Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/990a64b7-6f49-49b1-b261-f42f671355cf.roa
File: 990a64b7-6f49-49b1-b261-f42f671355cf.roa (raw, json)
Hash identifier: AqE7vwROklBVoaDmY73O4vnqFxr7MWb/TEOLYZUOksQ=
Subject key identifier: 21:B5:75:F8:ED:37:3C:A3:0A:16:65:5F:56:5D:8D:6C:BB:20:B6:5F
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 049BB6A07D143FE1B13265E6B446AA6BAFD60306
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/990a64b7-6f49-49b1-b261-f42f671355cf.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:b000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:9b:b6:a0:7d:14:3f:e1:b1:32:65:e6:b4:46:aa:6b:af:d6:03:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:d2:e9:0f:5b:e5:6d:83:ed:37:23:e8:ba:36:
1b:33:eb:a6:21:cf:d3:16:0e:68:63:40:a1:9c:68:
04:d9:c0:5e:6f:54:d6:1d:68:e5:11:2c:e4:bc:a0:
3c:84:de:b7:5c:29:2b:af:31:87:f9:a8:14:b1:ea:
32:97:24:c9:97:ed:db:a7:1b:16:37:91:49:f8:b2:
0c:2f:ca:b9:53:2a:1d:05:ac:df:e6:d4:bb:1e:d5:
42:ee:b2:c6:7f:b4:ea:90:34:6d:4d:78:c6:4e:94:
63:a4:c4:9f:ec:f8:5f:be:4c:14:61:0c:79:e8:ed:
a0:09:8f:f4:46:bf:2c:20:88:ba:74:85:b0:c4:78:
55:47:b7:9e:3a:e8:a4:d6:dd:9a:30:a3:11:8b:dd:
8d:25:97:48:1b:fe:e5:8b:fe:ea:7b:2d:49:c3:4f:
a7:c3:4f:2d:46:7c:df:3a:17:a9:62:a9:ed:61:b1:
fc:01:37:76:ae:c1:df:79:96:11:93:ed:4a:e1:65:
c8:85:5c:13:e4:73:c5:8f:47:3e:20:6d:5f:b4:05:
51:6c:05:8c:22:d1:49:27:c0:10:3c:0b:19:ae:21:
3d:4f:2d:cd:7d:61:f3:9e:39:d0:40:e3:cf:e2:56:
4e:23:a4:46:4e:5d:ac:ec:75:99:32:1a:5b:96:67:
b8:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B5:75:F8:ED:37:3C:A3:0A:16:65:5F:56:5D:8D:6C:BB:20:B6:5F
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/990a64b7-6f49-49b1-b261-f42f671355cf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:b000::/40
Signature Algorithm: sha256WithRSAEncryption
7b:ba:8b:20:b4:bc:bd:72:82:13:d0:f3:d5:e9:73:58:11:b4:
82:f4:86:15:32:1a:e3:1f:2d:4c:14:a1:f7:16:44:b9:b5:ab:
0c:8d:c5:80:7e:e5:e3:41:0c:64:70:cb:eb:7a:a2:13:b1:d0:
c1:d5:4d:69:31:37:e8:4f:9b:3d:99:10:9c:41:ef:1b:ce:0c:
48:89:65:09:e6:ee:b0:cd:12:39:1e:52:81:c7:c6:b6:ad:7b:
25:64:3c:f7:1b:ad:00:26:00:fa:c1:19:e7:e6:60:84:a6:a3:
6b:6b:d7:8e:7b:cb:0f:b2:ba:52:7e:e9:bb:fb:b7:9a:6c:eb:
0b:65:6b:3b:d4:bc:39:3e:c0:e8:07:55:dd:a2:79:ae:3f:e2:
06:26:30:bb:bb:72:22:21:2e:e6:7d:52:b0:8f:af:b4:01:d3:
cc:71:67:0f:a9:9d:39:12:e7:cd:9a:8a:3a:e4:80:0e:2d:9b:
31:50:0f:30:33:a0:0a:64:13:a4:3d:d3:9c:1a:34:f1:ac:16:
df:a7:f7:ca:a6:40:c2:01:84:a3:5f:c4:73:c5:76:7f:47:8e:
aa:63:f1:1c:bd:64:37:26:99:69:27:a5:96:0b:ca:22:80:7e:
8a:9c:f6:fe:99:a5:e3:b7:3d:1e:5e:a5:98:cf:f5:9a:ce:0b:
04:77:4d:67
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUBJu2oH0UP+GxMmXmtEaqa6/WAwYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNANGNlZjlmYjI3ZDM4MTgyM2UyYjQ4
MDZmZjRhMmI0MTI3YjhjNzkzMGJmZDA2ZTFlNTBkZWE2MjE2YWEwZTBmMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0NLpD1vlbYPtNyPoujYbM+umIc/T
Fg5oY0ChnGgE2cBeb1TWHWjlESzkvKA8hN63XCkrrzGH+agUseoylyTJl+3bpxsW
N5FJ+LIML8q5UyodBazf5tS7HtVC7rLGf7TqkDRtTXjGTpRjpMSf7PhfvkwUYQx5
6O2gCY/0Rr8sIIi6dIWwxHhVR7eeOuik1t2aMKMRi92NJZdIG/7li/7qey1Jw0+n
w08tRnzfOhepYqntYbH8ATd2rsHfeZYRk+1K4WXIhVwT5HPFj0c+IG1ftAVRbAWM
ItFJJ8AQPAsZriE9Ty3NfWHznjnQQOPP4lZOI6RGTl2s7HWZMhpblme4jwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCG1dfjtNzyjChZlX1ZdjWy7ILZfMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzk5MGE2NGI3LTZmNDktNDliMS1iMjYxLWY0MmY2NzEzNTVjZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/7AwDQYJKoZIhvcNAQELBQADggEBAHu6iyC0vL1yghPQ89Xp
c1gRtIL0hhUyGuMfLUwUofcWRLm1qwyNxYB+5eNBDGRwy+t6ohOx0MHVTWkxN+hP
mz2ZEJxB7xvODEiJZQnm7rDNEjkeUoHHxrateyVkPPcbrQAmAPrBGefmYISmo2tr
1457yw+yulJ+6bv7t5ps6wtlazvUvDk+wOgHVd2iea4/4gYmMLu7ciIhLuZ9UrCP
r7QB08xxZw+pnTkS582aijrkgA4tmzFQDzAzoApkE6Q905waNPGsFt+n98qmQMIB
hKNfxHPFdn9Hjqpj8Ry9ZDcmmWknpZYLyiKAfoqc9v6ZpeO3PR5epZjP9ZrOCwR3
TWc=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:46:27 2025 by rpki-client