Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5b142c8-152a-44c1-8d16-8f131bc73b00.roa
File: c5b142c8-152a-44c1-8d16-8f131bc73b00.roa (raw, json)
Hash identifier: KdniQ5p6U9uH7Ku0nrD3lTjYZdlDNI9L9C9NZ+fDrAo=
Subject key identifier: CE:D4:A1:B3:99:E8:DB:1A:E6:62:46:67:78:75:66:82:7B:2F:4B:7F
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4C4A3CB877BC036498AC02689E755187784677F8
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5b142c8-152a-44c1-8d16-8f131bc73b00.roa
Signing time: Wed 01 Jan 2025 00:00:00 +0000
ROA not before: Wed 01 Jan 2025 00:00:00 +0000
ROA not after: Wed 05 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:80c0::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:4a:3c:b8:77:bc:03:64:98:ac:02:68:9e:75:51:87:78:46:77:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Jan 1 00:00:00 2025 GMT
Not After : Feb 5 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:7d:c5:b8:f1:2e:61:8f:f8:16:ab:61:86:a7:
b9:9d:fa:a1:85:b8:9b:a7:80:5b:84:2b:f8:18:31:
65:14:9c:79:5b:84:d4:83:03:96:17:41:cd:40:2a:
97:6a:53:c7:54:4e:dc:62:b8:af:40:b7:a8:72:b4:
34:d3:3d:49:90:71:10:af:61:ed:11:77:df:4b:0b:
62:8e:94:36:70:78:43:d8:d0:bc:31:e4:1a:42:0f:
4f:b5:4a:4e:01:54:53:f0:6f:2f:29:8e:cb:40:8c:
3d:d7:c8:40:59:78:ad:87:f6:11:8e:81:92:c3:27:
d0:05:f8:ae:40:17:f1:20:b5:7f:c7:4c:12:c7:1f:
61:36:81:f0:ff:57:df:aa:2f:63:7b:08:84:fa:68:
48:09:3b:cc:8f:a9:0e:58:21:c5:0f:84:ef:c5:1d:
78:44:3c:57:71:9e:c3:e4:fc:55:a9:db:51:00:31:
11:c0:3a:7c:60:b2:01:d5:58:b0:1e:8c:fd:e1:ab:
bf:ed:49:97:f7:a4:8b:f0:19:36:52:79:a4:cb:01:
2b:09:02:6a:86:ff:bd:88:f2:44:27:42:f8:a4:ef:
a4:dc:88:9f:a7:68:14:ee:56:6f:b9:60:5b:c1:87:
32:42:bb:54:16:be:f5:98:00:38:7b:1d:1a:82:06:
ae:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:D4:A1:B3:99:E8:DB:1A:E6:62:46:67:78:75:66:82:7B:2F:4B:7F
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c5b142c8-152a-44c1-8d16-8f131bc73b00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:80c0::/48
Signature Algorithm: sha256WithRSAEncryption
21:6a:8d:63:a5:cc:de:c3:62:5a:52:d2:ed:7f:d3:a9:85:5f:
31:d3:33:26:4f:9c:83:25:39:9a:70:70:d1:9a:06:00:dc:b0:
c0:ec:01:97:43:d4:4a:78:e4:f6:89:ca:51:2b:f1:25:4d:fd:
0e:27:1b:a1:a2:df:ac:a2:73:11:b7:e2:ad:69:f4:cb:c1:b4:
1c:61:8b:db:06:2c:ff:33:31:11:68:d7:7c:9a:1f:72:52:21:
b7:17:80:59:00:85:19:6e:62:72:ee:57:0e:af:d2:77:6c:af:
00:67:8b:c4:cb:8c:c5:d3:0f:9b:42:cd:b0:03:ae:12:39:f4:
a4:d5:21:8e:60:bb:8f:4b:9b:b8:c6:aa:4e:61:6f:2f:54:03:
d8:50:9b:f6:eb:ff:30:8d:0f:18:ab:f3:e4:ae:6c:50:2c:da:
25:8b:b1:83:55:c7:c1:22:40:86:55:78:4a:fe:bd:2c:67:94:
36:bc:90:30:0d:1b:96:9b:2f:c2:03:10:1d:94:c4:0d:f6:bf:
6d:19:23:e4:e5:0c:56:64:ae:65:34:20:47:37:84:1d:b2:00:
67:68:24:c2:94:c8:f9:67:f1:71:18:d2:84:08:1d:b8:be:d9:
48:65:c5:8d:a9:20:08:91:be:41:a1:e3:c6:51:d8:02:4f:79:
30:ef:27:6a
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUTEo8uHe8A2SYrAJonnVRh3hGd/gwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwMTAwMDAwMFoX
DTI1MDIwNTIzNTk1OVowejFJMEcGA1UEBRNAZjE5YmEyNGExY2ViOTE2MmUzYTdl
ODZlYmNmMWRiOGE3MTYwYzY4YTQ2ZTY4YzZkNDdhMjFjOTNmMDk0MzgyNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy33FuPEuYY/4Fqthhqe5nfqhhbib
p4BbhCv4GDFlFJx5W4TUgwOWF0HNQCqXalPHVE7cYrivQLeocrQ00z1JkHEQr2Ht
EXffSwtijpQ2cHhD2NC8MeQaQg9PtUpOAVRT8G8vKY7LQIw918hAWXith/YRjoGS
wyfQBfiuQBfxILV/x0wSxx9hNoHw/1ffqi9jewiE+mhICTvMj6kOWCHFD4TvxR14
RDxXcZ7D5PxVqdtRADERwDp8YLIB1ViwHoz94au/7UmX96SL8Bk2UnmkywErCQJq
hv+9iPJEJ0L4pO+k3Iifp2gU7lZvuWBbwYcyQrtUFr71mAA4ex0aggauwwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFM7UobOZ6Nsa5mJGZ3h1ZoJ7L0t/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2M1YjE0MmM4LTE1MmEtNDRjMS04ZDE2LThmMTMxYmM3M2IwMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba94DAMA0GCSqGSIb3DQEBCwUAA4IBAQAhao1jpczew2JaUtLt
f9OphV8x0zMmT5yDJTmacHDRmgYA3LDA7AGXQ9RKeOT2icpRK/ElTf0OJxuhot+s
onMRt+KtafTLwbQcYYvbBiz/MzERaNd8mh9yUiG3F4BZAIUZbmJy7lcOr9J3bK8A
Z4vEy4zF0w+bQs2wA64SOfSk1SGOYLuPS5u4xqpOYW8vVAPYUJv26/8wjQ8Yq/Pk
rmxQLNoli7GDVcfBIkCGVXhK/r0sZ5Q2vJAwDRuWmy/CAxAdlMQN9r9tGSPk5QxW
ZK5lNCBHN4QdsgBnaCTClMj5Z/FxGNKECB24vtlIZcWNqSAIkb5BoePGUdgCT3kw
7ydq
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:29:46 2025 by rpki-client