Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a7bfd155-ec9a-4d86-bf47-6a3a8cd492c2.roa
File: a7bfd155-ec9a-4d86-bf47-6a3a8cd492c2.roa (raw, json)
Hash identifier: 8X+vFnqsVTylBtI09bvxzQkpnETaLFvJ4/u6p/i+4c0=
Subject key identifier: 2B:8D:E1:5C:A2:13:D4:80:AA:5E:AA:D9:0A:2F:39:99:1F:E2:5B:F4
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1EA72DDA5EC8884425949C5156E7EAE9122673D1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a7bfd155-ec9a-4d86-bf47-6a3a8cd492c2.roa
Signing time: Wed 01 Jan 2025 00:00:00 +0000
ROA not before: Wed 01 Jan 2025 00:00:00 +0000
ROA not after: Wed 05 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf1:c800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:a7:2d:da:5e:c8:88:44:25:94:9c:51:56:e7:ea:e9:12:26:73:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Jan 1 00:00:00 2025 GMT
Not After : Feb 5 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:10:db:1e:15:e4:0e:d0:f5:8e:8d:1f:8e:c9:
bd:74:0f:aa:ee:f7:71:26:86:9a:2c:50:96:4e:d0:
ea:5e:a8:a2:e2:04:4e:98:13:c7:ea:18:0b:b0:13:
8f:ba:23:9a:28:05:f8:c7:0d:98:f5:b4:15:17:b0:
32:11:ae:3a:ca:57:b8:44:d2:27:c2:16:e7:8d:fa:
98:94:fb:93:a0:13:26:26:8e:af:cd:36:53:65:98:
8e:73:3b:21:0e:e4:1e:6f:01:6f:14:aa:f6:fc:cd:
3a:58:05:17:ea:e3:08:7d:41:6c:14:5f:ac:d2:79:
4a:cf:e2:7f:e8:24:7f:73:93:de:9c:6e:72:fe:04:
2c:d0:d4:cd:6c:c4:21:3f:cf:c2:e6:a6:43:39:31:
e8:84:01:6f:5d:bf:04:b5:e6:a1:b6:b0:27:c8:ad:
13:99:df:85:19:1f:cd:28:ca:bc:e5:31:a8:fa:a3:
bb:c6:5e:6e:09:6c:44:91:cc:0c:6a:12:f9:80:54:
77:af:f7:15:e7:67:47:be:91:8f:bb:19:e9:5c:f0:
b0:bd:e2:b3:5c:e4:b7:bd:83:5f:3e:09:45:81:08:
1c:68:1c:05:92:92:3b:cb:be:51:5c:6b:8f:7c:ed:
ff:9f:50:ec:37:f9:f3:07:47:97:2a:ab:1c:f9:fc:
58:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2B:8D:E1:5C:A2:13:D4:80:AA:5E:AA:D9:0A:2F:39:99:1F:E2:5B:F4
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a7bfd155-ec9a-4d86-bf47-6a3a8cd492c2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf1:c800::/40
Signature Algorithm: sha256WithRSAEncryption
18:2e:45:3f:02:1c:88:14:f3:ee:78:29:11:a9:0f:0c:37:24:
94:ed:7f:58:d3:4a:28:0c:65:33:83:07:0a:11:26:c1:3a:1c:
5e:a7:8c:88:1a:1b:8d:a8:22:6c:21:ab:4d:1e:52:15:ca:7c:
9d:33:0e:a6:d0:1c:76:10:0a:8c:30:6e:f7:33:e1:ff:5c:6b:
de:15:e3:5a:fc:35:45:e0:8c:3e:73:86:7b:3f:42:08:43:fd:
08:39:0e:0d:71:e5:98:a3:0a:27:65:d3:15:65:f9:ba:09:e5:
a5:78:34:2d:e5:bf:55:4a:19:cb:1f:58:cd:b4:c5:78:0d:00:
54:df:03:1b:66:2a:76:93:32:4d:ee:13:9a:48:e4:01:3f:54:
91:ab:21:c7:c0:0a:d2:f9:6f:cb:ce:d4:16:d9:98:cc:1a:ab:
37:c4:ed:fe:68:0b:0a:d0:85:0b:65:cf:67:7f:e8:3c:26:a0:
b1:0e:04:18:bf:e5:fc:0b:72:ea:c0:41:02:3e:94:43:a6:48:
12:5b:53:23:34:94:f7:41:df:b1:ee:bd:73:0e:d4:bd:76:4b:
3e:5a:d4:d4:bd:db:4d:4e:cf:a0:90:b7:d7:db:db:bd:52:4b:
4f:ee:da:63:66:65:c9:a7:50:a6:3e:a4:6d:96:e7:23:af:d4:
67:6d:03:21
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUHqct2l7IiEQllJxRVufq6RImc9EwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwMTAwMDAwMFoX
DTI1MDIwNTIzNTk1OVowejFJMEcGA1UEBRNAOWM3N2MyYzc3OTZkNDM2MjZhNTk5
ZjE3MWU1NjljYWYxYWNkMjM4YzIwYTUwNzJlMjA4MGM3MDgzNDRmNDUwNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xDbHhXkDtD1jo0fjsm9dA+q7vdx
JoaaLFCWTtDqXqii4gROmBPH6hgLsBOPuiOaKAX4xw2Y9bQVF7AyEa46yle4RNIn
whbnjfqYlPuToBMmJo6vzTZTZZiOczshDuQebwFvFKr2/M06WAUX6uMIfUFsFF+s
0nlKz+J/6CR/c5PenG5y/gQs0NTNbMQhP8/C5qZDOTHohAFvXb8EteahtrAnyK0T
md+FGR/NKMq85TGo+qO7xl5uCWxEkcwMahL5gFR3r/cV52dHvpGPuxnpXPCwveKz
XOS3vYNfPglFgQgcaBwFkpI7y75RXGuPfO3/n1DsN/nzB0eXKqsc+fxYQwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFCuN4VyiE9SAql6q2QovOZkf4lv0MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2E3YmZkMTU1LWVjOWEtNGQ4Ni1iZjQ3LTZhM2E4Y2Q0OTJjMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8cgwDQYJKoZIhvcNAQELBQADggEBABguRT8CHIgU8+54KRGp
Dww3JJTtf1jTSigMZTODBwoRJsE6HF6njIgaG42oImwhq00eUhXKfJ0zDqbQHHYQ
Cowwbvcz4f9ca94V41r8NUXgjD5zhns/QghD/Qg5Dg1x5ZijCidl0xVl+boJ5aV4
NC3lv1VKGcsfWM20xXgNAFTfAxtmKnaTMk3uE5pI5AE/VJGrIcfACtL5b8vO1BbZ
mMwaqzfE7f5oCwrQhQtlz2d/6DwmoLEOBBi/5fwLcurAQQI+lEOmSBJbUyM0lPdB
37HuvXMO1L12Sz5a1NS9201Oz6CQt9fb271SS0/u2mNmZcmnUKY+pG2W5yOv1Gdt
AyE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:46 2025 by rpki-client