Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7b01259d-9f22-4394-8476-cc9d3cf57a44.roa
File: 7b01259d-9f22-4394-8476-cc9d3cf57a44.roa (raw, json)
Hash identifier: FMYab3KnqTB5Klu/x1qOFpal9uNXoG2TQ+pl0TLtXPM=
Subject key identifier: 99:09:51:C6:FC:C0:07:1C:CB:F4:E1:D4:F9:82:9F:0E:BC:B3:88:F7
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 34822D92786F1FAC67574BED6AA328E408E2EBF4
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7b01259d-9f22-4394-8476-cc9d3cf57a44.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:1000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:82:2d:92:78:6f:1f:ac:67:57:4b:ed:6a:a3:28:e4:08:e2:eb:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:ef:ef:23:5f:97:7b:f3:e5:e9:ec:f0:78:1d:
e5:96:ca:f0:b7:46:ee:7e:b6:bb:43:2d:04:17:f2:
f9:85:2f:15:62:a2:ac:a5:b2:f0:84:de:98:c5:9a:
80:ed:ca:e0:1a:2c:3f:c7:f8:a0:f5:09:85:07:42:
03:0c:5b:e3:d8:1e:81:a2:ec:de:72:7e:23:47:fc:
c6:bf:ff:0e:1b:d9:5c:c1:9d:b9:b3:2f:d3:9b:7b:
f4:71:a7:a1:12:bf:16:f7:56:9b:d3:34:78:4b:9b:
75:c7:de:be:98:cd:9d:a0:00:5a:c4:1b:5f:e1:38:
ba:d1:9d:c3:b2:a3:2a:3e:e4:0e:7f:97:52:fc:02:
66:9c:8d:2c:6e:f4:f1:f9:19:1a:10:c7:8e:d7:d4:
9d:db:dc:7d:4b:23:d6:e2:20:e8:f7:21:12:87:46:
ef:87:03:5f:6f:b8:a8:65:0d:d1:c4:dc:9b:d0:ef:
ab:b3:51:e6:b5:2e:74:7e:60:66:03:03:37:46:2f:
03:b6:fd:a1:f5:0a:c5:9a:2e:62:83:75:6a:00:c8:
87:35:7b:0e:31:ed:c3:5c:a1:aa:35:a7:e6:a6:1c:
dc:25:47:11:7d:e4:a8:da:f3:e3:1f:7c:7d:c9:1f:
e4:5f:49:7e:34:fc:b9:6e:77:3c:59:5d:69:52:3c:
24:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:09:51:C6:FC:C0:07:1C:CB:F4:E1:D4:F9:82:9F:0E:BC:B3:88:F7
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7b01259d-9f22-4394-8476-cc9d3cf57a44.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:1000::/40
Signature Algorithm: sha256WithRSAEncryption
62:d9:8a:22:6c:3a:c4:61:85:f4:2f:8d:cf:cf:3c:88:fc:c1:
8a:1c:11:8d:00:e9:6e:23:8b:1e:7e:66:95:72:f3:47:af:97:
be:4b:75:bb:66:42:8c:fe:1c:f7:be:f9:14:68:2a:63:39:c7:
5d:62:bd:f5:bd:c8:38:f5:b9:e3:a9:a7:e9:8c:df:88:15:14:
9c:42:a4:36:08:c6:71:d8:f5:fc:fc:29:e2:d0:08:06:37:e6:
1f:07:58:5b:37:1b:59:a1:12:9d:e4:d1:d9:79:4a:57:54:89:
c0:19:63:4f:1d:ea:9b:c0:22:f4:2e:fa:b9:cf:db:cc:c0:aa:
40:7b:52:ab:1a:ac:14:f1:44:7d:fb:00:ac:a4:52:cc:b6:bd:
6b:f3:22:cd:56:93:3d:79:f8:03:23:a5:45:1d:76:84:d1:ec:
3f:78:c2:ce:46:ec:25:e5:78:a1:5f:73:eb:76:46:85:50:29:
4c:ed:e9:ac:29:54:00:c2:a4:57:84:95:e8:b9:b5:14:9d:b8:
96:fc:17:6b:a0:c2:21:99:73:77:e7:e2:47:1d:69:18:b2:29:
ee:4c:35:a9:aa:a0:db:e8:6b:33:35:4c:54:c3:36:9c:1e:50:
b4:16:1b:2c:92:7d:43:fb:75:47:76:fa:2f:b8:bc:7f:db:fd:
b7:01:7c:06
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUNIItknhvH6xnV0vtaqMo5Aji6/QwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAOGY1ODYwNTA5MTRhOTk5ZjliMjk5
ZTdiNGZmMDI1ODI4YzQ3ZDQyYTU5MzI2NTk2ZGZlMWFmYTg2M2VkZDJhNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+/vI1+Xe/Pl6ezweB3llsrwt0bu
fra7Qy0EF/L5hS8VYqKspbLwhN6YxZqA7crgGiw/x/ig9QmFB0IDDFvj2B6Bouze
cn4jR/zGv/8OG9lcwZ25sy/Tm3v0caehEr8W91ab0zR4S5t1x96+mM2doABaxBtf
4Ti60Z3DsqMqPuQOf5dS/AJmnI0sbvTx+RkaEMeO19Sd29x9SyPW4iDo9yESh0bv
hwNfb7ioZQ3RxNyb0O+rs1HmtS50fmBmAwM3Ri8Dtv2h9QrFmi5ig3VqAMiHNXsO
Me3DXKGqNafmphzcJUcRfeSo2vPjH3x9yR/kX0l+NPy5bnc8WV1pUjwkAwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJkJUcb8wAccy/Th1PmCnw68s4j3MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdiMDEyNTlkLTlmMjItNDM5NC04NDc2LWNjOWQzY2Y1N2E0NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9xAwDQYJKoZIhvcNAQELBQADggEBAGLZiiJsOsRhhfQvjc/P
PIj8wYocEY0A6W4jix5+ZpVy80evl75LdbtmQoz+HPe++RRoKmM5x11ivfW9yDj1
ueOpp+mM34gVFJxCpDYIxnHY9fz8KeLQCAY35h8HWFs3G1mhEp3k0dl5SldUicAZ
Y08d6pvAIvQu+rnP28zAqkB7UqsarBTxRH37AKykUsy2vWvzIs1Wkz15+AMjpUUd
doTR7D94ws5G7CXleKFfc+t2RoVQKUzt6awpVADCpFeElei5tRSduJb8F2ugwiGZ
c3fn4kcdaRiyKe5MNamqoNvoazM1TFTDNpweULQWGyySfUP7dUd2+i+4vH/b/bcB
fAY=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:13 2025 by rpki-client