Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c2d40877-6bad-4811-bf05-3515b26fc91b.roa
File: c2d40877-6bad-4811-bf05-3515b26fc91b.roa (raw, json)
Hash identifier: F5EMe5eN0bO6vbv65A1WzKMmd3p1wop4B32NDhe118U=
Subject key identifier: 53:B2:EE:FA:BA:20:E3:62:8D:D5:F3:13:86:7B:2E:83:27:38:F5:5B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0F15689C3957190F777683241DF7E2996EB674D4
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c2d40877-6bad-4811-bf05-3515b26fc91b.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da38:4800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:15:68:9c:39:57:19:0f:77:76:83:24:1d:f7:e2:99:6e:b6:74:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:d5:f1:cc:ff:53:29:9a:a3:3e:8b:3c:ab:08:
58:dd:ec:0d:3a:c2:bd:bf:67:fd:17:91:c3:ba:c4:
64:d4:8e:fd:3c:25:7a:af:36:71:1a:07:a2:de:b9:
6b:90:44:09:67:54:5e:4e:08:cc:ae:dc:2e:ec:cc:
d1:8f:2a:27:60:86:79:54:e6:54:f6:13:cb:7b:5f:
f0:a9:1f:b3:67:ef:66:c7:4c:57:ea:1a:18:2d:99:
84:df:c7:d1:0e:ab:55:c2:84:25:46:db:8d:1d:b1:
4f:76:39:15:38:65:c8:30:45:f3:a3:e8:fb:1c:d3:
bf:eb:1e:ec:c1:fe:03:71:e2:0c:23:17:66:cc:74:
45:be:07:f6:b2:a4:2d:b8:4f:10:79:18:ab:95:83:
a1:95:7e:ce:56:cd:38:e3:15:89:e2:f0:aa:b5:6a:
c4:72:73:fb:fe:72:6a:43:05:c9:c5:96:2a:11:56:
4f:6a:88:08:57:75:5a:5a:f7:4e:52:ba:45:42:d9:
8b:92:64:65:f6:0e:28:e6:5b:2a:68:cf:ef:8c:7b:
b6:80:51:78:47:aa:95:40:1e:9d:d4:53:95:21:0e:
53:5c:98:73:a0:71:36:83:be:9c:62:64:a2:2d:cc:
75:7d:06:9e:a7:bd:78:22:ee:c5:91:41:cd:4e:06:
0e:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:B2:EE:FA:BA:20:E3:62:8D:D5:F3:13:86:7B:2E:83:27:38:F5:5B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c2d40877-6bad-4811-bf05-3515b26fc91b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da38:4800::/40
Signature Algorithm: sha256WithRSAEncryption
a1:9a:54:4e:a2:1c:88:9c:47:aa:82:c1:60:db:75:89:25:7d:
17:50:e5:2a:a7:df:ad:7e:a3:2c:c3:d7:f8:7b:81:c8:57:92:
96:16:79:14:b8:39:a5:cb:6b:f6:b0:54:b5:da:88:57:3a:73:
95:e7:ee:fc:a6:90:b1:76:e6:ed:43:13:9a:68:78:52:5e:0b:
de:23:6c:4b:74:0a:be:79:8e:53:c1:f8:87:c2:40:48:c1:46:
a7:87:6b:64:a4:15:56:35:53:bd:1d:3e:d3:75:ce:4d:f9:ad:
1b:85:26:4e:a3:1a:8e:dd:e0:b3:1c:c3:4a:de:30:18:5f:5f:
cd:94:d3:fb:18:c3:cc:52:5a:1b:ad:83:67:a3:30:e3:d1:d9:
e8:2e:6c:5f:a2:bf:da:e2:27:ba:dc:dc:86:1a:3e:b1:d8:57:
d4:e2:ff:3f:1b:c7:62:0e:76:c0:40:5a:5e:37:fd:62:be:64:
09:a9:1f:30:12:df:7f:5b:db:23:26:4c:ac:7c:a1:b7:ba:09:
a6:c6:0b:0b:f4:fb:d5:ba:81:0b:cf:49:3a:f8:8c:de:99:d0:
50:32:a7:13:2f:e2:36:75:e2:61:09:14:8c:b5:10:71:02:cd:
8b:d9:4c:c0:b7:78:ca:d0:19:3e:c8:ae:ba:32:77:33:ed:fb:
36:94:29:91
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUDxVonDlXGQ93doMkHffimW62dNQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNANzRjZGViNmE2YTg5NWZlYzBhZTYz
NjE3MWFiNzgzNjFkMjY0MDIxYjlhOGRmOGE3MWYyMWU1MjExNjczOTdjNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApdXxzP9TKZqjPos8qwhY3ewNOsK9
v2f9F5HDusRk1I79PCV6rzZxGgei3rlrkEQJZ1ReTgjMrtwu7MzRjyonYIZ5VOZU
9hPLe1/wqR+zZ+9mx0xX6hoYLZmE38fRDqtVwoQlRtuNHbFPdjkVOGXIMEXzo+j7
HNO/6x7swf4DceIMIxdmzHRFvgf2sqQtuE8QeRirlYOhlX7OVs044xWJ4vCqtWrE
cnP7/nJqQwXJxZYqEVZPaogIV3VaWvdOUrpFQtmLkmRl9g4o5lsqaM/vjHu2gFF4
R6qVQB6d1FOVIQ5TXJhzoHE2g76cYmSiLcx1fQaep714Iu7FkUHNTgYOxwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFOy7vq6IONijdXzE4Z7LoMnOPVbMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2MyZDQwODc3LTZiYWQtNDgxMS1iZjA1LTM1MTViMjZmYzkxYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOEgwDQYJKoZIhvcNAQELBQADggEBAKGaVE6iHIicR6qCwWDb
dYklfRdQ5Sqn361+oyzD1/h7gchXkpYWeRS4OaXLa/awVLXaiFc6c5Xn7vymkLF2
5u1DE5poeFJeC94jbEt0Cr55jlPB+IfCQEjBRqeHa2SkFVY1U70dPtN1zk35rRuF
Jk6jGo7d4LMcw0reMBhfX82U0/sYw8xSWhutg2ejMOPR2egubF+iv9riJ7rc3IYa
PrHYV9Ti/z8bx2IOdsBAWl43/WK+ZAmpHzAS339b2yMmTKx8obe6CabGCwv0+9W6
gQvPSTr4jN6Z0FAypxMv4jZ14mEJFIy1EHECzYvZTMC3eMrQGT7IrroydzPt+zaU
KZE=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:12:59 2025 by rpki-client