Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d316ba41-8df7-40d0-9c34-98e2360a1ef3.roa
File: d316ba41-8df7-40d0-9c34-98e2360a1ef3.roa (raw, json)
Hash identifier: sAQzoQ0pz8KGY77kdES+pDGPV26XRimJA78uLWwgZgo=
Subject key identifier: 1A:30:2A:01:91:25:29:4F:AD:85:C7:44:F9:25:B5:92:B8:89:52:8A
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 52A116667733F4C7B6693C23435F883AEF45834C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d316ba41-8df7-40d0-9c34-98e2360a1ef3.roa
Signing time: Tue 31 Dec 2024 00:00:00 +0000
ROA not before: Tue 31 Dec 2024 00:00:00 +0000
ROA not after: Tue 04 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafc:8800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:a1:16:66:77:33:f4:c7:b6:69:3c:23:43:5f:88:3a:ef:45:83:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 31 00:00:00 2024 GMT
Not After : Feb 4 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:b2:cb:32:1d:64:32:57:83:c1:32:ba:b1:96:
c3:ba:41:73:95:4a:4b:26:c9:a4:7f:7d:4b:31:4f:
f5:ed:b6:0a:21:f8:80:bc:93:99:84:42:7d:92:fd:
f8:aa:36:5a:79:ed:4b:17:0e:09:31:01:78:bf:09:
31:d5:49:fb:57:dc:44:85:5a:3e:3e:c1:3a:c0:fa:
16:3f:6d:40:1c:b6:a7:7a:c1:42:02:f8:42:4f:f3:
02:59:ef:e0:88:ee:fa:3a:85:37:df:f3:cd:ae:e8:
74:d5:12:a0:07:bc:63:21:84:66:e5:3c:6d:46:1c:
97:85:a1:bc:98:ef:2b:6f:0d:55:e6:8c:9c:05:0f:
d9:29:93:eb:62:58:1e:6a:7b:61:bf:cf:f3:ea:5e:
d3:74:c4:e0:31:75:23:c6:61:a0:bc:bc:14:9c:0f:
50:b3:06:87:be:ae:15:c4:3d:35:9c:a6:3f:d0:0f:
74:96:26:cf:e1:a0:5e:8f:a7:a8:8d:fe:4c:77:4f:
e7:3c:8c:6d:1c:46:2c:18:82:63:70:fa:83:ad:de:
45:32:f6:52:44:c0:98:e3:79:7e:5d:78:d8:f7:a8:
c6:43:77:1d:35:3a:ae:ee:2b:01:42:63:9f:6e:b9:
b9:cf:d4:f0:29:3c:72:47:4e:03:22:65:34:30:33:
01:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:30:2A:01:91:25:29:4F:AD:85:C7:44:F9:25:B5:92:B8:89:52:8A
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d316ba41-8df7-40d0-9c34-98e2360a1ef3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafc:8800::/40
Signature Algorithm: sha256WithRSAEncryption
9d:f6:83:9e:2f:d1:9e:d8:58:10:1f:f4:48:14:99:d3:06:c4:
93:b5:0b:3a:a9:73:f7:02:47:99:b0:18:cd:ae:38:59:8f:66:
cc:40:9f:9f:a1:01:82:41:80:2a:29:46:98:5f:c7:97:da:8c:
bf:79:07:c2:37:74:e9:9d:0a:2f:49:b4:cd:62:e8:72:86:16:
50:01:3f:99:73:49:cb:6c:cf:36:53:6c:a7:49:15:4b:6a:e9:
45:72:4e:f9:22:49:e3:14:90:69:41:41:22:b0:8a:ea:73:ca:
3b:37:f9:36:43:2a:79:b3:0a:14:cd:06:75:c6:b4:58:96:8b:
1e:36:97:e2:6a:7a:7e:2f:1d:ce:a0:e5:d2:dd:e1:e6:32:eb:
e9:e7:d0:63:32:eb:00:0f:cb:8c:f5:0f:5c:c5:e9:4f:4d:ab:
47:16:e9:3e:3d:1d:5d:15:9e:f5:aa:fd:70:b7:b2:6f:20:01:
64:3c:99:fb:ba:3a:ce:c6:62:a9:ab:f5:57:48:17:fa:eb:4b:
64:c2:99:8f:49:2d:80:15:78:d5:98:05:31:87:f2:7f:22:12:
39:02:41:da:32:ea:94:cc:91:cf:e9:91:64:19:1f:c1:2d:6e:
3b:b7:21:5b:5c:63:77:f6:95:30:7a:34:18:8a:ac:01:5f:49:
c9:3f:bc:99
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUUqEWZncz9Me2aTwjQ1+IOu9Fg0wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIzMTAwMDAwMFoX
DTI1MDIwNDIzNTk1OVowejFJMEcGA1UEBRNAYmU4NmZkYTlmMDhmOGYyZWI2MTFh
Yzg0ZDk4NzMyNTM1ZWJkZTIzNjM1NWNlOTI5MzAyZjBhNmQ2NGFlMTU4NjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz7LLMh1kMleDwTK6sZbDukFzlUpL
Jsmkf31LMU/17bYKIfiAvJOZhEJ9kv34qjZaee1LFw4JMQF4vwkx1Un7V9xEhVo+
PsE6wPoWP21AHLanesFCAvhCT/MCWe/giO76OoU33/PNruh01RKgB7xjIYRm5Txt
RhyXhaG8mO8rbw1V5oycBQ/ZKZPrYlgeanthv8/z6l7TdMTgMXUjxmGgvLwUnA9Q
swaHvq4VxD01nKY/0A90libP4aBej6eojf5Md0/nPIxtHEYsGIJjcPqDrd5FMvZS
RMCY43l+XXjY96jGQ3cdNTqu7isBQmOfbrm5z9TwKTxyR04DImU0MDMB8QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBowKgGRJSlPrYXHRPkltZK4iVKKMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2QzMTZiYTQxLThkZjctNDBkMC05YzM0LTk4ZTIzNjBhMWVmMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/IgwDQYJKoZIhvcNAQELBQADggEBAJ32g54v0Z7YWBAf9EgU
mdMGxJO1Czqpc/cCR5mwGM2uOFmPZsxAn5+hAYJBgCopRphfx5fajL95B8I3dOmd
Ci9JtM1i6HKGFlABP5lzSctszzZTbKdJFUtq6UVyTvkiSeMUkGlBQSKwiupzyjs3
+TZDKnmzChTNBnXGtFiWix42l+Jqen4vHc6g5dLd4eYy6+nn0GMy6wAPy4z1D1zF
6U9Nq0cW6T49HV0VnvWq/XC3sm8gAWQ8mfu6Os7GYqmr9VdIF/rrS2TCmY9JLYAV
eNWYBTGH8n8iEjkCQdoy6pTMkc/pkWQZH8Etbju3IVtcY3f2lTB6NBiKrAFfSck/
vJk=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:07:25 2025 by rpki-client