Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae920ed2-97d5-458b-804a-81fcd6f09e97.roa
File: ae920ed2-97d5-458b-804a-81fcd6f09e97.roa (raw, json)
Hash identifier: dfScXof8gC9VeJuXqwHODMTIO8JP5w8xasN6El18ZAE=
Subject key identifier: 53:4B:7C:85:13:AC:FB:3F:1E:FA:C5:17:33:4B:97:FF:92:C0:E3:68
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 063BC911E61362E27E9CC927340415289E9326
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae920ed2-97d5-458b-804a-81fcd6f09e97.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafc:7000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:3b:c9:11:e6:13:62:e2:7e:9c:c9:27:34:04:15:28:9e:93:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:0a:8f:c6:d3:41:af:a5:e4:28:bb:a4:f9:f1:
6f:6e:c2:59:ab:20:c2:5a:bb:a0:e7:88:9b:1c:8d:
9e:17:b5:4c:4c:05:38:52:34:aa:c0:93:79:3a:8d:
09:8b:f9:3d:f6:81:8b:b0:52:e0:15:72:ea:04:d6:
f5:40:2e:55:b2:7b:de:d7:0e:64:ae:5d:a9:7a:3f:
54:af:73:27:06:fa:6e:66:d7:7e:47:26:d7:9a:56:
25:e4:53:b1:6c:38:77:5b:c2:6f:3d:6f:4f:0f:0f:
7a:74:85:1e:ab:c0:db:cd:aa:4e:ba:18:34:ed:c3:
cc:3a:e2:c5:06:80:4a:68:a2:cf:6a:13:8c:bc:88:
92:e4:d4:ce:69:08:0c:26:8d:ba:06:d4:4e:ee:1e:
6c:55:cf:b0:03:36:9e:ed:5f:f8:1a:74:a4:27:1d:
4d:05:0f:32:e3:25:1c:aa:0a:43:d8:32:67:e8:27:
4e:1d:e2:1e:6e:b8:ff:dd:97:bc:a9:09:27:c5:50:
5e:2d:92:10:94:a5:08:97:01:65:a3:26:f0:ec:6a:
94:a2:fe:5d:16:f0:31:e8:af:d3:4a:6d:bb:ee:d5:
80:0f:8c:2c:19:ac:23:8d:cd:26:ba:69:c0:d7:dc:
c7:d3:f0:07:57:95:61:ae:9a:40:a9:26:20:a6:8e:
da:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:4B:7C:85:13:AC:FB:3F:1E:FA:C5:17:33:4B:97:FF:92:C0:E3:68
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ae920ed2-97d5-458b-804a-81fcd6f09e97.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafc:7000::/40
Signature Algorithm: sha256WithRSAEncryption
54:04:10:90:f5:13:93:fe:dc:c1:2a:95:71:b5:8a:98:e9:1c:
36:18:2b:e8:c0:22:30:f7:0c:72:6e:37:76:2a:a2:87:10:82:
9e:c8:f5:40:99:f4:ff:29:0a:7a:15:5b:9b:b5:cb:aa:62:7e:
1f:ed:81:fa:b8:35:5a:04:e6:61:3b:b2:ec:74:76:19:52:cf:
03:c3:db:39:fd:2d:b7:34:01:c6:ac:a3:8a:ce:a5:7e:e4:96:
70:e3:59:3d:6e:ad:e5:7e:56:5a:3f:67:db:69:06:da:87:bd:
84:6f:fc:e6:b8:54:c7:ec:d8:2f:b5:fe:cc:8f:64:c5:a2:36:
d7:ec:68:e4:56:a2:3e:f4:a2:d3:12:8b:b1:d5:09:f2:4d:ad:
d7:f3:fc:21:4e:0b:13:1a:91:fb:ec:d2:8e:50:d2:c8:05:3d:
