Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a05c69b-927d-4e32-8626-8e91ace5c11e.roa
File: 9a05c69b-927d-4e32-8626-8e91ace5c11e.roa (raw, json)
Hash identifier: mhn9U0pOXDA+vjilRyIAvzgl8D+giVWHC4kmA78/xVc=
Subject key identifier: 97:A8:0B:EA:6C:CE:BF:38:CD:30:DA:F6:32:24:45:D0:3D:A7:60:CC
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 05E21D1E3574AC6B3E1F619C510EF1511F12AA5D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a05c69b-927d-4e32-8626-8e91ace5c11e.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da30:c800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
05:e2:1d:1e:35:74:ac:6b:3e:1f:61:9c:51:0e:f1:51:1f:12:aa:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3c:84:db:fb:1c:fa:a4:7c:ed:39:2d:12:53:
89:53:8b:12:3c:37:cb:7f:f1:32:45:21:24:92:09:
8e:c5:0e:1c:04:20:39:7b:74:d1:5e:9d:dd:b7:59:
75:51:d3:c4:a1:5a:20:13:6a:b4:96:8b:fa:3d:09:
85:9d:99:ea:05:d8:36:7c:3b:30:3f:53:4a:1a:70:
cf:ac:41:f5:10:6e:7c:f2:91:9a:a6:75:1e:00:b3:
bf:07:6a:b6:61:e3:9a:55:fc:41:b5:a8:4c:96:b5:
13:47:17:f0:a4:6a:45:fc:bd:fd:d8:e7:c9:6a:51:
a4:97:ae:2c:8b:aa:12:a1:70:f2:08:98:95:a7:13:
1a:05:f5:56:be:cc:d1:24:c1:90:08:40:2b:bb:19:
76:77:31:68:62:60:df:67:b8:e6:2a:db:42:5f:3e:
3f:a6:98:00:9e:5a:06:a1:58:c9:fe:ba:90:60:bd:
c8:8c:92:fe:f0:d1:6f:bb:ed:58:a3:f9:ac:84:ea:
b7:07:bf:a8:67:9d:cf:16:04:f9:aa:1d:4c:54:0c:
47:3b:67:2f:6d:eb:cc:d2:58:28:3d:50:22:eb:0d:
1d:23:5f:18:8a:e7:1a:48:78:9e:33:57:04:a5:d5:
91:cb:9a:ea:41:ba:29:3b:21:6d:ba:8e:a0:88:09:
6c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:A8:0B:EA:6C:CE:BF:38:CD:30:DA:F6:32:24:45:D0:3D:A7:60:CC
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9a05c69b-927d-4e32-8626-8e91ace5c11e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da30:c800::/40
Signature Algorithm: sha256WithRSAEncryption
62:6d:5b:c6:4c:7f:4f:5e:b6:dc:4d:47:b4:1f:dc:95:28:44:
9a:5f:e7:a1:59:ec:58:e2:60:23:7e:90:f1:c4:7f:f0:fc:6c:
ae:46:2e:30:0a:ed:86:75:18:f9:4e:e6:7c:fb:99:41:2e:a5:
ee:2b:c7:16:35:90:f6:2a:db:a9:35:74:3e:13:c5:7b:57:21:
30:20:5a:16:48:04:21:6a:12:8c:2c:a5:e8:e5:b9:2a:7d:04:
16:b1:dd:a4:00:48:a9:2e:54:c0:f4:10:ab:83:97:38:60:2b:
8b:f5:b8:6a:28:5a:df:78:49:05:a8:d2:e2:5c:8b:9c:ae:45:
25:ea:3e:43:8c:b7:dc:f1:ab:00:12:5c:59:f5:91:32:f7:9c:
82:c1:d2:e6:d6:74:8e:d1:15:a0:e1:bb:e6:e8:bb:d2:bb:6b:
64:ab:a7:ea:40:3d:80:5f:63:63:58:18:83:5f:a1:2b:4d:cc:
ce:a8:a1:fa:7c:4e:01:be:bb:b5:cb:4c:be:f8:a3:8a:c4:c3:
4f:3f:fd:08:cb:7f:f2:c9:a5:6c:d8:55:a1:c8:ad:a1:0c:95:
a0:a3:d4:d5:6e:79:59:97:60:0f:3e:3a:3b:01:e5:df:bf:0e:
22:3a:76:79:af:43:62:17:d5:15:6a:1d:65:d8:eb:07:55:86:
a9:04:2c:00
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUBeIdHjV0rGs+H2GcUQ7xUR8Sql0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMDAwMDAwMFoX
DTI1MDIxNDIzNTk1OVowejFJMEcGA1UEBRNANTMxZTdkNjk1ODAyMmEyMmM4NDE0
Y2VlNjIwOGQ5ZTllYjgxYzFkMTk4YjE5NzA0ZTQwYzkzOGU0YzA3NDU0ZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjyE2/sc+qR87TktElOJU4sSPDfL
f/EyRSEkkgmOxQ4cBCA5e3TRXp3dt1l1UdPEoVogE2q0lov6PQmFnZnqBdg2fDsw
P1NKGnDPrEH1EG588pGapnUeALO/B2q2YeOaVfxBtahMlrUTRxfwpGpF/L392OfJ
alGkl64si6oSoXDyCJiVpxMaBfVWvszRJMGQCEAruxl2dzFoYmDfZ7jmKttCXz4/
ppgAnloGoVjJ/rqQYL3IjJL+8NFvu+1Yo/mshOq3B7+oZ53PFgT5qh1MVAxHO2cv
bevM0lgoPVAi6w0dI18YiucaSHieM1cEpdWRy5rqQbopOyFtuo6giAlsHQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJeoC+pszr84zTDa9jIkRdA9p2DMMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzlhMDVjNjliLTkyN2QtNGUzMi04NjI2LThlOTFhY2U1YzExZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaMMgwDQYJKoZIhvcNAQELBQADggEBAGJtW8ZMf09ettxNR7Qf
3JUoRJpf56FZ7FjiYCN+kPHEf/D8bK5GLjAK7YZ1GPlO5nz7mUEupe4rxxY1kPYq
26k1dD4TxXtXITAgWhZIBCFqEowspejluSp9BBax3aQASKkuVMD0EKuDlzhgK4v1
uGooWt94SQWo0uJci5yuRSXqPkOMt9zxqwASXFn1kTL3nILB0ubWdI7RFaDhu+bo
u9K7a2Srp+pAPYBfY2NYGINfoStNzM6oofp8TgG+u7XLTL74o4rEw08//QjLf/LJ
pWzYVaHIraEMlaCj1NVueVmXYA8+OjsB5d+/DiI6dnmvQ2IX1RVqHWXY6wdVhqkE
LAA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:19:37 2025 by rpki-client