Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/79f34a6b-850b-4988-b9c9-b49d5a938aa3.roa
File: 79f34a6b-850b-4988-b9c9-b49d5a938aa3.roa (raw, json)
Hash identifier: cM6IUUiYXa9ZqItW1htW6uo/TAcrkXgC8Ybfu6NiJLU=
Subject key identifier: CD:D2:96:51:E4:5C:1A:37:6C:CC:BF:84:6B:02:98:A7:CF:20:78:53
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 648E5231706131E31D017C48DFA21E8E2F7AEA52
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/79f34a6b-850b-4988-b9c9-b49d5a938aa3.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:a000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
64:8e:52:31:70:61:31:e3:1d:01:7c:48:df:a2:1e:8e:2f:7a:ea:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fe:6b:5e:76:6c:48:2e:e9:c8:dd:58:c9:5c:
c4:eb:4e:4e:41:c4:18:66:58:58:a0:0f:84:23:92:
34:4d:20:da:e6:5d:59:aa:a8:fa:ba:86:de:ec:a0:
76:78:d7:e0:b6:f1:fa:36:67:06:1a:62:59:7c:9d:
f0:36:88:66:8d:4a:09:2c:a8:56:97:27:8d:ec:d5:
f7:e0:bc:de:17:ce:b9:27:97:17:b5:3b:0f:7d:5e:
c3:7d:9e:2e:2e:ed:09:69:25:61:59:71:59:ab:4e:
2e:4f:aa:36:c6:d8:6d:48:22:50:b3:cb:f2:2b:76:
ac:55:ef:67:b5:28:4a:31:6e:b5:48:26:7c:57:32:
c4:fd:71:4a:6f:9a:c0:96:37:2c:cd:35:9b:b2:0e:
79:fa:3f:dd:f0:d0:6b:c6:c2:22:5e:ed:6c:a1:c2:
1c:35:fb:de:29:71:79:0a:89:41:c9:44:7f:e7:be:
16:92:8e:e0:6e:b0:00:9f:9e:91:d5:7b:8a:4f:0f:
50:ce:b5:46:e4:53:37:03:d1:26:56:3d:57:a6:fe:
3f:c4:0d:05:7a:ff:d2:38:82:1b:90:de:46:61:c9:
78:c8:5f:ea:29:c5:cb:0e:df:9e:ae:83:3c:3c:ae:
55:8f:dd:f8:a7:22:cf:b0:f2:50:53:42:ff:d4:0a:
1b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D2:96:51:E4:5C:1A:37:6C:CC:BF:84:6B:02:98:A7:CF:20:78:53
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/79f34a6b-850b-4988-b9c9-b49d5a938aa3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:a000::/40
Signature Algorithm: sha256WithRSAEncryption
0d:73:65:c6:da:7e:a4:75:ed:3c:84:3a:4d:fd:d9:92:28:6d:
e5:cb:52:10:2b:72:80:f1:4b:51:39:51:2b:64:59:58:70:99:
63:7f:9f:f1:f4:3c:d8:15:75:f6:51:3b:0c:e0:b6:64:92:9e:
ed:6d:a8:23:43:55:5c:59:35:d1:b7:14:fc:84:13:26:1c:b4:
78:47:53:73:bc:75:80:42:87:de:62:a2:01:90:c8:f4:c5:0a:
85:06:6f:77:8c:75:f6:4b:e6:66:d9:05:dd:0e:f5:82:c2:ba:
a7:8f:2b:f2:62:f9:92:bb:e2:97:61:f5:cf:57:2f:9d:0a:b6:
e0:80:88:9f:4e:94:88:72:c2:98:ca:ad:c5:65:d7:2c:ad:ab:
37:c8:00:f9:97:0c:cf:96:18:47:ef:d1:88:b5:86:28:08:7c:
da:e8:a1:24:56:fb:82:9d:97:e2:a3:e3:90:f7:69:bf:14:5b:
f4:63:41:1b:8b:3f:95:ad:c2:ed:b4:23:10:63:76:67:04:bc:
36:4a:06:b4:65:27:f7:27:d8:41:20:d4:a9:11:95:bd:20:81:
b9:f9:de:bc:eb:1d:c7:4c:2f:09:81:1b:09:c2:df:79:55:38:
85:59:ca:de:6d:43:bc:d7:46:82:52:96:78:47:5a:ff:31:88:
b5:e8:7d:31
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUZI5SMXBhMeMdAXxI36Ieji966lIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAZmFiMjYyNTVmMmM2NmJmNzZlZGRj
NmE1YTMyZmQ3NzJjNTBmYzA3N2YzZmQ5M2JmNWZkM2M4YWRiZmU4MGI2MTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP5rXnZsSC7pyN1YyVzE605OQcQY
ZlhYoA+EI5I0TSDa5l1Zqqj6uobe7KB2eNfgtvH6NmcGGmJZfJ3wNohmjUoJLKhW
lyeN7NX34LzeF865J5cXtTsPfV7DfZ4uLu0JaSVhWXFZq04uT6o2xthtSCJQs8vy
K3asVe9ntShKMW61SCZ8VzLE/XFKb5rAljcszTWbsg55+j/d8NBrxsIiXu1socIc
NfveKXF5ColByUR/574Wko7gbrAAn56R1XuKTw9QzrVG5FM3A9EmVj1Xpv4/xA0F
ev/SOIIbkN5GYcl4yF/qKcXLDt+eroM8PK5Vj934pyLPsPJQU0L/1Aob5wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFM3SllHkXBo3bMy/hGsCmKfPIHhTMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc5ZjM0YTZiLTg1MGItNDk4OC1iOWM5LWI0OWQ1YTkzOGFhMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaaAwDQYJKoZIhvcNAQELBQADggEBAA1zZcbafqR17TyEOk39
2ZIobeXLUhArcoDxS1E5UStkWVhwmWN/n/H0PNgVdfZROwzgtmSSnu1tqCNDVVxZ
NdG3FPyEEyYctHhHU3O8dYBCh95iogGQyPTFCoUGb3eMdfZL5mbZBd0O9YLCuqeP
K/Ji+ZK74pdh9c9XL50KtuCAiJ9OlIhywpjKrcVl1yytqzfIAPmXDM+WGEfv0Yi1
higIfNrooSRW+4Kdl+Kj45D3ab8UW/RjQRuLP5Wtwu20IxBjdmcEvDZKBrRlJ/cn
2EEg1KkRlb0ggbn53rzrHcdMLwmBGwnC33lVOIVZyt5tQ7zXRoJSlnhHWv8xiLXo
fTE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:20:28 2025 by rpki-client