Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbb078e9-a430-471e-97da-98312e84ae50.roa
File: cbb078e9-a430-471e-97da-98312e84ae50.roa (raw, json)
Hash identifier: kKIUViQ3JE4hQklMpzjSQApPusaAJscXdhYrK0NVV/I=
Subject key identifier: 5D:C1:5C:0D:C5:1F:62:6B:CD:C9:02:03:6E:F3:0B:F3:64:65:FF:EF
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7DA98D3BFF17C8BB8E1396EE5579C396B277171E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbb078e9-a430-471e-97da-98312e84ae50.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:4000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:a9:8d:3b:ff:17:c8:bb:8e:13:96:ee:55:79:c3:96:b2:77:17:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:32:61:3f:5a:18:5c:af:3c:3a:27:53:09:7e:
a2:0a:8d:7d:37:8e:a2:a0:f3:bc:9d:f4:da:a9:da:
78:be:c2:c3:ef:a0:84:6e:0b:84:9f:6b:16:8e:11:
80:a8:dd:8e:c4:a1:00:5c:72:58:5a:58:4f:ed:a0:
f2:e6:d8:25:7c:30:d2:28:ce:07:57:e7:2d:e7:d7:
b0:4c:d2:03:2a:25:68:9d:c2:0f:ee:f7:42:99:43:
e2:92:f2:a3:f5:fb:d9:ae:18:3c:4c:b9:d8:a6:b0:
d5:fe:39:4d:a2:e4:b7:00:d5:a0:10:9f:85:af:a5:
d8:1f:c5:96:92:97:19:ab:95:62:d1:84:49:b4:71:
78:c0:e5:f3:b7:90:70:d0:60:91:f8:f8:83:1e:91:
89:10:96:1f:09:45:1e:ab:82:61:3d:e0:e7:2c:61:
1e:62:ad:eb:75:1c:ac:56:ce:77:e4:9f:71:c6:06:
3c:74:6f:35:1b:bf:0e:ea:07:2b:a6:c6:cb:44:c3:
75:95:e3:69:a1:5b:8a:45:87:c3:d8:9a:eb:07:e7:
a7:8d:14:40:1d:a3:13:d5:6b:0b:a0:01:18:6d:fb:
47:b5:e5:4e:89:ce:de:9a:4e:c6:f2:c9:22:ab:9a:
66:fd:6e:d5:db:95:7d:41:c4:1f:4e:fb:38:51:31:
90:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:C1:5C:0D:C5:1F:62:6B:CD:C9:02:03:6E:F3:0B:F3:64:65:FF:EF
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cbb078e9-a430-471e-97da-98312e84ae50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:4000::/40
Signature Algorithm: sha256WithRSAEncryption
2a:87:b3:17:5c:4c:51:6a:40:0f:52:a1:94:ab:18:54:03:a3:
79:41:ef:58:c7:c7:ae:1c:4d:ca:67:0f:09:0a:e1:0f:49:16:
01:ba:60:5f:29:cf:bc:60:cb:2d:aa:8f:08:73:e6:ff:14:a4:
17:03:a9:58:49:67:18:5e:cb:ca:25:98:8c:ee:b9:3f:27:89:
df:7e:51:b0:cb:dd:23:5c:0c:08:02:37:66:f2:04:dc:9f:48:
67:a4:5a:cd:9e:eb:5c:7c:e6:3d:fe:c6:02:ff:45:31:06:d2:
db:39:d4:31:ca:60:cd:73:df:9e:11:aa:c8:97:6e:87:73:51:
4a:f1:5f:79:89:a8:47:15:fc:97:ff:6b:2b:cb:70:52:80:ae:
c3:b2:10:c4:71:87:cd:96:4e:43:5a:0e:22:b9:91:96:30:91:
d5:2a:2e:b3:25:40:90:d7:16:bb:2a:22:c1:8d:00:45:5d:df:
b2:7e:a9:a4:e0:ec:4f:5b:7c:9b:a4:16:b3:a0:c0:29:f9:6e:
2c:60:f9:ac:b6:98:bd:6b:9f:11:62:eb:3e:a1:97:31:06:b8:
ba:52:4c:7d:d6:b7:a9:8b:6d:17:da:5e:73:e7:0a:cd:bd:f1:
54:bf:6a:be:89:18:e0:89:45:52:bf:8c:a0:12:ba:13:58:49:
04:fc:c7:4e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUfamNO/8XyLuOE5buVXnDlrJ3Fx4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAYzUxYzcwZDUzNzI2NDAzNmUwYTY0
ZmNjNGY5ZDc1ZjgwMTA1OTEwZWFmZDI4NzQ5N2I0NGY1NzNhYjc3OWVhNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjJhP1oYXK88OidTCX6iCo19N46i
oPO8nfTaqdp4vsLD76CEbguEn2sWjhGAqN2OxKEAXHJYWlhP7aDy5tglfDDSKM4H
V+ct59ewTNIDKiVoncIP7vdCmUPikvKj9fvZrhg8TLnYprDV/jlNouS3ANWgEJ+F
r6XYH8WWkpcZq5Vi0YRJtHF4wOXzt5Bw0GCR+PiDHpGJEJYfCUUeq4JhPeDnLGEe
Yq3rdRysVs535J9xxgY8dG81G78O6gcrpsbLRMN1leNpoVuKRYfD2JrrB+enjRRA
HaMT1WsLoAEYbftHteVOic7emk7G8skiq5pm/W7V25V9QcQfTvs4UTGQ5wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFF3BXA3FH2JrzckCA27zC/NkZf/vMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2NiYjA3OGU5LWE0MzAtNDcxZS05N2RhLTk4MzEyZTg0YWU1MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaUAwDQYJKoZIhvcNAQELBQADggEBACqHsxdcTFFqQA9SoZSr
GFQDo3lB71jHx64cTcpnDwkK4Q9JFgG6YF8pz7xgyy2qjwhz5v8UpBcDqVhJZxhe
y8olmIzuuT8nid9+UbDL3SNcDAgCN2byBNyfSGekWs2e61x85j3+xgL/RTEG0ts5
1DHKYM1z354RqsiXbodzUUrxX3mJqEcV/Jf/ayvLcFKArsOyEMRxh82WTkNaDiK5
kZYwkdUqLrMlQJDXFrsqIsGNAEVd37J+qaTg7E9bfJukFrOgwCn5bixg+ay2mL1r
nxFi6z6hlzEGuLpSTH3Wt6mLbRfaXnPnCs298VS/ar6JGOCJRVK/jKASuhNYSQT8
x04=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:57 2025 by rpki-client