a3:3c:4c:18:e3:5f:68:1a:07:e7:b2:ea:92:f4:fc:87:95:a9:
ae:f4:af:a5:bf:bf:ae:14:88:84:1c:c9:8a:0a:e9:72:8a:57:
53:ec:05:ac:c5:16:1c:1f:b3:a8:04:c6:0c:59:99:e4:45:43:
d4:fe:f8:0c:41:2a:46:7f:b0:5c:2e:c3:0f:ab:53:68:67:22:
58:d3:1b:93:5a:e8:ec:f7:0d:b2:23:0d:0d:b8:50:c3:a3:4b:
a1:3a:80:4a
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgITBjvJEeYTYuJ+nMknNAQVKJ6TJjANBgkqhkiG9w0BAQsF
ADBKMRUwEwYDVQQDEwxBOTFGNjM1RjAwMDAxMTAvBgNVBAUTKDQwNzY4MjU1MjRE
MkM2NkQyRTEwNDM2RkU2NUU5M0U4QzFCRDRBMzcwHhcNMjQxMjE2MDAwMDAwWhcN
MjUwMTIwMjM1OTU5WjB6MUkwRwYDVQQFE0BhMzQxYTlhMDQzZmVhMTZkNzQ4MmYw
N2U1YjljOWFmZjcyNTE5ZjQ2NGE4ZjdmNzJjMzI2M2E0NWQ0NTVjNTc5MS0wKwYD
VQQDEyRjMGJmMGZlOC03MTdjLTRmNzItOWI0NS1jOWM1MTkxMzJhODEwggEiMA0G
CSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCiCo/G00GvpeQou6T58W9uwlmrIMJa
u6DniJscjZ4XtUxMBThSNKrAk3k6jQmL+T32gYuwUuAVcuoE1vVALlWye97XDmSu
Xal6P1SvcycG+m5m135HJteaViXkU7FsOHdbwm89b08PD3p0hR6rwNvNqk66GDTt
w8w64sUGgEpoos9qE4y8iJLk1M5pCAwmjboG1E7uHmxVz7ADNp7tX/gadKQnHU0F
DzLjJRyqCkPYMmfoJ04d4h5uuP/dl7ypCSfFUF4tkhCUpQiXAWWjJvDsapSi/l0W
8DHor9NKbbvu1YAPjCwZrCONzSa6acDX3MfT8AdXlWGumkCpJiCmjto3AgMBAAGj
ggJKMIICRjAdBgNVHQ4EFgQUU0t8hROs+z8e+sUXM0uX/5LA42gwHwYDVR0jBBgw
FoAUQHaCVSTSxm0uEENv5l6T6MG9SjcwDgYDVR0PAQH/BAQDAgeAMH4GCCsGAQUF
BwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9ycGtpLmFwbmljLm5ldC9yZXBv
c2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3QzcyRkQxRkYyL1FIYUNWU1RT
eG0wdUVFTnY1bDZUNk1HOVNqYy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1MGJlYzkyNjEv
YWU5MjBlZDItOTdkNS00NThiLTgwNGEtODFmY2Q2ZjA5ZTk3LnJvYTCBlQYDVR0f
BIGNMIGKMIGHoIGEoIGBhn9yc3luYzovL3Jwa2ktcnN5bmMudXMtZWFzdC0yLmFt
YXpvbmF3cy5jb20vdm9sdW1lLzA4YzJmMjY0LTIzZjktNDlmYi05ZDQzLWY4YjUw
YmVjOTI2MS83YmExNzg2My1hNjEzLTQxOTctOWVkNS1iZWRhNmE4OTg2OWYuY3Js
MBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4E
AgACMAgDBgAkBtr8cDANBgkqhkiG9w0BAQsFAAOCAQEAVAQQkPUTk/7cwSqVcbWK
mOkcNhgr6MAiMPcMcm43diqihxCCnsj1QJn0/ykKehVbm7XLqmJ+H+2B+rg1WgTm
YTuy7HR2GVLPA8PbOf0ttzQBxqyjis6lfuSWcONZPW6t5X5WWj9n22kG2oe9hG/8
5rhUx+zYL7X+zI9kxaI21+xo5FaiPvSi0xKLsdUJ8k2t1/P8IU4LExqR++zSjlDS
yAU9ozxMGONfaBoH57LqkvT8h5WprvSvpb+/rhSIhBzJigrpcopXU+wFrMUWHB+z
qATGDFmZ5EVD1P74DEEqRn+wXC7DD6tTaGciWNMbk1ro7PcNsiMNDbhQw6NLoTqA
Sg==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:50:30 2025 by rpki-client