Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf01a13f-5374-4ae1-873e-34447bf4f7af.roa
File: cf01a13f-5374-4ae1-873e-34447bf4f7af.roa (raw, json)
Hash identifier: KieU0+y+FWynwQDhGfQUFh5eLA7ftzFhUlum5wRKrt8=
Subject key identifier: EC:21:61:56:79:4A:54:36:9A:3A:EC:31:13:9D:BE:1C:2B:25:9C:1B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 62BCAD5B503017781497EDAF92AD541DEE423C66
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf01a13f-5374-4ae1-873e-34447bf4f7af.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:bc:ad:5b:50:30:17:78:14:97:ed:af:92:ad:54:1d:ee:42:3c:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:a0:ea:e1:93:67:dc:7a:55:5c:28:c7:da:14:
32:fa:5a:b6:dc:15:8d:50:2e:cb:27:ca:2e:2e:e6:
fa:eb:4d:94:6b:53:8c:35:7c:90:d3:e8:92:27:74:
de:9e:aa:f3:12:9b:c8:37:d0:87:16:12:4c:83:19:
66:7a:5b:b5:14:ad:1b:65:3d:3b:01:33:35:54:ff:
e3:97:82:68:07:a5:e1:bf:df:1a:96:6d:05:9c:80:
c8:45:e0:90:c0:92:f3:9c:6a:25:b1:f6:32:4e:dd:
b9:51:ea:0c:11:c5:0d:97:a8:61:8e:13:8b:2b:46:
2d:34:48:f1:33:86:d6:23:f7:81:43:47:a5:0c:c5:
ae:36:aa:ab:f9:4f:fb:59:67:67:3b:08:b8:17:4c:
52:8c:d5:c9:b7:5f:f4:4e:f0:9e:d2:7b:a0:69:70:
c6:c9:91:8a:48:4b:32:f8:52:26:c3:e4:94:94:2b:
02:ce:0c:1a:de:07:df:0f:43:c0:99:8d:43:8e:23:
e4:87:7c:d8:98:72:96:c4:2d:24:ff:1a:d8:e5:d4:
8b:45:7b:e6:4e:b8:d5:c5:f9:4f:37:41:27:da:f3:
fa:14:ca:cd:f3:4b:b9:b9:9f:e2:bc:9e:0f:c1:b2:
3e:bc:8a:5d:b6:d1:56:7c:1b:6b:bb:4d:a8:26:b8:
35:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:21:61:56:79:4A:54:36:9A:3A:EC:31:13:9D:BE:1C:2B:25:9C:1B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cf01a13f-5374-4ae1-873e-34447bf4f7af.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:800::/40
Signature Algorithm: sha256WithRSAEncryption
30:5e:fd:7c:c2:6b:36:7f:ce:64:89:7a:51:37:99:90:f0:0a:
29:40:d8:40:0a:de:df:ae:f4:f8:44:a0:f7:ac:79:60:7c:de:
5c:c7:a5:78:b6:8e:d5:5e:c2:92:7f:01:ba:60:b4:6b:67:36:
19:36:cb:15:fa:f6:d4:a3:2e:9f:9f:b9:b4:93:c7:0c:7d:5c:
f6:fa:47:ca:fc:c8:04:87:eb:dd:6e:09:4a:ff:bb:c9:b2:22:
9e:c4:f5:4d:6c:55:b3:0f:79:35:ec:b7:e5:03:6a:d8:4d:34:
bf:a0:2c:68:3d:5b:34:4f:9d:08:21:b0:8f:8a:17:41:46:09:
62:b0:d3:c9:e3:62:ea:46:d9:ef:b4:dd:e5:f3:bc:8a:bf:98:
e2:e1:82:2c:41:8e:a3:15:f7:39:70:b4:b6:04:1d:42:8a:1c:
56:a1:27:92:b9:ef:69:c4:2c:83:ab:aa:38:ac:5f:4c:f2:76:
71:d7:aa:a1:a5:88:fc:08:40:dd:83:16:78:50:7c:0d:39:f8:
86:d8:20:75:79:fd:f6:4e:06:81:ec:3f:86:c2:52:6a:0d:c9:
6e:2f:32:7f:2e:a4:49:2c:85:a9:9b:7e:9c:ca:e6:cc:8f:f0:
92:4a:ff:2b:65:a9:82:64:42:3f:1e:c6:09:c1:94:d4:47:c5:
95:81:37:ac
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUYrytW1AwF3gUl+2vkq1UHe5CPGYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNzAwMDAwMFoX
DTI1MDEyMTIzNTk1OVowejFJMEcGA1UEBRNAZDM4ODMyOWE5M2RjZmJhOWI0YmVj
YzRjODdlM2I5MTBmOTkwMWZmMWU3MTQwNmJiNWQ5NGY2YzRiZWExMzhjZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA16Dq4ZNn3HpVXCjH2hQy+lq23BWN
UC7LJ8ouLub6602Ua1OMNXyQ0+iSJ3TenqrzEpvIN9CHFhJMgxlmelu1FK0bZT07
ATM1VP/jl4JoB6Xhv98alm0FnIDIReCQwJLznGolsfYyTt25UeoMEcUNl6hhjhOL
K0YtNEjxM4bWI/eBQ0elDMWuNqqr+U/7WWdnOwi4F0xSjNXJt1/0TvCe0nugaXDG
yZGKSEsy+FImw+SUlCsCzgwa3gffD0PAmY1DjiPkh3zYmHKWxC0k/xrY5dSLRXvm
TrjVxflPN0En2vP6FMrN80u5uZ/ivJ4PwbI+vIpdttFWfBtru02oJrg10QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOwhYVZ5SlQ2mjrsMROdvhwrJZwbMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2NmMDFhMTNmLTUzNzQtNGFlMS04NzNlLTM0NDQ3YmY0ZjdhZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8ggwDQYJKoZIhvcNAQELBQADggEBADBe/XzCazZ/zmSJelE3
mZDwCilA2EAK3t+u9PhEoPeseWB83lzHpXi2jtVewpJ/AbpgtGtnNhk2yxX69tSj
Lp+fubSTxwx9XPb6R8r8yASH691uCUr/u8myIp7E9U1sVbMPeTXst+UDathNNL+g
LGg9WzRPnQghsI+KF0FGCWKw08njYupG2e+03eXzvIq/mOLhgixBjqMV9zlwtLYE
HUKKHFahJ5K572nELIOrqjisX0zydnHXqqGliPwIQN2DFnhQfA05+IbYIHV5/fZO
BoHsP4bCUmoNyW4vMn8upEkshambfpzK5syP8JJK/ytlqYJkQj8exgnBlNRHxZWB
N6w=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:20:10 2025 by rpki-client