Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/813fd8db-c853-44b7-bd55-127e1e4f5d24.roa
File: 813fd8db-c853-44b7-bd55-127e1e4f5d24.roa (raw, json)
Hash identifier: 0eWQffq27x9P4wxGPsR5IysJSOkLzUK2hGVTTj7k1W8=
Subject key identifier: FB:A8:31:B2:1D:74:6B:6A:E4:72:44:E5:08:58:44:70:C8:CD:EA:53
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4B4EAE52BC116446C34BCBFEEA58567179A9B22A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/813fd8db-c853-44b7-bd55-127e1e4f5d24.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf0:9000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4b:4e:ae:52:bc:11:64:46:c3:4b:cb:fe:ea:58:56:71:79:a9:b2:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a2:d9:ae:db:72:8d:2b:92:81:cf:3f:59:26:
f9:29:9f:9b:a6:18:5a:0c:4e:86:60:da:28:31:b6:
ad:4c:ad:15:4c:21:a2:64:c7:f7:b5:f0:70:aa:0b:
b0:b3:b4:b8:3f:41:e5:14:d5:33:9e:d8:e9:59:2f:
7c:4c:47:05:93:f0:73:80:5a:94:86:e4:dc:75:17:
71:8f:02:51:6c:3d:f9:78:56:7d:f5:04:06:7a:93:
21:f7:15:25:f8:fd:e3:fb:6c:eb:29:89:21:12:89:
e8:58:56:05:36:20:21:1a:a0:c5:79:c3:79:dc:d6:
38:3b:4f:cb:a4:2c:09:f6:7e:d5:1b:f9:74:69:0b:
d4:20:06:35:b2:7d:37:71:42:83:be:0c:fe:f1:5a:
84:3f:77:c0:e2:6e:58:7b:0b:83:83:93:32:49:44:
33:3e:20:db:5c:17:17:0f:0a:d1:f8:fd:48:35:3d:
24:89:9a:c9:34:72:98:69:e0:31:78:69:52:b7:f8:
8f:63:8d:1e:dc:be:25:75:38:87:38:a8:1e:33:97:
50:ab:05:91:46:e7:fd:f0:9d:a8:b9:17:e9:92:24:
1b:96:e1:0f:9e:4b:d3:4e:e7:32:b2:bb:54:9e:b6:
0f:1d:eb:26:4e:76:52:5b:fc:40:bb:08:12:d0:25:
60:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:A8:31:B2:1D:74:6B:6A:E4:72:44:E5:08:58:44:70:C8:CD:EA:53
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/813fd8db-c853-44b7-bd55-127e1e4f5d24.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf0:9000::/40
Signature Algorithm: sha256WithRSAEncryption
c7:6c:32:72:86:db:63:28:99:79:8b:73:9d:05:71:93:11:8a:
39:e5:15:1b:10:3b:eb:34:56:35:f0:ad:89:8a:31:46:c9:86:
c1:57:28:8f:ec:50:79:b9:03:a4:d1:0b:77:e8:b1:d1:c5:45:
c1:a6:fa:5d:09:0c:52:f5:21:50:e2:5c:fa:cb:28:32:26:68:
b1:13:6a:57:c1:c6:79:27:09:05:a4:27:57:94:17:a5:49:cf:
0e:5b:66:b2:12:d2:8d:a3:69:5c:5f:78:17:6e:b8:14:d7:70:
48:d0:d9:ab:7e:7e:28:08:43:08:7c:74:86:64:80:b9:b8:d2:
b4:ae:e8:51:7b:a8:a7:d2:50:6e:82:dc:41:48:5f:6a:f6:51:
0e:69:6d:4d:e7:a4:80:69:2e:66:cb:0e:19:ba:cf:1e:de:9d:
2e:e7:a0:30:51:85:8a:4d:4b:5e:9a:74:84:1f:4d:e9:53:35:
5c:8a:37:01:40:94:0b:70:4d:ff:44:fc:b4:94:d7:38:00:c8:
e5:6e:71:a3:f2:5c:61:28:33:28:a6:58:f4:fc:a5:cc:0b:0f:
28:2e:f8:bd:ff:4c:f5:1f:73:7b:8b:bd:e9:c9:9e:c9:99:3c:
06:2f:f9:83:5d:86:3a:ce:78:5f:67:ae:62:32:30:b2:1e:c2:
7d:61:d8:84
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUS06uUrwRZEbDS8v+6lhWcXmpsiowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNANzMxOTAwMTg4YzIzZTk0NTRmZGZj
YWQzODhkMTFiZDZlYjQ0NWRmMTI0YTQzYzI5NmQ3MGE3YmE3ZWMxZmYxMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaLZrttyjSuSgc8/WSb5KZ+bphha
DE6GYNooMbatTK0VTCGiZMf3tfBwqguws7S4P0HlFNUzntjpWS98TEcFk/BzgFqU
huTcdRdxjwJRbD35eFZ99QQGepMh9xUl+P3j+2zrKYkhEonoWFYFNiAhGqDFecN5
3NY4O0/LpCwJ9n7VG/l0aQvUIAY1sn03cUKDvgz+8VqEP3fA4m5YewuDg5MySUQz
PiDbXBcXDwrR+P1INT0kiZrJNHKYaeAxeGlSt/iPY40e3L4ldTiHOKgeM5dQqwWR
Ruf98J2ouRfpkiQbluEPnkvTTucysrtUnrYPHesmTnZSW/xAuwgS0CVg3wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPuoMbIddGtq5HJE5QhYRHDIzepTMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzgxM2ZkOGRiLWM4NTMtNDRiNy1iZDU1LTEyN2UxZTRmNWQyNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8JAwDQYJKoZIhvcNAQELBQADggEBAMdsMnKG22MomXmLc50F
cZMRijnlFRsQO+s0VjXwrYmKMUbJhsFXKI/sUHm5A6TRC3fosdHFRcGm+l0JDFL1
IVDiXPrLKDImaLETalfBxnknCQWkJ1eUF6VJzw5bZrIS0o2jaVxfeBduuBTXcEjQ
2at+figIQwh8dIZkgLm40rSu6FF7qKfSUG6C3EFIX2r2UQ5pbU3npIBpLmbLDhm6
zx7enS7noDBRhYpNS16adIQfTelTNVyKNwFAlAtwTf9E/LSU1zgAyOVucaPyXGEo
MyimWPT8pcwLDygu+L3/TPUfc3uLvenJnsmZPAYv+YNdhjrOeF9nrmIyMLIewn1h
2IQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:25:31 2025 by rpki-client