Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8e24ca53-b855-4655-a239-6bd059a83f61.roa
File: 8e24ca53-b855-4655-a239-6bd059a83f61.roa (raw, json)
Hash identifier: kam1ADsmmICayStUWvJKJzyfH8kAM++6+FWC9Tw4ebw=
Subject key identifier: A5:80:05:FD:A4:F8:96:B4:99:8F:DB:90:7C:89:A5:C1:E9:D2:49:B2
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4D610745D76772AB386D3142AB38D28D169694DA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8e24ca53-b855-4655-a239-6bd059a83f61.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:6000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:61:07:45:d7:67:72:ab:38:6d:31:42:ab:38:d2:8d:16:96:94:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:22:ac:58:be:45:d6:ab:7a:d1:f8:3d:60:d2:
2a:34:cb:f6:f4:7a:d6:5d:3a:25:8a:d8:64:2f:e0:
72:31:64:46:50:4b:44:6d:be:c5:03:fe:0d:37:02:
de:2f:8f:6f:a0:35:93:05:c1:7c:f5:b0:3a:b1:c9:
c4:fa:c9:c3:db:93:93:e4:36:6b:6d:90:2d:47:59:
f6:3b:e3:e3:67:c9:2a:00:bf:85:e9:9a:1a:93:5a:
9b:8b:3f:c2:69:b3:91:5c:fa:d5:50:e6:2d:68:09:
3c:6f:58:6f:51:8b:e2:43:8e:35:31:1e:55:c0:61:
aa:cc:fa:a6:72:ae:68:09:65:d2:48:cd:65:cf:00:
f9:02:0f:9e:a9:03:13:a5:c2:f3:21:91:c0:8a:1f:
9c:c5:3e:1d:1d:d1:a7:8b:4a:9f:f9:eb:76:e9:99:
bc:7c:6d:c0:48:5b:42:b7:08:6b:79:97:61:56:a3:
51:85:cd:94:94:65:b5:bc:9e:c8:00:af:81:ad:cb:
64:24:58:d2:fe:c7:72:3d:14:ce:6b:68:05:2d:c4:
b6:83:a8:64:56:32:5f:2c:0e:41:08:90:3c:4f:0f:
ec:25:f3:86:e3:c1:e4:ca:07:33:d9:2a:97:83:9e:
4e:75:65:29:76:f8:c9:ef:bc:49:8b:0a:be:aa:85:
05:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:80:05:FD:A4:F8:96:B4:99:8F:DB:90:7C:89:A5:C1:E9:D2:49:B2
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8e24ca53-b855-4655-a239-6bd059a83f61.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:6000::/40
Signature Algorithm: sha256WithRSAEncryption
42:79:c2:d5:e8:99:bb:8e:93:95:90:ce:2d:7b:e0:cd:7f:07:
da:f3:a2:05:6e:4c:a8:88:3e:fb:c3:12:f0:3d:be:2b:81:d5:
b7:29:75:8f:cc:a2:1c:99:e6:82:9b:86:5a:36:48:9e:44:93:
2b:a8:7b:a5:dc:3d:b5:86:9b:f0:c1:19:51:21:6e:5f:aa:b3:
d9:c2:f2:02:80:64:b6:ce:7e:cd:c0:7f:9d:ba:f5:03:2d:4a:
00:6e:04:35:2c:f0:7d:59:38:7d:7d:e4:07:7f:25:3d:44:d1:
3a:e3:a7:49:d9:e8:b8:93:65:c2:de:c5:c3:05:a2:d7:af:06:
cf:70:c1:cf:e9:b3:ae:91:30:9b:8f:84:6e:d6:29:8e:fd:20:
9f:cc:98:a2:f9:f1:51:cd:79:76:94:2d:b2:b5:a7:29:40:29:
a3:9d:dd:b9:52:12:60:ed:8a:1b:e6:d4:21:4e:a1:8f:68:cd:
aa:25:8a:eb:bd:7b:77:71:ff:c0:4d:83:f4:ba:94:5f:24:8d:
16:d6:56:3b:5d:12:f8:5c:8e:8b:04:fa:c5:07:3b:2a:60:59:
be:ab:1e:b4:46:08:b9:24:d1:83:fb:bc:6f:51:f2:79:3e:76:
d7:da:cb:65:3f:bc:b7:df:f3:94:f3:f9:d2:e3:4a:08:55:89:
c6:60:ae:f8
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUTWEHRddncqs4bTFCqzjSjRaWlNowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAMWExZWUxMjZmMzFhYmJjNmM2ZWUx
YzQ1ZWU3MzgwNDRlNzI0OGJmMjk5NWE0MTEwN2M1Mjk4NjQyNTI4MWZhNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySKsWL5F1qt60fg9YNIqNMv29HrW
XTolithkL+ByMWRGUEtEbb7FA/4NNwLeL49voDWTBcF89bA6scnE+snD25OT5DZr
bZAtR1n2O+PjZ8kqAL+F6Zoak1qbiz/CabORXPrVUOYtaAk8b1hvUYviQ441MR5V
wGGqzPqmcq5oCWXSSM1lzwD5Ag+eqQMTpcLzIZHAih+cxT4dHdGni0qf+et26Zm8
fG3ASFtCtwhreZdhVqNRhc2UlGW1vJ7IAK+BrctkJFjS/sdyPRTOa2gFLcS2g6hk
VjJfLA5BCJA8Tw/sJfOG48Hkygcz2SqXg55OdWUpdvjJ77xJiwq+qoUFTwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKWABf2k+Ja0mY/bkHyJpcHp0kmyMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzhlMjRjYTUzLWI4NTUtNDY1NS1hMjM5LTZiZDA1OWE4M2Y2MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9GAwDQYJKoZIhvcNAQELBQADggEBAEJ5wtXombuOk5WQzi17
4M1/B9rzogVuTKiIPvvDEvA9viuB1bcpdY/MohyZ5oKbhlo2SJ5Ekyuoe6XcPbWG
m/DBGVEhbl+qs9nC8gKAZLbOfs3Af5269QMtSgBuBDUs8H1ZOH195Ad/JT1E0Trj
p0nZ6LiTZcLexcMFotevBs9wwc/ps66RMJuPhG7WKY79IJ/MmKL58VHNeXaULbK1
pylAKaOd3blSEmDtihvm1CFOoY9ozaoliuu9e3dx/8BNg/S6lF8kjRbWVjtdEvhc
josE+sUHOypgWb6rHrRGCLkk0YP7vG9R8nk+dtfay2U/vLff85Tz+dLjSghVicZg
rvg=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:41:14 2025 by rpki-client