Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d44b4291-2d06-4a93-85eb-5eb3d0e7a432.roa
File: d44b4291-2d06-4a93-85eb-5eb3d0e7a432.roa (raw, json)
Hash identifier: GS+Ybr5RSOGyPNr/4J0cEWwev/2EyLmdQnvsyvg5t64=
Subject key identifier: 82:35:C6:D2:36:23:A2:7B:0B:4E:B9:5C:EC:14:0E:C7:8F:AB:CC:C8
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2B030596E6BF51A5B091059D273071DC559286CB
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d44b4291-2d06-4a93-85eb-5eb3d0e7a432.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da68:8800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:03:05:96:e6:bf:51:a5:b0:91:05:9d:27:30:71:dc:55:92:86:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:52:34:cb:8c:06:1e:fd:b9:43:45:25:2c:ae:
f3:a1:bd:0d:67:5c:76:06:89:4b:f8:e4:5f:fe:c4:
d0:31:4a:68:a1:40:c2:55:d5:14:f4:e9:d5:62:96:
b4:2c:a0:d5:eb:43:67:69:1c:87:b8:01:8e:15:36:
05:37:df:97:18:03:2d:01:50:6c:69:6a:bb:8b:80:
a4:25:ba:53:3b:86:57:7b:52:b8:ca:15:4f:2c:63:
98:43:84:65:e3:66:fe:2c:43:47:eb:a8:1c:80:8a:
ee:b0:c0:dd:ad:9a:13:86:2b:cf:65:f5:02:d9:b3:
77:ab:97:89:14:01:23:7b:46:96:6c:6f:d7:81:55:
e1:f8:c5:27:7d:dd:c8:b2:3f:97:f6:e5:3f:9c:71:
96:bb:8a:7a:0b:12:2d:38:c4:9a:60:a2:af:5d:2d:
de:77:aa:5b:96:91:9b:f9:19:57:7d:fb:5c:bc:8e:
a7:0f:54:dd:7a:8b:7a:dd:d1:c0:2a:c6:89:ac:b6:
87:f2:0b:fe:b0:69:db:cb:2e:5b:60:4c:6f:ab:cf:
70:21:e2:15:35:3b:a5:ab:7f:8b:9b:25:bd:04:e1:
f3:7b:cb:a1:39:a3:3f:83:3a:d2:08:f6:9d:f8:46:
f3:f2:cd:f2:26:62:67:b2:a2:05:6f:31:19:dc:6d:
cc:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:35:C6:D2:36:23:A2:7B:0B:4E:B9:5C:EC:14:0E:C7:8F:AB:CC:C8
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d44b4291-2d06-4a93-85eb-5eb3d0e7a432.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da68:8800::/40
Signature Algorithm: sha256WithRSAEncryption
87:93:2e:eb:e6:10:d1:db:1b:22:0d:b2:17:4c:a5:74:b2:e4:
d0:66:6a:b3:0d:a3:c0:63:a6:4c:cc:c6:84:4f:f2:fa:ba:11:
52:38:ef:32:4f:56:98:01:92:20:9a:bb:7b:f2:b1:d4:35:af:
a9:74:f0:61:a0:f1:9b:95:e1:8b:ad:b2:f4:52:52:b2:2b:95:
d4:29:0c:5a:44:ed:a5:99:34:82:5c:ab:84:9f:af:bd:63:71:
9e:09:23:67:84:aa:d4:1b:f1:1c:0c:fc:bb:34:94:f1:cb:2e:
95:e6:98:1e:bb:3b:2f:3a:26:b7:23:bc:56:47:b5:f6:96:ca:
f8:8d:10:02:67:d1:81:95:8d:ae:88:72:d2:57:ff:2e:d9:3a:
30:63:78:13:27:4d:80:a2:56:9b:08:34:16:ff:7d:8b:a3:47:
e6:84:7b:65:d3:27:f9:67:80:dc:d2:20:83:9a:27:36:77:68:
d0:ca:33:38:b3:89:cd:c5:d4:45:eb:75:07:e1:d8:7e:00:cc:
d8:bb:46:df:2a:f3:f1:09:97:14:23:29:52:2c:56:1e:6c:38:
8e:3e:53:4e:c2:4b:05:46:7d:26:3e:28:4e:71:af:ab:4f:e1:
4a:d8:76:99:3c:e5:9e:37:84:39:68:d0:10:2c:15:30:3c:e0:
65:7c:ad:a2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUKwMFlua/UaWwkQWdJzBx3FWShsswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIyNTAwMDAwMFoX
DTI1MDEyOTIzNTk1OVowejFJMEcGA1UEBRNAYzIzNGU1OTYyMGVkNmJmMzM3NTRm
MDJlNGY2MTBmNGRiMzYyNWMwZTk3YTU2NDVjOWQ3ZTY1ZGYxNGQzZjY4NTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArlI0y4wGHv25Q0UlLK7zob0NZ1x2
BolL+ORf/sTQMUpooUDCVdUU9OnVYpa0LKDV60NnaRyHuAGOFTYFN9+XGAMtAVBs
aWq7i4CkJbpTO4ZXe1K4yhVPLGOYQ4Rl42b+LENH66gcgIrusMDdrZoThivPZfUC
2bN3q5eJFAEje0aWbG/XgVXh+MUnfd3Isj+X9uU/nHGWu4p6CxItOMSaYKKvXS3e
d6pblpGb+RlXfftcvI6nD1Tdeot63dHAKsaJrLaH8gv+sGnbyy5bYExvq89wIeIV
NTulq3+LmyW9BOHze8uhOaM/gzrSCPad+Ebz8s3yJmJnsqIFbzEZ3G3MbQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFII1xtI2I6J7C065XOwUDsePq8zIMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Q0NGI0MjkxLTJkMDYtNGE5My04NWViLTVlYjNkMGU3YTQzMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaIgwDQYJKoZIhvcNAQELBQADggEBAIeTLuvmENHbGyINshdM
pXSy5NBmarMNo8BjpkzMxoRP8vq6EVI47zJPVpgBkiCau3vysdQ1r6l08GGg8ZuV
4YutsvRSUrIrldQpDFpE7aWZNIJcq4Sfr71jcZ4JI2eEqtQb8RwM/Ls0lPHLLpXm
mB67Oy86JrcjvFZHtfaWyviNEAJn0YGVja6IctJX/y7ZOjBjeBMnTYCiVpsINBb/
fYujR+aEe2XTJ/lngNzSIIOaJzZ3aNDKMzizic3F1EXrdQfh2H4AzNi7Rt8q8/EJ
lxQjKVIsVh5sOI4+U07CSwVGfSY+KE5xr6tP4UrYdpk85Z43hDlo0BAsFTA84GV8
raI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:11:54 2025 by rpki-client