Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d4145b8f-bc52-42a6-9bcc-1fee81cd4b0b.roa
File: d4145b8f-bc52-42a6-9bcc-1fee81cd4b0b.roa (raw, json)
Hash identifier: JWGjv82Chx8B8XqbjHieKBoHHvGqrIY+21nIOgVIZuU=
Subject key identifier: C2:D7:CA:E6:15:CE:ED:0B:BC:50:93:2C:B2:E6:FA:25:BA:CC:22:19
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3FAA3055FB1E1792D7C50F516D119134085DDA4A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d4145b8f-bc52-42a6-9bcc-1fee81cd4b0b.roa
Signing time: Mon 30 Dec 2024 00:00:00 +0000
ROA not before: Mon 30 Dec 2024 00:00:00 +0000
ROA not after: Mon 03 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:8800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:aa:30:55:fb:1e:17:92:d7:c5:0f:51:6d:11:91:34:08:5d:da:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 30 00:00:00 2024 GMT
Not After : Feb 3 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:2a:70:98:c7:78:6c:88:49:d3:76:9f:db:9f:
2a:5d:45:a6:18:10:78:15:0a:d9:6f:4a:01:c3:c7:
90:91:e4:14:32:b7:05:5d:44:9b:31:b2:73:81:45:
8f:94:02:16:e8:6f:7b:05:6c:12:53:29:a0:5b:bf:
d3:c1:ad:8a:fe:08:8a:1c:8f:a2:6a:bd:7c:95:be:
dd:f0:d8:c8:a6:17:ec:3c:75:46:b4:bd:eb:96:6b:
aa:c6:9a:76:c0:7e:12:52:5d:b4:7a:67:56:21:11:
6b:ae:a5:f4:ea:62:a9:f8:2a:92:83:b4:44:6b:57:
35:91:a0:33:9d:f4:03:19:54:3a:d3:78:f9:9f:0b:
f3:e5:bd:76:ff:7d:b7:18:ee:78:6d:35:42:23:66:
92:aa:0b:76:08:a6:e0:45:76:06:59:d3:a8:54:91:
c7:7b:8a:8c:c6:e2:44:87:fa:1a:4e:c5:1f:2d:e2:
16:dd:6f:ea:fe:46:d2:6c:1c:2f:10:3e:54:14:72:
b7:36:8e:0b:94:83:1e:1a:9a:a3:f1:85:c8:4e:a9:
ce:07:06:22:65:13:07:80:b1:b2:54:1a:65:0b:57:
07:54:06:5d:ef:08:b8:94:e2:82:67:8b:ea:4c:b2:
48:7e:ff:e0:5b:ef:de:0d:c9:95:20:e8:c3:06:cd:
7e:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:D7:CA:E6:15:CE:ED:0B:BC:50:93:2C:B2:E6:FA:25:BA:CC:22:19
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d4145b8f-bc52-42a6-9bcc-1fee81cd4b0b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:8800::/40
Signature Algorithm: sha256WithRSAEncryption
14:05:31:4c:6c:2c:9c:e4:93:ab:22:64:15:51:eb:46:bc:3d:
94:71:f4:3e:89:19:94:4f:89:a0:ea:d9:a2:5f:c0:c2:70:e7:
04:5c:42:d8:0e:90:93:18:cb:2c:32:08:c9:05:37:a0:60:ae:
45:47:ad:71:b5:82:99:71:52:68:2b:80:11:49:ac:e2:8e:b4:
04:90:81:ec:81:8e:42:2e:41:13:b6:b1:99:f7:6d:e9:ca:e1:
e3:29:57:63:ae:28:01:0f:eb:90:71:5d:4c:ab:df:3f:40:32:
09:57:64:8a:75:81:a4:c0:d5:8c:15:78:50:8d:aa:14:82:17:
b6:76:90:c1:1a:64:fa:0d:f2:4b:30:f4:47:c7:d0:5a:b6:e0:
51:15:00:8a:dc:c4:10:d9:bd:c4:ef:bb:af:c2:65:ce:7e:cc:
1e:db:ea:0a:d5:07:92:08:c6:a3:a0:81:7d:e4:33:b8:33:57:
09:14:57:bb:c5:9c:81:9e:3d:21:7b:fe:a0:fa:b3:5c:ce:0f:
b9:30:8c:77:26:9c:33:1a:f6:d1:53:b5:01:7f:b8:14:9d:61:
b1:e7:48:45:ed:cc:49:7f:19:f4:a7:d7:a8:ae:8a:b7:f9:ac:
8c:46:60:73:22:b5:1c:22:cd:aa:01:e8:0d:64:b2:e6:77:bc:
7c:cd:d0:94
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUP6owVfseF5LXxQ9RbRGRNAhd2kowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIzMDAwMDAwMFoX
DTI1MDIwMzIzNTk1OVowejFJMEcGA1UEBRNAZWVkNTBkOGRkODgzZjc2N2VjNTFj
MDlkY2ExMTQ3NDc1YzNiMzE5ZjFjN2RiNzNmYjQ5Y2YwZmVlMGNkYzRhODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqipwmMd4bIhJ03af258qXUWmGBB4
FQrZb0oBw8eQkeQUMrcFXUSbMbJzgUWPlAIW6G97BWwSUymgW7/Twa2K/giKHI+i
ar18lb7d8NjIphfsPHVGtL3rlmuqxpp2wH4SUl20emdWIRFrrqX06mKp+CqSg7RE
a1c1kaAznfQDGVQ603j5nwvz5b12/323GO54bTVCI2aSqgt2CKbgRXYGWdOoVJHH
e4qMxuJEh/oaTsUfLeIW3W/q/kbSbBwvED5UFHK3No4LlIMeGpqj8YXITqnOBwYi
ZRMHgLGyVBplC1cHVAZd7wi4lOKCZ4vqTLJIfv/gW+/eDcmVIOjDBs1+ywIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFMLXyuYVzu0LvFCTLLLm+iW6zCIZMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Q0MTQ1YjhmLWJjNTItNDJhNi05YmNjLTFmZWU4MWNkNGIwYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/4gwDQYJKoZIhvcNAQELBQADggEBABQFMUxsLJzkk6siZBVR
60a8PZRx9D6JGZRPiaDq2aJfwMJw5wRcQtgOkJMYyywyCMkFN6BgrkVHrXG1gplx
UmgrgBFJrOKOtASQgeyBjkIuQRO2sZn3benK4eMpV2OuKAEP65BxXUyr3z9AMglX
ZIp1gaTA1YwVeFCNqhSCF7Z2kMEaZPoN8ksw9EfH0Fq24FEVAIrcxBDZvcTvu6/C
Zc5+zB7b6grVB5IIxqOggX3kM7gzVwkUV7vFnIGePSF7/qD6s1zOD7kwjHcmnDMa
9tFTtQF/uBSdYbHnSEXtzEl/GfSn16iuirf5rIxGYHMitRwizaoB6A1ksuZ3vHzN
0JQ=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:06:45 2025 by rpki-client