Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99f57a1e-3186-4e34-800e-52aeee0fb0a4.roa
File: 99f57a1e-3186-4e34-800e-52aeee0fb0a4.roa (raw, json)
Hash identifier: GMT62CZUiXq3zOOkphM+GeUw9yvKdMlA2jFud9mtgyw=
Subject key identifier: E6:93:6A:66:84:B5:72:DF:56:72:0D:A7:6E:1A:07:41:02:BB:C0:A0
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 55A4C8CF44B456114BBB432F53880ED2F8899DFF
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99f57a1e-3186-4e34-800e-52aeee0fb0a4.roa
Signing time: Sat 28 Dec 2024 00:00:00 +0000
ROA not before: Sat 28 Dec 2024 00:00:00 +0000
ROA not after: Sat 01 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da18:8000::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:a4:c8:cf:44:b4:56:11:4b:bb:43:2f:53:88:0e:d2:f8:89:9d:ff
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 28 00:00:00 2024 GMT
Not After : Feb 1 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:f9:6c:db:53:82:e2:71:0c:8a:d9:e8:26:14:
9f:89:34:44:83:51:00:43:8b:16:e4:6f:d3:c2:47:
d4:91:f9:5d:86:1d:04:ae:fd:fa:ec:1f:d5:72:d0:
b8:51:09:54:6c:6c:3f:38:29:e4:2f:9f:6e:35:0c:
62:47:6a:b2:10:8e:35:13:13:e4:fe:07:12:38:c1:
72:7c:9c:f7:54:23:8d:dc:e8:e0:00:fc:be:f5:2b:
62:8f:96:10:7e:16:76:15:36:be:98:fa:83:51:8f:
27:75:5c:cd:cb:fa:2d:c8:a8:71:bc:34:00:c4:6e:
3a:7b:48:25:e2:81:ff:59:f5:81:e4:ce:ad:0d:8e:
5f:ef:99:4c:df:2a:0f:20:d5:bb:d9:2a:25:87:5e:
b1:4e:b4:39:bc:23:e2:03:c9:be:ba:a5:98:f9:be:
27:bf:7a:36:fe:b1:3e:ec:d7:71:6b:9d:ac:b7:53:
36:5d:ad:98:59:43:ce:b6:e0:5b:ce:a7:f5:b9:3c:
1b:97:f1:68:76:4d:95:7e:94:30:90:78:4d:f7:47:
1d:88:87:33:00:a3:8e:40:d1:92:d7:90:ed:45:d8:
fb:96:fe:6f:4c:23:94:0a:f2:22:4a:32:97:2a:d8:
13:e8:a6:c4:7a:7c:b7:2a:47:6f:3a:df:00:30:bc:
4e:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:93:6A:66:84:B5:72:DF:56:72:0D:A7:6E:1A:07:41:02:BB:C0:A0
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/99f57a1e-3186-4e34-800e-52aeee0fb0a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da18:8000::/36
Signature Algorithm: sha256WithRSAEncryption
5b:4a:7c:b1:6c:09:6a:2f:b5:44:c7:e6:68:f7:78:c9:8d:a0:
92:4d:ea:1d:88:36:41:66:d0:a0:da:5b:76:b8:70:8d:75:2e:
81:8e:0e:16:48:39:d4:91:33:6d:60:62:d7:16:9a:0d:7e:c9:
a1:33:2f:67:0d:07:70:72:e4:b9:da:73:4e:6f:05:b1:76:34:
4b:6b:54:e3:69:68:ae:f9:51:88:65:39:ef:90:70:ab:d3:75:
18:be:50:64:fe:8d:d1:35:3a:1d:d8:d5:bf:79:8c:38:b7:1d:
ca:44:b6:70:9b:1a:b9:c4:44:32:9e:db:e4:05:56:92:3d:10:
6a:47:5b:72:a1:82:7b:7d:89:a9:09:b3:47:75:4f:a2:fb:51:
bc:a4:89:66:19:01:95:3c:4e:c3:ee:5b:3d:96:9a:82:58:39:
04:4d:c0:3e:34:ac:92:4a:da:09:df:c2:25:05:ee:e9:0a:6e:
81:81:6a:53:1c:a7:96:bc:cd:9a:52:f6:a8:16:f2:cd:28:7f:
b7:ff:7b:3c:97:28:df:39:63:87:2a:ee:f9:9f:33:c1:f7:29:
94:52:f3:36:a2:32:07:4d:94:9d:81:54:9c:c8:ac:25:d4:dd:
fa:f1:a0:83:09:e0:bd:4a:f2:16:ea:6f:03:b6:f5:f9:0a:9e:
10:18:08:41
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUVaTIz0S0VhFLu0MvU4gO0viJnf8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIyODAwMDAwMFoX
DTI1MDIwMTIzNTk1OVowejFJMEcGA1UEBRNANGJlMTI3ZWZiZjBiMzU4NzFhYjg4
M2FmNTNjN2IwMWI4NTgzMDA3MTYwZDcyYWRiYjQ4MzEyMWM3ZjBkNzUzMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4fls21OC4nEMitnoJhSfiTREg1EA
Q4sW5G/TwkfUkfldhh0Erv367B/VctC4UQlUbGw/OCnkL59uNQxiR2qyEI41ExPk
/gcSOMFyfJz3VCON3OjgAPy+9Stij5YQfhZ2FTa+mPqDUY8ndVzNy/otyKhxvDQA
xG46e0gl4oH/WfWB5M6tDY5f75lM3yoPINW72Solh16xTrQ5vCPiA8m+uqWY+b4n
v3o2/rE+7Ndxa52st1M2Xa2YWUPOtuBbzqf1uTwbl/Fodk2VfpQwkHhN90cdiIcz
AKOOQNGS15DtRdj7lv5vTCOUCvIiSjKXKtgT6KbEeny3KkdvOt8AMLxOMQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOaTamaEtXLfVnINp24aB0ECu8CgMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzk5ZjU3YTFlLTMxODYtNGUzNC04MDBlLTUyYWVlZTBmYjBhNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaGIAwDQYJKoZIhvcNAQELBQADggEBAFtKfLFsCWovtUTH5mj3
eMmNoJJN6h2INkFm0KDaW3a4cI11LoGODhZIOdSRM21gYtcWmg1+yaEzL2cNB3By
5Lnac05vBbF2NEtrVONpaK75UYhlOe+QcKvTdRi+UGT+jdE1Oh3Y1b95jDi3HcpE
tnCbGrnERDKe2+QFVpI9EGpHW3Khgnt9iakJs0d1T6L7UbykiWYZAZU8TsPuWz2W
moJYOQRNwD40rJJK2gnfwiUF7ukKboGBalMcp5a8zZpS9qgW8s0of7f/ezyXKN85
Y4cq7vmfM8H3KZRS8zaiMgdNlJ2BVJzIrCXU3frxoIMJ4L1K8hbqbwO29fkKnhAY
CEE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:36:56 2025 by rpki-client