Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa
File: 9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa (raw, json)
Hash identifier: cDZElgIzEegOaqnQicIMJ8HdSEB52yYSLxeFI/WsCmM=
Subject key identifier: F3:67:62:63:80:D6:30:5D:EF:F8:42:D7:5C:73:32:B4:26:6E:57:35
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 68C2B589E69812498984E8CF7901A1716DF12989
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa
Signing time: Sat 08 Mar 2025 00:01:27 +0000
ROA not before: Sat 08 Mar 2025 00:01:27 +0000
ROA not after: Sat 12 Apr 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2406:daef:c000::/40 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:c2:b5:89:e6:98:12:49:89:84:e8:cf:79:01:a1:71:6d:f1:29:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 8 00:01:27 2025 GMT
Not After : Apr 12 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:6a:a7:ab:7d:aa:ca:45:25:ce:8e:32:98:3f:
82:d6:c8:74:64:2b:12:87:01:a0:0f:b3:fc:9b:69:
ee:b7:76:ef:3a:c8:d3:d8:22:dc:4c:3b:2d:1b:bb:
9a:7c:2a:fe:6a:47:8e:8e:44:61:76:1c:85:1b:80:
bd:c7:73:c9:4d:dc:b6:2b:99:e7:80:97:44:fa:ea:
22:71:7b:38:d6:a6:54:19:a8:46:02:40:e8:6b:a5:
bd:aa:76:78:b3:da:8f:89:54:a8:84:61:0a:6e:5b:
85:0e:af:9b:ff:89:34:12:0e:dc:a4:4a:f0:16:8e:
29:d7:28:f4:a9:bb:98:84:ba:86:72:99:9b:01:6b:
76:d6:3f:30:5c:7f:a7:d3:86:84:94:80:06:94:7f:
9d:9c:b4:0e:ae:42:1c:7f:95:d3:5c:6e:08:93:fb:
34:a5:41:a3:22:65:32:f0:1a:5e:55:dc:58:d7:6d:
7e:7e:33:78:8d:dd:ad:3e:18:70:4c:d3:f8:f1:6d:
87:5d:2d:1e:f9:2b:4c:df:5e:3e:07:79:db:2b:f6:
65:e0:1b:86:f2:e5:ef:50:4c:83:ee:97:15:2a:58:
bc:ba:66:8e:c9:94:d9:46:70:3d:19:21:e6:e3:eb:
e5:20:cc:9b:93:a5:8c:de:a4:ae:e1:95:b1:41:e5:
20:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:67:62:63:80:D6:30:5D:EF:F8:42:D7:5C:73:32:B4:26:6E:57:35
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9bc90260-d4dc-4b54-951c-aa9167f8f99b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daef:c000::/40
Signature Algorithm: sha256WithRSAEncryption
1f:6f:7a:f8:c1:9d:33:0b:a8:36:ae:07:3b:96:a1:6d:8a:34:
30:24:36:fc:26:38:c3:f1:a9:a9:6e:20:69:52:f5:c9:66:51:
83:b0:c6:e6:3e:20:46:af:18:33:2a:07:2e:89:11:7d:6e:3a:
00:77:22:a6:04:f4:48:c0:02:80:fb:39:d7:de:3b:1d:e2:0d:
ed:fc:ce:7d:af:4c:9d:5f:ba:0d:5d:81:58:40:a3:fb:58:a2:
e4:1f:ae:61:e4:be:d4:d6:43:86:71:48:9b:d0:e4:b4:0e:2e:
a4:01:cd:c9:1a:ec:e6:4a:7d:5c:cb:65:71:ce:bf:bf:44:80:
06:60:bd:11:35:68:5f:2c:2f:93:6e:e6:60:36:47:d7:b7:db:
69:d7:87:de:26:dd:30:a7:2d:0f:9d:1f:9c:71:df:40:c8:e1:
e6:94:6a:d9:9b:d9:6f:2a:76:95:6a:b0:ac:e2:d8:e2:8b:e9:
64:cb:4e:fb:e9:b2:bc:53:54:50:75:1d:f7:9b:3a:ea:5d:cc:
c5:15:86:5d:1e:23:0c:a7:06:42:b4:5a:17:26:28:3e:ac:2a:
2b:d0:e5:bb:6d:2e:6b:2f:ce:2a:7b:0b:ed:8c:4d:ff:66:bd:
4c:cb:5e:54:3c:10:b3:10:45:8a:c5:e0:3e:61:83:d1:b4:13:
20:78:fa:6e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUaMK1ieaYEkmJhOjPeQGhcW3xKYkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMwODAwMDEyN1oX
DTI1MDQxMjIzNTk1OVowejFJMEcGA1UEBRNAOTJhMjY0ZDk2MWM2MGFlMDY3OTNm
Y2I4YzMwODE5MDFkOGQxNjg3ZWU3ZTBiMjI3OTA1YzJkMGRhMzRiNmZkMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5mqnq32qykUlzo4ymD+C1sh0ZCsS
hwGgD7P8m2nut3bvOsjT2CLcTDstG7uafCr+akeOjkRhdhyFG4C9x3PJTdy2K5nn
gJdE+uoicXs41qZUGahGAkDoa6W9qnZ4s9qPiVSohGEKbluFDq+b/4k0Eg7cpErw
Fo4p1yj0qbuYhLqGcpmbAWt21j8wXH+n04aElIAGlH+dnLQOrkIcf5XTXG4Ik/s0
pUGjImUy8BpeVdxY121+fjN4jd2tPhhwTNP48W2HXS0e+StM314+B3nbK/Zl4BuG
8uXvUEyD7pcVKli8umaOyZTZRnA9GSHm4+vlIMybk6WM3qSu4ZWxQeUgawIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPNnYmOA1jBd7/hC11xzMrQmblc1MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzliYzkwMjYwLWQ0ZGMtNGI1NC05NTFjLWFhOTE2N2Y4Zjk5Yi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba78AwDQYJKoZIhvcNAQELBQADggEBAB9vevjBnTMLqDauBzuW
oW2KNDAkNvwmOMPxqaluIGlS9clmUYOwxuY+IEavGDMqBy6JEX1uOgB3IqYE9EjA
AoD7OdfeOx3iDe38zn2vTJ1fug1dgVhAo/tYouQfrmHkvtTWQ4ZxSJvQ5LQOLqQB
zcka7OZKfVzLZXHOv79EgAZgvRE1aF8sL5Nu5mA2R9e322nXh94m3TCnLQ+dH5xx
30DI4eaUatmb2W8qdpVqsKzi2OKL6WTLTvvpsrxTVFB1HfebOupdzMUVhl0eIwyn
BkK0WhcmKD6sKivQ5bttLmsvzip7C+2MTf9mvUzLXlQ8ELMQRYrF4D5hg9G0EyB4
+m4=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:26:52 2025 by rpki-client