Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b91b090d-3825-4e2e-b284-6f3eeae6f950.roa
File: b91b090d-3825-4e2e-b284-6f3eeae6f950.roa (raw, json)
Hash identifier: YRMWPW81Bw/13PY2xFosPbSHFjeLTW7pVG8w1B8M9dI=
Subject key identifier: 69:61:23:F3:00:50:FE:98:FA:9E:A0:3D:C0:FE:EC:D1:1C:29:4B:D4
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 211B895127CECEE8F9C6A9995A61C7778A6E2396
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b91b090d-3825-4e2e-b284-6f3eeae6f950.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:2800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:1b:89:51:27:ce:ce:e8:f9:c6:a9:99:5a:61:c7:77:8a:6e:23:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:d0:c4:b9:4e:de:cf:a0:15:09:a4:61:d2:22:
38:b8:5b:28:56:08:d5:b5:e1:36:2e:d6:4e:e5:73:
50:8e:4b:71:d5:af:b8:14:af:01:e7:20:c5:cf:5e:
0c:e7:53:80:d5:65:6a:55:92:c5:42:53:10:ef:08:
76:75:c4:bc:72:10:13:ee:f4:23:0a:3c:ee:5d:b5:
18:05:ac:fc:ca:f7:71:74:44:b1:11:2d:2b:a1:7a:
1c:ff:bc:ab:52:8d:e0:20:16:b3:ac:4c:35:07:16:
4d:bd:35:b5:da:aa:7b:e8:42:b8:65:fb:86:5f:ec:
80:ad:e4:4b:26:5b:fd:48:87:b2:df:7c:d4:27:53:
51:a1:85:ed:77:1f:5b:1d:13:17:29:11:cc:93:6d:
20:30:45:29:42:47:e1:a4:8d:7f:dd:dd:19:19:55:
98:df:d2:bd:9c:d3:2e:05:bb:26:0e:a2:86:26:15:
cd:48:1d:55:07:ba:6d:0f:06:30:6b:53:9e:f1:e5:
74:a8:ee:2d:19:88:fd:07:ed:28:eb:9a:ae:3b:67:
66:77:67:69:44:eb:64:25:6d:d6:f1:65:58:2c:96:
bc:cc:45:ff:b9:0e:32:eb:31:a3:1e:0a:1c:02:13:
ce:cb:05:4b:16:54:7c:99:f0:17:65:89:ae:fd:ad:
00:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:61:23:F3:00:50:FE:98:FA:9E:A0:3D:C0:FE:EC:D1:1C:29:4B:D4
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b91b090d-3825-4e2e-b284-6f3eeae6f950.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:2800::/40
Signature Algorithm: sha256WithRSAEncryption
1b:5d:5d:15:87:db:5d:eb:0d:1f:60:c3:b1:7a:d3:f2:92:6b:
7f:c2:91:0e:c3:04:39:11:69:91:3c:17:8b:66:0d:b8:5b:a0:
90:18:3f:82:1f:cb:16:54:57:98:d2:e1:5f:89:c6:19:85:80:
b3:66:f4:99:23:73:54:b7:96:54:7a:ae:24:f6:05:7c:3e:9d:
a8:cb:d0:29:5e:69:ae:d0:57:4f:fe:14:c5:6b:d6:90:9a:21:
9e:51:3e:bf:b1:28:e6:e8:90:d6:6f:87:fa:48:64:25:10:fc:
4e:4a:05:b7:09:16:30:1a:c1:65:f0:1d:00:1b:70:10:ac:35:
3e:04:a3:ee:32:5d:8d:8a:0a:16:06:ec:dd:c8:e0:5d:7b:81:
41:e6:e6:4a:84:4f:1f:ce:01:7b:d8:64:23:cb:11:5a:15:d7:
d8:3d:44:2b:52:f8:20:49:e4:59:6c:37:ac:73:bb:0f:23:11:
92:d3:7c:e4:c5:62:1c:66:75:6d:a7:2d:48:84:8f:65:80:9e:
66:c2:65:0b:9d:fd:42:1f:64:17:c8:58:bb:6f:2d:a8:f2:37:
03:65:22:7b:53:2e:c0:2e:24:74:6e:c4:21:ad:b7:a6:ab:a0:
cc:ca:02:c6:e4:61:f2:22:c4:c8:d3:40:88:2c:6c:a2:9f:fd:
ce:cd:d3:11
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUIRuJUSfOzuj5xqmZWmHHd4puI5YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAZDAxYjRkNWUwOTYzMjlhNjRjMDI5
ZDNmMjUxMmI5OTRkZmQ3MjQxNmM0MTdlNWEwOWU3ZWQ5ZDM4NzNkZGIwZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2NDEuU7ez6AVCaRh0iI4uFsoVgjV
teE2LtZO5XNQjktx1a+4FK8B5yDFz14M51OA1WVqVZLFQlMQ7wh2dcS8chAT7vQj
CjzuXbUYBaz8yvdxdESxES0roXoc/7yrUo3gIBazrEw1BxZNvTW12qp76EK4ZfuG
X+yAreRLJlv9SIey33zUJ1NRoYXtdx9bHRMXKRHMk20gMEUpQkfhpI1/3d0ZGVWY
39K9nNMuBbsmDqKGJhXNSB1VB7ptDwYwa1Oe8eV0qO4tGYj9B+0o65quO2dmd2dp
ROtkJW3W8WVYLJa8zEX/uQ4y6zGjHgocAhPOywVLFlR8mfAXZYmu/a0AbQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGlhI/MAUP6Y+p6gPcD+7NEcKUvUMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2I5MWIwOTBkLTM4MjUtNGUyZS1iMjg0LTZmM2VlYWU2Zjk1MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaSgwDQYJKoZIhvcNAQELBQADggEBABtdXRWH213rDR9gw7F6
0/KSa3/CkQ7DBDkRaZE8F4tmDbhboJAYP4IfyxZUV5jS4V+JxhmFgLNm9Jkjc1S3
llR6riT2BXw+najL0Cleaa7QV0/+FMVr1pCaIZ5RPr+xKObokNZvh/pIZCUQ/E5K
BbcJFjAawWXwHQAbcBCsNT4Eo+4yXY2KChYG7N3I4F17gUHm5kqETx/OAXvYZCPL
EVoV19g9RCtS+CBJ5FlsN6xzuw8jEZLTfOTFYhxmdW2nLUiEj2WAnmbCZQud/UIf
ZBfIWLtvLajyNwNlIntTLsAuJHRuxCGtt6aroMzKAsbkYfIixMjTQIgsbKKf/c7N
0xE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:32:03 2025 by rpki-client