Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81f820a-8152-41e4-ab9c-7dcf49c640dc.roa
File: b81f820a-8152-41e4-ab9c-7dcf49c640dc.roa (raw, json)
Hash identifier: fCFVdcojgrpvnMZuN++IbsM8DhHDhCzYttZnSAJ1Bbk=
Subject key identifier: 3B:D5:4A:63:96:B0:85:F9:13:9A:84:B8:72:19:F6:C1:40:37:E5:DD
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7E577149DCBB150B42D122777D31B7989BF11096
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81f820a-8152-41e4-ab9c-7dcf49c640dc.roa
Signing time: Wed 01 Jan 2025 00:00:00 +0000
ROA not before: Wed 01 Jan 2025 00:00:00 +0000
ROA not after: Wed 05 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf0:c800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7e:57:71:49:dc:bb:15:0b:42:d1:22:77:7d:31:b7:98:9b:f1:10:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Jan 1 00:00:00 2025 GMT
Not After : Feb 5 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:14:ba:2b:7a:2a:c8:cf:60:d2:bf:53:35:83:
c4:c9:9e:45:f3:95:cf:c3:2e:3f:8b:72:40:52:64:
47:7d:66:c5:e9:54:11:7b:9f:8f:ed:39:c9:1e:c0:
74:22:7d:9b:d6:b0:e3:97:a3:00:d9:44:f5:75:18:
69:24:8e:f4:8b:14:f6:8a:e3:fb:24:42:40:20:1a:
46:28:8f:91:3b:5d:a5:d0:3a:a7:e6:03:2a:32:26:
e5:8f:88:3a:36:0b:32:3d:84:26:ab:c7:a4:94:17:
ef:19:9e:a7:f8:3f:0b:90:d8:a0:88:26:f6:85:2f:
e4:28:ec:34:43:fe:aa:7d:31:30:45:b7:80:cb:10:
3f:cf:e6:b1:cc:31:d1:48:8d:12:4f:ef:7c:97:e5:
ce:f6:a2:d0:b1:7d:4b:75:d8:36:37:c6:08:9c:1e:
7d:d4:13:79:7b:6e:9c:e9:93:55:f5:2e:22:6c:eb:
c0:b2:e0:4c:7f:ce:be:6d:b4:35:9b:09:a9:03:3e:
ed:45:97:24:0e:a3:ea:bb:85:4c:78:e6:5f:dd:79:
f7:51:f9:7b:7e:87:55:de:60:21:eb:94:e4:43:f2:
b5:ea:cc:4f:a3:38:f7:35:6a:0d:6a:03:6e:f8:c9:
0b:ac:5e:90:0c:b5:b2:df:89:d5:10:21:4c:a6:50:
d7:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:D5:4A:63:96:B0:85:F9:13:9A:84:B8:72:19:F6:C1:40:37:E5:DD
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b81f820a-8152-41e4-ab9c-7dcf49c640dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf0:c800::/40
Signature Algorithm: sha256WithRSAEncryption
18:eb:4f:00:6c:11:03:dc:b7:49:96:02:77:29:3d:b3:1e:c9:
25:ee:6d:fb:bb:e4:89:7e:b6:95:5c:17:10:6c:04:64:53:7f:
42:69:b5:3c:1b:0d:47:27:53:55:d5:11:5f:74:a2:95:2e:26:
1b:07:8c:2e:f5:04:e1:22:9f:da:be:5f:f9:0a:78:46:d5:0d:
9b:c5:ef:18:a2:91:95:c6:7e:5c:e2:11:c9:29:fb:f6:43:a2:
e3:dc:3a:3e:c8:7d:0f:d7:7a:b1:0e:04:7b:a4:84:2b:e5:a6:
9b:21:51:4a:44:94:68:0c:41:3a:c1:ee:35:9d:2c:c8:6f:c5:
ef:32:83:50:3d:a0:9f:d0:a5:31:0d:8a:69:44:7f:c7:86:b7:
cc:2b:ec:65:20:a9:8f:90:6b:47:98:6f:18:af:78:7c:cd:72:
19:33:15:0d:17:a7:ba:a3:10:9d:61:52:6c:f1:c0:07:70:24:
dd:07:8d:8e:5f:9b:74:bb:30:7e:ed:7e:1f:a3:d6:a7:3f:01:
34:05:b0:ee:d4:b6:37:db:d1:d6:8e:74:76:29:7f:16:cd:4d:
7d:6d:3c:94:27:e6:bd:09:ff:a4:db:a9:4a:4c:62:a4:78:cd:
78:08:13:4f:09:21:d4:2e:db:30:33:cb:39:c3:21:62:d8:b5:
4f:63:f3:4f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUfldxSdy7FQtC0SJ3fTG3mJvxEJYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwMTAwMDAwMFoX
DTI1MDIwNTIzNTk1OVowejFJMEcGA1UEBRNAZTQ2ZjNmZDFkZTdhZjA4N2NkNjk1
N2Y1MDYwMjM5MmVmYWNkNTRmMjE0OTkyNGM5ZGMzYmUzMzJkYzU1MTA5NjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRS6K3oqyM9g0r9TNYPEyZ5F85XP
wy4/i3JAUmRHfWbF6VQRe5+P7TnJHsB0In2b1rDjl6MA2UT1dRhpJI70ixT2iuP7
JEJAIBpGKI+RO12l0Dqn5gMqMiblj4g6NgsyPYQmq8eklBfvGZ6n+D8LkNigiCb2
hS/kKOw0Q/6qfTEwRbeAyxA/z+axzDHRSI0ST+98l+XO9qLQsX1Lddg2N8YInB59
1BN5e26c6ZNV9S4ibOvAsuBMf86+bbQ1mwmpAz7tRZckDqPqu4VMeOZf3Xn3Ufl7
fodV3mAh65TkQ/K16sxPozj3NWoNagNu+MkLrF6QDLWy34nVECFMplDXwwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDvVSmOWsIX5E5qEuHIZ9sFAN+XdMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2I4MWY4MjBhLTgxNTItNDFlNC1hYjljLTdkY2Y0OWM2NDBkYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8MgwDQYJKoZIhvcNAQELBQADggEBABjrTwBsEQPct0mWAncp
PbMeySXubfu75Il+tpVcFxBsBGRTf0JptTwbDUcnU1XVEV90opUuJhsHjC71BOEi
n9q+X/kKeEbVDZvF7xiikZXGflziEckp+/ZDouPcOj7IfQ/XerEOBHukhCvlppsh
UUpElGgMQTrB7jWdLMhvxe8yg1A9oJ/QpTENimlEf8eGt8wr7GUgqY+Qa0eYbxiv
eHzNchkzFQ0Xp7qjEJ1hUmzxwAdwJN0HjY5fm3S7MH7tfh+j1qc/ATQFsO7Utjfb
0daOdHYpfxbNTX1tPJQn5r0J/6TbqUpMYqR4zXgIE08JIdQu2zAzyznDIWLYtU9j
808=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:47:03 2025 by rpki-client