Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2f37184-69cc-42f7-b4f9-eac706fa0820.roa
File: a2f37184-69cc-42f7-b4f9-eac706fa0820.roa (raw, json)
Hash identifier: LU6Ld0n5capRp/L6sZnzyKptbRP0QftQ+mSzbJq0OCs=
Subject key identifier: B8:29:D0:89:42:6D:4C:19:68:6C:C8:9B:35:07:75:2F:EC:17:14:18
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 170370F036E22BAD800E6982C415D805DC9757FD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2f37184-69cc-42f7-b4f9-eac706fa0820.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:03:70:f0:36:e2:2b:ad:80:0e:69:82:c4:15:d8:05:dc:97:57:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:7d:79:61:68:89:d1:ec:89:50:2c:be:bd:40:
4a:3a:fd:bc:e3:4d:1b:84:ee:5f:ab:0a:e3:a5:e7:
c3:6b:f2:0b:94:d6:92:c6:31:9e:f0:ce:81:49:70:
45:f5:ea:fc:4c:bd:fc:b4:36:69:cf:20:55:29:5d:
ed:f6:f0:fc:45:5d:1a:af:00:21:ed:19:02:19:1d:
d7:4a:20:99:59:8b:f9:ff:eb:03:19:4e:d9:3f:8d:
d1:95:2b:4f:d8:93:a3:af:a6:5a:78:e2:59:0a:0c:
88:7a:6d:9a:1d:67:fb:19:b1:39:5b:21:5c:7b:1c:
a6:36:78:1f:e5:76:2a:46:57:ab:30:5c:cf:9b:02:
c2:1d:55:83:06:46:b8:27:93:5e:01:ae:84:29:6f:
0f:07:d1:ac:28:e3:b0:95:2f:f2:82:10:a9:19:4c:
5d:79:99:c6:55:59:11:58:0d:e8:71:55:e5:63:a2:
5f:7a:59:69:84:82:bb:a1:3e:7e:d3:1e:4c:23:d0:
f3:d9:5d:68:3a:74:c7:43:f1:f2:95:d0:9b:17:a2:
90:eb:4e:ca:5f:a2:94:82:d9:db:16:97:85:c2:fb:
89:9c:4d:ce:f6:64:ca:f2:2b:ae:6e:4f:f7:85:82:
1b:31:a2:4a:d2:c4:d3:32:62:40:a6:eb:1c:41:69:
96:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:29:D0:89:42:6D:4C:19:68:6C:C8:9B:35:07:75:2F:EC:17:14:18
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2f37184-69cc-42f7-b4f9-eac706fa0820.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:2000::/40
Signature Algorithm: sha256WithRSAEncryption
0e:e1:ca:1c:0a:c2:a5:6b:51:aa:6c:fc:64:9f:19:54:11:cc:
6c:a7:3a:fa:35:4b:ba:4f:87:67:59:49:ac:4d:f6:1f:77:35:
cd:a7:ef:be:a1:4c:7a:21:9c:87:07:58:81:6c:1d:73:a3:68:
36:48:f8:f1:df:8b:23:91:90:15:ff:9a:d4:21:21:5a:81:ad:
5b:9c:ab:7c:f7:be:67:82:82:76:4f:b1:c1:4b:32:7d:ae:ba:
a8:31:fe:0d:61:5b:e8:d3:c4:6c:69:bd:bf:d1:f7:0f:0e:f3:
73:69:05:31:b5:81:c2:e0:9d:3f:4f:85:f8:29:36:5f:f4:75:
10:4c:86:25:00:f2:5f:1d:cd:3d:c4:28:98:e2:a2:61:d0:56:
e4:07:92:74:6d:7c:b4:65:93:53:15:0d:75:f3:67:0e:67:3d:
33:0d:29:ff:eb:fe:5e:8f:cf:40:88:4a:4a:e2:ff:88:43:47:
04:b3:ef:af:e7:1f:28:f8:98:9d:ee:d9:e8:02:66:a5:e1:d5:
86:3c:5a:99:84:92:24:01:0c:07:75:f9:78:40:8a:48:89:3c:
2f:1f:e9:d5:b9:58:d3:e0:ff:30:11:42:e7:65:cd:8a:d2:ae:
0d:d3:5c:56:67:77:a6:76:de:07:de:23:5c:16:02:3d:31:22:
74:03:79:6d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFwNw8DbiK62ADmmCxBXYBdyXV/0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNANWI3MjI1MzMwYTViOTMzOTA0ZWEy
MmY4NmFhMzZjZGVjOTYyOGU4YjhmNjcxODgwZTU0MGU0MDAwNTMzNjg5YTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAun15YWiJ0eyJUCy+vUBKOv28400b
hO5fqwrjpefDa/ILlNaSxjGe8M6BSXBF9er8TL38tDZpzyBVKV3t9vD8RV0arwAh
7RkCGR3XSiCZWYv5/+sDGU7ZP43RlStP2JOjr6ZaeOJZCgyIem2aHWf7GbE5WyFc
exymNngf5XYqRlerMFzPmwLCHVWDBka4J5NeAa6EKW8PB9GsKOOwlS/yghCpGUxd
eZnGVVkRWA3ocVXlY6JfellphIK7oT5+0x5MI9Dz2V1oOnTHQ/HyldCbF6KQ607K
X6KUgtnbFpeFwvuJnE3O9mTK8iuubk/3hYIbMaJK0sTTMmJApuscQWmWUwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLgp0IlCbUwZaGzImzUHdS/sFxQYMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2EyZjM3MTg0LTY5Y2MtNDJmNy1iNGY5LWVhYzcwNmZhMDgyMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaACAwDQYJKoZIhvcNAQELBQADggEBAA7hyhwKwqVrUaps/GSf
GVQRzGynOvo1S7pPh2dZSaxN9h93Nc2n776hTHohnIcHWIFsHXOjaDZI+PHfiyOR
kBX/mtQhIVqBrVucq3z3vmeCgnZPscFLMn2uuqgx/g1hW+jTxGxpvb/R9w8O83Np
BTG1gcLgnT9PhfgpNl/0dRBMhiUA8l8dzT3EKJjiomHQVuQHknRtfLRlk1MVDXXz
Zw5nPTMNKf/r/l6Pz0CISkri/4hDRwSz76/nHyj4mJ3u2egCZqXh1YY8WpmEkiQB
DAd1+XhAikiJPC8f6dW5WNPg/zARQudlzYrSrg3TXFZnd6Z23gfeI1wWAj0xInQD
eW0=
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:52:55 2025 by rpki-client