Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d58c199-4c8e-4b8f-982f-8e964ae25ea9.roa
File: 9d58c199-4c8e-4b8f-982f-8e964ae25ea9.roa (raw, json)
Hash identifier: +ftAPLzXf/lrdijbTblbLATBDPy6xS9yaX68oURJmKg=
Subject key identifier: 23:C8:9A:98:45:17:DA:A1:C4:04:AF:20:04:E1:77:0B:06:01:88:9B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0B99C7B7F0D21172A5BFAAA31A19B6F212DD8F40
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d58c199-4c8e-4b8f-982f-8e964ae25ea9.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da36:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0b:99:c7:b7:f0:d2:11:72:a5:bf:aa:a3:1a:19:b6:f2:12:dd:8f:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:6a:eb:44:1d:ff:65:3e:cc:7c:7d:27:db:d4:
c3:b8:2f:f8:a7:14:46:15:c6:f0:09:de:4e:97:09:
b6:c5:19:01:e5:c0:ee:96:81:f6:27:f9:f6:4d:ba:
43:0e:14:b4:55:61:8b:1d:cc:c9:3e:4f:84:6a:fa:
fc:ae:a8:f2:7c:61:47:c8:ee:ab:cb:1d:7c:66:d1:
52:a5:bd:81:d4:41:c0:b0:fc:d6:d6:71:9b:f4:7a:
ec:48:ee:6f:6c:04:cd:40:61:e5:21:49:58:06:c2:
ff:35:fc:93:7e:a4:06:c8:7d:65:dc:9a:82:a2:88:
f0:c3:84:68:9c:fa:b4:b7:99:56:7c:d9:c9:fc:ad:
37:e4:a6:63:8d:6b:f5:2a:30:88:6d:e7:1c:03:43:
ae:70:93:cd:b2:14:a0:7e:66:aa:73:f1:2f:a8:9f:
ae:d3:25:d1:7f:81:aa:24:b6:e5:0b:0e:e3:1e:af:
33:40:86:a9:55:27:66:a5:f1:e8:3d:e1:df:1a:d9:
2e:26:7e:d1:16:fe:31:f2:d2:e9:d6:16:ee:0d:d0:
c6:84:0a:fb:d7:dd:07:05:f0:16:68:fc:59:d7:f3:
b1:c3:8f:7a:ae:e0:c6:00:7a:aa:04:6f:5c:78:2d:
f8:5f:1c:19:b9:3f:39:ff:ab:a8:c6:bf:ce:9a:da:
40:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:C8:9A:98:45:17:DA:A1:C4:04:AF:20:04:E1:77:0B:06:01:88:9B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9d58c199-4c8e-4b8f-982f-8e964ae25ea9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da36:2000::/40
Signature Algorithm: sha256WithRSAEncryption
98:6a:bc:d0:a2:94:49:6d:7a:8c:21:cb:25:3b:3c:e6:c4:6f:
e1:53:ce:2b:ff:39:13:9a:5e:be:18:29:43:bd:2c:b8:db:c0:
a3:40:86:ca:62:07:d3:e7:6f:af:4b:8c:f6:e4:55:d5:c3:57:
29:56:3a:e6:8f:7b:7d:93:00:34:48:9c:3c:d0:8d:30:51:92:
a9:84:8f:46:23:e8:2d:88:53:12:64:5e:6e:bb:fc:09:65:91:
c4:c9:50:22:16:ff:33:5c:2b:49:64:a5:20:e3:0b:fb:e2:d4:
d0:ce:a3:de:5b:c0:d3:98:90:cc:38:bb:f3:16:0d:78:96:7d:
88:f5:5c:75:9a:7c:af:1b:1c:04:86:e7:ab:74:b4:2e:2d:d6:
85:a5:d4:08:c6:e5:5d:bd:12:25:b4:ca:cd:07:65:df:d5:4f:
d0:76:2b:41:3c:c0:b7:fc:3e:c7:eb:7c:11:a9:01:83:78:98:
35:bb:c1:ad:fd:bd:a7:63:be:dc:d2:22:32:8f:2a:61:63:39:
45:94:82:cf:f0:1e:6a:4c:1c:6d:27:49:7a:81:37:1a:5a:e7:
b1:5f:41:22:52:f8:ca:b1:7d:98:93:53:ba:67:f1:ae:25:f1:
59:58:f4:99:e6:4d:f5:3e:47:1b:b1:61:c4:66:cf:c7:f9:f7:
3f:38:cd:33
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUC5nHt/DSEXKlv6qjGhm28hLdj0AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAZWYwYmVhMzJiYTE4MTgyMmI2YzFi
NjFiYzlmMjJlZjM2MDBmMTJkOTg5YjZjNDZiMDM2MDU1YWI3MDgwMzUzMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo2rrRB3/ZT7MfH0n29TDuC/4pxRG
FcbwCd5Olwm2xRkB5cDuloH2J/n2TbpDDhS0VWGLHczJPk+Eavr8rqjyfGFHyO6r
yx18ZtFSpb2B1EHAsPzW1nGb9HrsSO5vbATNQGHlIUlYBsL/NfyTfqQGyH1l3JqC
oojww4RonPq0t5lWfNnJ/K035KZjjWv1KjCIbeccA0OucJPNshSgfmaqc/EvqJ+u
0yXRf4GqJLblCw7jHq8zQIapVSdmpfHoPeHfGtkuJn7RFv4x8tLp1hbuDdDGhAr7
190HBfAWaPxZ1/Oxw496ruDGAHqqBG9ceC34XxwZuT85/6uoxr/OmtpA8QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCPImphFF9qhxASvIAThdwsGAYibMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzlkNThjMTk5LTRjOGUtNGI4Zi05ODJmLThlOTY0YWUyNWVhOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaNiAwDQYJKoZIhvcNAQELBQADggEBAJhqvNCilElteowhyyU7
PObEb+FTziv/OROaXr4YKUO9LLjbwKNAhspiB9Pnb69LjPbkVdXDVylWOuaPe32T
ADRInDzQjTBRkqmEj0Yj6C2IUxJkXm67/AllkcTJUCIW/zNcK0lkpSDjC/vi1NDO
o95bwNOYkMw4u/MWDXiWfYj1XHWafK8bHASG56t0tC4t1oWl1AjG5V29EiW0ys0H
Zd/VT9B2K0E8wLf8PsfrfBGpAYN4mDW7wa39vadjvtzSIjKPKmFjOUWUgs/wHmpM
HG0nSXqBNxpa57FfQSJS+MqxfZiTU7pn8a4l8VlY9JnmTfU+RxuxYcRmz8f59z84
zTM=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:44:46 2025 by rpki-client