Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9c11e59-ae56-4942-a1ad-552099b14619.roa
File: a9c11e59-ae56-4942-a1ad-552099b14619.roa (raw, json)
Hash identifier: +DqCWVGmeNc8CHM1o0mzCAnoDNRlC4COFQVYvumvrDQ=
Subject key identifier: E5:CA:CF:DB:08:CA:0D:F1:0D:6E:EF:BE:61:17:40:45:88:A6:19:58
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 75F3B8660589C8437496BB8A882EEFF719E3FEBB
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9c11e59-ae56-4942-a1ad-552099b14619.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:2800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:f3:b8:66:05:89:c8:43:74:96:bb:8a:88:2e:ef:f7:19:e3:fe:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:cb:b5:93:3d:cb:3d:b3:25:52:f2:9f:09:bc:
11:2d:00:a7:e1:59:2e:1b:c5:be:11:47:4d:73:a7:
25:ed:29:f7:21:8b:73:03:83:24:d5:07:10:50:04:
93:73:de:f3:9c:de:e1:cc:e8:89:26:d8:9a:32:ca:
3b:f0:f6:f0:83:54:b4:cb:fb:fe:6e:2f:20:00:e3:
d0:3d:1e:bd:ae:7a:8f:f7:33:22:ed:be:d9:45:eb:
20:d0:b2:51:52:cd:f5:09:5d:53:ba:82:bf:2d:23:
32:67:0a:e1:33:e9:dd:4f:3f:df:21:59:c4:79:7f:
57:58:01:bd:01:2d:dd:6c:29:06:d2:36:37:fe:be:
1f:23:2a:5b:a3:50:49:a2:85:0c:05:4b:81:8d:30:
bb:8d:21:d9:67:05:1f:94:3b:d4:ce:3f:b8:c0:dd:
d0:cc:c4:f3:9e:ad:37:33:a2:3f:1f:17:25:c1:28:
75:f9:b3:f9:ef:80:eb:1b:bb:03:e6:08:0a:ce:27:
95:b5:bd:13:5c:f5:c7:4c:dd:f3:b6:d0:0b:50:02:
e3:24:b6:17:78:05:9d:42:25:55:51:23:2e:b3:c3:
6c:78:d2:a6:68:b0:68:07:8f:0a:07:97:3d:81:fa:
05:d2:5a:a6:01:24:0f:0e:fd:33:a4:48:2c:e6:57:
82:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:CA:CF:DB:08:CA:0D:F1:0D:6E:EF:BE:61:17:40:45:88:A6:19:58
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a9c11e59-ae56-4942-a1ad-552099b14619.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:2800::/40
Signature Algorithm: sha256WithRSAEncryption
0c:01:ee:5c:4d:24:36:2d:09:45:16:77:f1:38:af:d7:5e:a1:
7c:4e:f3:88:be:46:a1:97:08:87:c1:19:ac:22:48:f9:a1:cd:
ba:46:ce:8f:e7:d7:29:33:b0:5c:00:58:6f:7a:bc:50:1e:cc:
72:2c:15:ac:2e:9a:df:2d:ed:ce:e5:24:8f:83:6d:0e:61:18:
0d:09:32:97:37:af:da:e8:bd:0f:13:f8:93:cb:20:20:83:be:
84:ea:0f:d1:0f:b2:ae:ba:8c:a4:05:da:73:29:bc:c7:73:70:
5e:3c:16:0b:1a:80:94:a0:9f:12:3d:69:63:49:7e:22:ef:02:
c1:a8:b3:c6:e6:3a:e3:78:68:e6:0b:1e:b8:ba:be:3f:81:1e:
c5:aa:88:02:52:ca:13:8d:b8:4a:92:9c:2d:0e:e2:4b:07:21:
b9:da:0a:1b:08:83:e3:a5:db:12:91:96:b1:87:df:88:b1:33:
8a:0a:55:3f:02:af:1a:b1:2f:da:7e:ad:62:e2:7e:69:a4:95:
31:5e:6e:30:12:28:0b:64:b1:2f:c5:46:41:c3:d4:b0:62:03:
be:82:cb:b6:f9:90:ff:85:2d:85:4e:a9:dc:81:69:a6:43:81:
2a:6a:6a:33:a6:d6:2a:b7:dd:e1:cb:01:6f:2e:76:f9:a0:e0:
ca:13:99:30
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUdfO4ZgWJyEN0lruKiC7v9xnj/rswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAZjdlZThkOTgxOTdkM2I1ZjNhOWNh
YzE4NDIwY2NlYjc4MGFkZTNjMTFhNDMyNDMzYzVmNmQzMjMyNWMwNzI2ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs8u1kz3LPbMlUvKfCbwRLQCn4Vku
G8W+EUdNc6cl7Sn3IYtzA4Mk1QcQUASTc97znN7hzOiJJtiaMso78Pbwg1S0y/v+
bi8gAOPQPR69rnqP9zMi7b7ZResg0LJRUs31CV1TuoK/LSMyZwrhM+ndTz/fIVnE
eX9XWAG9AS3dbCkG0jY3/r4fIypbo1BJooUMBUuBjTC7jSHZZwUflDvUzj+4wN3Q
zMTznq03M6I/HxclwSh1+bP574DrG7sD5ggKzieVtb0TXPXHTN3zttALUALjJLYX
eAWdQiVVUSMus8NseNKmaLBoB48KB5c9gfoF0lqmASQPDv0zpEgs5leCYQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOXKz9sIyg3xDW7vvmEXQEWIphlYMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2E5YzExZTU5LWFlNTYtNDk0Mi1hMWFkLTU1MjA5OWIxNDYxOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYSgwDQYJKoZIhvcNAQELBQADggEBAAwB7lxNJDYtCUUWd/E4
r9deoXxO84i+RqGXCIfBGawiSPmhzbpGzo/n1ykzsFwAWG96vFAezHIsFawumt8t
7c7lJI+DbQ5hGA0JMpc3r9rovQ8T+JPLICCDvoTqD9EPsq66jKQF2nMpvMdzcF48
FgsagJSgnxI9aWNJfiLvAsGos8bmOuN4aOYLHri6vj+BHsWqiAJSyhONuEqSnC0O
4ksHIbnaChsIg+Ol2xKRlrGH34ixM4oKVT8CrxqxL9p+rWLifmmklTFebjASKAtk
sS/FRkHD1LBiA76Cy7b5kP+FLYVOqdyBaaZDgSpqajOm1iq33eHLAW8udvmg4MoT
mTA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:14 2025 by rpki-client