Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb98c08c-0f1a-4df4-a80b-caa2918ed856.roa
File: bb98c08c-0f1a-4df4-a80b-caa2918ed856.roa (raw, json)
Hash identifier: Fv3s35St6zRW/+Obj0Dlk2iSoYX3SjrtWeeo4mZbUJ4=
Subject key identifier: 10:1C:75:C0:7A:8D:AB:88:C2:8E:26:87:7F:19:41:68:DC:F8:47:1E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5A9378FC7C1FB9E2CBB6122C2E96784223FD3083
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb98c08c-0f1a-4df4-a80b-caa2918ed856.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:7000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:93:78:fc:7c:1f:b9:e2:cb:b6:12:2c:2e:96:78:42:23:fd:30:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:9a:4a:4c:36:2b:54:69:59:bf:78:1a:ae:e2:
f8:21:a3:8a:83:2c:f0:20:84:e0:8b:72:cb:9c:b6:
6b:16:6d:34:6f:1f:67:95:e2:c3:3e:1b:13:d1:14:
03:2e:3e:8e:79:60:49:da:45:90:88:42:7d:50:eb:
d8:b0:2b:c5:4f:c6:39:28:8f:17:eb:10:6f:d2:36:
6e:15:08:a9:87:3b:b1:21:35:f2:96:5a:3c:e6:fd:
3b:60:62:82:79:f9:7e:2a:ce:4c:c8:e4:b3:dd:ca:
70:2f:25:c9:26:9f:96:ce:b5:18:2c:9f:0c:33:0c:
d4:36:b1:c8:70:ec:ef:81:23:d8:36:92:eb:18:2a:
db:49:77:6b:de:5a:3f:fd:fd:90:5f:eb:27:1e:ec:
c4:c4:73:59:1d:3a:da:66:3d:a3:e0:52:e9:0c:fe:
f9:51:cd:07:79:bb:72:7b:72:c4:37:20:3e:34:b6:
55:61:3e:cd:38:eb:3f:ca:b1:34:43:af:a5:43:02:
35:a9:3f:1a:a8:57:7e:f3:19:67:10:aa:5c:21:37:
47:f6:bf:8d:ee:5e:f7:90:10:13:50:3e:1a:60:b3:
4e:64:c2:f3:98:ef:8b:9e:f6:2f:da:d2:b3:bb:7e:
67:94:34:a1:2b:d6:b0:21:8f:6c:bc:36:d1:e5:53:
05:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:1C:75:C0:7A:8D:AB:88:C2:8E:26:87:7F:19:41:68:DC:F8:47:1E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb98c08c-0f1a-4df4-a80b-caa2918ed856.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:7000::/40
Signature Algorithm: sha256WithRSAEncryption
c9:7c:21:0a:74:ed:6e:7d:3a:dd:f4:67:3f:10:0e:ef:b9:d8:
85:69:6c:97:39:1e:d3:b3:c5:32:8d:87:c6:11:53:8b:9e:d5:
65:dc:83:d5:2d:35:5f:83:64:1c:70:77:a1:5a:e0:76:c3:d2:
f4:3c:44:ba:18:f3:a7:15:f5:35:db:fd:23:ca:d1:81:a2:39:
32:b4:d6:b2:cd:43:f8:a8:47:b1:a8:73:e0:71:de:b7:60:3a:
64:c6:a4:bd:ae:c6:29:fd:d8:7c:21:d5:12:2c:f2:65:61:02:
8a:af:86:65:70:04:9d:59:8e:c8:01:73:73:d6:48:e4:7d:f5:
79:e7:3f:4f:2d:61:55:a2:0e:05:a7:85:e1:9e:a2:1d:c0:46:
f5:35:dd:59:11:3d:29:9a:e5:a8:d9:e2:e1:42:33:15:02:0d:
20:7a:dd:ab:dc:ec:f9:3c:78:80:94:6b:7d:32:0d:14:cc:21:
3f:f7:58:66:a3:cd:5a:b8:8e:99:94:90:5f:48:6a:20:e4:8c:
05:d8:be:8a:f0:be:79:4d:87:c7:fd:01:08:40:30:05:8a:e9:
ba:6d:09:86:94:2f:7d:17:82:13:27:61:94:d9:33:62:8e:fe:
15:aa:26:c1:93:7a:24:64:6a:e3:b9:8d:54:85:b4:db:36:3c:
75:db:50:9b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUWpN4/HwfueLLthIsLpZ4QiP9MIMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNANGQ0NTAxMzAzMjA0ZmZkZGMzY2Jm
ZmY1ZGFiOGQ4NmQwZDMxOWNhOTVlMTMyNDE4NTEwMmJjMTA0YTkxYTg3ZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ppKTDYrVGlZv3garuL4IaOKgyzw
IITgi3LLnLZrFm00bx9nleLDPhsT0RQDLj6OeWBJ2kWQiEJ9UOvYsCvFT8Y5KI8X
6xBv0jZuFQiphzuxITXyllo85v07YGKCefl+Ks5MyOSz3cpwLyXJJp+WzrUYLJ8M
MwzUNrHIcOzvgSPYNpLrGCrbSXdr3lo//f2QX+snHuzExHNZHTraZj2j4FLpDP75
Uc0Hebtye3LENyA+NLZVYT7NOOs/yrE0Q6+lQwI1qT8aqFd+8xlnEKpcITdH9r+N
7l73kBATUD4aYLNOZMLzmO+LnvYv2tKzu35nlDShK9awIY9svDbR5VMFOQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBAcdcB6jauIwo4mh38ZQWjc+EceMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JiOThjMDhjLTBmMWEtNGRmNC1hODBiLWNhYTI5MThlZDg1Ni5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYXAwDQYJKoZIhvcNAQELBQADggEBAMl8IQp07W59Ot30Zz8Q
Du+52IVpbJc5HtOzxTKNh8YRU4ue1WXcg9UtNV+DZBxwd6Fa4HbD0vQ8RLoY86cV
9TXb/SPK0YGiOTK01rLNQ/ioR7Goc+Bx3rdgOmTGpL2uxin92Hwh1RIs8mVhAoqv
hmVwBJ1ZjsgBc3PWSOR99XnnP08tYVWiDgWnheGeoh3ARvU13VkRPSma5ajZ4uFC
MxUCDSB63avc7Pk8eICUa30yDRTMIT/3WGajzVq4jpmUkF9IaiDkjAXYvorwvnlN
h8f9AQhAMAWK6bptCYaUL30XghMnYZTZM2KO/hWqJsGTeiRkauO5jVSFtNs2PHXb
UJs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:35 2025 by rpki-client