Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fd06079-670b-45e2-8241-18b7a6b8c031.roa
File: 8fd06079-670b-45e2-8241-18b7a6b8c031.roa (raw, json)
Hash identifier: GcXwac1Ixwa3WhfXIwSJEeFPfjBGZO4e3m5IyqH5xvA=
Subject key identifier: 72:8F:AE:03:80:DD:BA:2F:B9:FE:7F:B0:E6:AB:78:AE:F5:B7:EA:56
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 10659B5772645DD8BDCF540E4F1EC8661A8BB0C3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fd06079-670b-45e2-8241-18b7a6b8c031.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf6:4800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:65:9b:57:72:64:5d:d8:bd:cf:54:0e:4f:1e:c8:66:1a:8b:b0:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:e2:29:66:f8:a8:36:be:86:a8:b6:7d:e7:75:
8d:ad:21:48:11:20:0d:04:7d:f4:d0:c9:7e:40:ac:
6c:50:87:97:d3:16:3b:9d:43:80:cb:4c:19:f3:8e:
d3:7e:fc:b1:fd:4f:6d:64:b0:6c:c6:9e:b4:33:67:
5d:54:8a:fb:24:5d:90:30:45:85:a0:ba:e3:0a:1f:
ef:cc:56:fe:f9:a3:5c:f2:48:d6:54:45:40:e1:6b:
c6:38:da:cd:88:47:2e:e5:11:40:6f:f0:fb:d1:4e:
ad:26:03:09:2e:14:41:21:fa:dd:43:96:60:a3:58:
d2:56:83:85:06:4a:2c:9d:11:09:2d:8c:25:22:9d:
e1:c7:ad:98:a6:0b:d8:cc:fa:7d:7a:f9:0d:3a:c1:
05:ea:1e:ed:54:af:b1:db:01:99:a0:ea:df:90:d3:
8b:2d:6e:24:ec:b3:f8:c9:77:c6:f6:66:ad:8b:a6:
3f:8c:ed:b8:4e:a5:a3:1c:08:00:6f:b5:fd:b6:56:
39:7f:23:1b:24:20:61:31:8d:70:ca:8b:30:c8:be:
31:00:fd:ed:8e:5e:c5:e9:9d:38:3a:40:6b:51:68:
6d:1c:5b:d4:74:30:71:cf:60:3b:2b:03:92:2e:df:
41:26:cc:8b:f1:b8:06:d5:11:9a:fc:b8:38:b8:ea:
78:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:8F:AE:03:80:DD:BA:2F:B9:FE:7F:B0:E6:AB:78:AE:F5:B7:EA:56
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8fd06079-670b-45e2-8241-18b7a6b8c031.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf6:4800::/40
Signature Algorithm: sha256WithRSAEncryption
94:b1:30:c8:27:e8:8f:f3:01:7b:0c:23:e8:c4:ed:f2:ca:dd:
e5:f9:cd:de:69:a8:83:b8:06:b9:7d:c4:87:5a:4e:2f:55:c4:
7b:d3:a1:f8:e5:d8:f4:38:cd:d0:7a:13:74:bc:23:f7:d6:55:
21:08:c1:bb:d2:e4:ca:50:95:99:01:a2:5f:cc:d4:d0:89:a6:
87:18:45:18:9f:df:14:be:a3:44:5c:de:07:08:63:46:30:77:
92:ed:53:20:e3:db:71:87:34:de:b8:f9:76:7c:08:ad:f1:d4:
32:a0:51:a1:9e:10:f0:14:58:1b:cf:a9:00:e4:2a:b8:10:61:
62:ac:5f:9f:22:bd:59:bc:9a:f3:1a:63:16:31:29:e5:11:ff:
dc:01:16:02:6a:8f:31:62:93:9b:be:c3:3a:fe:77:a1:ba:d9:
4f:ae:88:44:13:d4:ff:00:0f:52:52:ab:a8:69:40:34:c3:46:
ee:aa:7f:44:ad:ed:ec:e8:8f:f8:17:65:9d:f1:80:c7:f9:ea:
72:48:3f:d2:b4:bf:4a:4c:da:0e:70:63:70:c5:b4:8c:10:47:
a4:e2:fc:c2:8e:e4:5e:6e:94:45:3e:47:cd:a4:3b:ef:69:7b:
58:02:51:e9:62:3b:8b:df:87:0d:8b:0f:61:c1:37:0d:35:02:
07:99:49:8a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUEGWbV3JkXdi9z1QOTx7IZhqLsMMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAZTU2NjBmOTQzN2ZmZTQ2OTcyMTMy
MDkwNDA3MDMwNDU3ZGY4ZGQyNzFmNGI2MDdkYWMxNTlkZmRmZmI0ZTk2ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp+IpZvioNr6GqLZ953WNrSFIESAN
BH300Ml+QKxsUIeX0xY7nUOAy0wZ847Tfvyx/U9tZLBsxp60M2ddVIr7JF2QMEWF
oLrjCh/vzFb++aNc8kjWVEVA4WvGONrNiEcu5RFAb/D70U6tJgMJLhRBIfrdQ5Zg
o1jSVoOFBkosnREJLYwlIp3hx62YpgvYzPp9evkNOsEF6h7tVK+x2wGZoOrfkNOL
LW4k7LP4yXfG9mati6Y/jO24TqWjHAgAb7X9tlY5fyMbJCBhMY1wyoswyL4xAP3t
jl7F6Z04OkBrUWhtHFvUdDBxz2A7KwOSLt9BJsyL8bgG1RGa/Lg4uOp4SQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHKPrgOA3bovuf5/sOareK71t+pWMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzhmZDA2MDc5LTY3MGItNDVlMi04MjQxLTE4YjdhNmI4YzAzMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9kgwDQYJKoZIhvcNAQELBQADggEBAJSxMMgn6I/zAXsMI+jE
7fLK3eX5zd5pqIO4Brl9xIdaTi9VxHvTofjl2PQ4zdB6E3S8I/fWVSEIwbvS5MpQ
lZkBol/M1NCJpocYRRif3xS+o0Rc3gcIY0Ywd5LtUyDj23GHNN64+XZ8CK3x1DKg
UaGeEPAUWBvPqQDkKrgQYWKsX58ivVm8mvMaYxYxKeUR/9wBFgJqjzFik5u+wzr+
d6G62U+uiEQT1P8AD1JSq6hpQDTDRu6qf0St7ezoj/gXZZ3xgMf56nJIP9K0v0pM
2g5wY3DFtIwQR6Ti/MKO5F5ulEU+R82kO+9pe1gCUeliO4vfhw2LD2HBNw01AgeZ
SYo=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:24:47 2025 by rpki-client