47:b3:19:41:be:4a:5e:f7:7b:
4d:3d:48:95:40:5e:23:8c:f9:77:83:ec:d7:5a:a0:58:39:95:
62:39:d2:b2:cb:75:e5:70:7b:a1:9c:b0:c6:cf:7f:f4:87:7f:
36:f7:f1:70:d8:1f:60:08:e6:60:d1:73:3f:41:e9:9d:ea:a7:
26:78:ac:1b:ee:20:74:e5:f3:71:e3:8b:e2:aa:f1:eb:ee:45:
01:10:01:4d:c8:6d:a9:b1:29:2f:5a:6f:ba:69:37:d7:84:0e:
9b:cb:f8:31
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUWQW8an8injd1sp8Dnv3Lsk8KQaUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAMzNjNDA1NDE1YTRhZWUwMjQ0OWVi
ZjY2N2FiOThmZGFiMzE4MjNjZGZmN2E4N2NlNGYxMWNiMjhkYWE3Y2ZjMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArm30ESTg+uWSKlJm6CySGDeoD9Ct
eeZwlC/DRzS9HW/jPiNFqz55S/j43AkreyW1TM3wGUAvSsKxEKosx+fYnDTA+UNB
HCF7XWqRu5S9wOMNF2uQl91ubRiPlsQ0u58KbR74zgX3e2lvAI0NAbbWdipxrpMh
o6HljvvjTNm7RtxKLCk2TmGnYtgpEykts2uiDZMRT3gdupbKSdgXhcou/LRqdRup
j091sGtR/enhUqG/B/u+74OPmkIcOc0t6rotzHnJ1tcKfre0zooLim+GUQvG5H3h
UjTh9QHA/jPwMw8byjypuy/nBj7Bd2homt0hMTgX27KgzXXP+QR/Qh6xSQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFG0aBkXUup8oOyTTcBVj5jkuASQXMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc2OTg0NWQ4LTIwYzYtNDYzOS1hNjA1LWU2ZGI3YmZhNGY4Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8EAwDQYJKoZIhvcNAQELBQADggEBADM19MHR8dHhVGmOna2Z
LFsflG7LTyZn6o1zJMFWN6ltCCqamN9Yx0e2yxQA+oWXJe2zXftXT/eU8GIiNh/T
f/R6B53cpGad8VSAw6rCh90FNSk/NGwaB1SQbsKUYP95i3nETBsENvW5WQP8AeJ/
3/hWYSXIISLlrx0PNjlFWOPIxXz4XIHRC9cBrS5CK3Pfu00sihn4dMqwh0ezGUG+
Sl73e009SJVAXiOM+XeD7NdaoFg5lWI50rLLdeVwe6GcsMbPf/SHfzb38XDYH2AI
5mDRcz9B6Z3qpyZ4rBvuIHTl83Hji+Kq8evuRQEQAU3IbamxKS9ab7ppN9eEDpvL
+DE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:27:55 2025 by rpki-client