Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d514cc94-d81f-4850-9ca1-4bd4b7a4b0dc.roa
File: d514cc94-d81f-4850-9ca1-4bd4b7a4b0dc.roa (raw, json)
Hash identifier: tQPBJuSu3tgGZUyEL7jso162ejDgqUgM1J7NAKMwJV0=
Subject key identifier: D6:E7:6A:93:D1:E0:32:A4:C2:FB:EC:DE:4F:21:FA:0D:41:C6:12:CC
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 360A9DB38C483DAA3EC4386A6FB1E80D57D31021
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d514cc94-d81f-4850-9ca1-4bd4b7a4b0dc.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
36:0a:9d:b3:8c:48:3d:aa:3e:c4:38:6a:6f:b1:e8:0d:57:d3:10:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:6a:36:f8:97:23:22:24:40:80:0a:6f:ed:92:
3f:ee:5e:14:c9:01:95:54:ac:bc:3f:67:8d:53:6f:
b8:24:a5:dc:f9:0b:bd:0e:e8:f1:7d:76:9e:36:04:
03:27:20:56:cd:f0:16:73:74:88:91:df:f8:d2:e3:
93:03:1f:e4:08:1f:66:e1:21:f9:3e:67:14:fc:61:
47:91:38:fe:31:4d:55:92:ca:8e:4c:7d:c6:31:d5:
fc:f1:b4:18:83:5f:1a:5f:79:e8:3e:7e:6f:2b:df:
60:6f:2a:73:2c:f5:c2:a1:16:d3:f8:8d:46:85:b5:
c7:4d:fe:ee:d1:26:a9:15:e7:52:3c:69:07:fe:5b:
86:b8:22:df:25:48:79:11:a1:13:6b:a0:b7:d9:2e:
b3:0d:38:78:33:58:30:f2:48:d4:36:7f:2e:43:dc:
78:0f:af:70:79:0e:8c:cb:cd:2b:3d:4e:29:36:01:
6a:02:48:b5:4c:7a:31:91:14:da:4e:97:17:8d:77:
af:93:d7:d3:3c:fd:13:43:44:6b:96:74:b5:4a:10:
c7:a9:6f:1c:b4:12:3b:f9:0d:73:af:aa:8b:c4:02:
86:0b:df:a1:86:4f:bc:ba:15:cd:25:65:a4:40:b7:
b0:1e:e4:05:7d:ff:7a:8c:83:eb:5c:42:c1:86:f8:
ab:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:E7:6A:93:D1:E0:32:A4:C2:FB:EC:DE:4F:21:FA:0D:41:C6:12:CC
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d514cc94-d81f-4850-9ca1-4bd4b7a4b0dc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:8000::/40
Signature Algorithm: sha256WithRSAEncryption
47:d2:ed:3b:87:6f:bc:f2:7a:02:45:97:96:fc:71:23:72:15:
6f:e5:53:11:bb:24:32:60:e8:ce:15:73:9a:28:af:16:f3:7f:
94:21:26:01:27:5e:a8:71:37:c3:01:51:8d:37:9b:61:87:63:
8d:73:6d:2c:25:cb:1a:19:19:72:a9:99:42:b9:75:6b:67:d2:
b5:62:7e:1a:a2:7c:dd:95:1b:c5:cc:54:5e:21:18:39:f8:b4:
1b:83:e5:32:8b:a7:03:d4:a2:2a:2f:59:83:8f:2a:0f:45:22:
c1:ce:23:8e:c5:08:a4:1a:d9:39:38:15:62:8e:96:f1:3b:6e:
2c:72:c0:2d:54:e8:2c:21:9d:d6:90:2f:1b:82:a9:04:d6:ef:
95:7a:23:16:0b:d3:ea:7f:f8:29:c0:8a:22:6c:6e:30:a5:c3:
99:b7:35:8f:1c:66:67:f6:15:fe:27:f9:47:e7:5b:b7:55:2d:
4e:1a:30:d8:6b:d1:cb:4a:84:f0:ae:b6:43:30:05:66:af:5b:
63:8b:ed:e0:59:80:6c:0f:98:e7:65:09:d3:1c:1b:26:4b:d5:
f4:47:e8:0d:9e:6e:21:07:cd:bd:f7:a1:37:28:66:86:a7:9b:
b2:5f:53:af:db:04:f3:77:a2:74:76:17:95:a5:1e:96:21:d1:
f0:47:95:fb
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUNgqds4xIPao+xDhqb7HoDVfTECEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNANTBmZTA1NDgyMjhhMDlmODNjNDIx
ZDZiYWU3NGJiZDVjMjdjYmQzNDBlOGVlN2EzNjY4NDM0NDQ3YjBhZjIzNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmo2+JcjIiRAgApv7ZI/7l4UyQGV
VKy8P2eNU2+4JKXc+Qu9DujxfXaeNgQDJyBWzfAWc3SIkd/40uOTAx/kCB9m4SH5
PmcU/GFHkTj+MU1VksqOTH3GMdX88bQYg18aX3noPn5vK99gbypzLPXCoRbT+I1G
hbXHTf7u0SapFedSPGkH/luGuCLfJUh5EaETa6C32S6zDTh4M1gw8kjUNn8uQ9x4
D69weQ6My80rPU4pNgFqAki1THoxkRTaTpcXjXevk9fTPP0TQ0RrlnS1ShDHqW8c
tBI7+Q1zr6qLxAKGC9+hhk+8uhXNJWWkQLewHuQFff96jIPrXELBhvirvQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNbnapPR4DKkwvvs3k8h+g1BxhLMMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Q1MTRjYzk0LWQ4MWYtNDg1MC05Y2ExLTRiZDRiN2E0YjBkYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+4AwDQYJKoZIhvcNAQELBQADggEBAEfS7TuHb7zyegJFl5b8
cSNyFW/lUxG7JDJg6M4Vc5oorxbzf5QhJgEnXqhxN8MBUY03m2GHY41zbSwlyxoZ
GXKpmUK5dWtn0rVifhqifN2VG8XMVF4hGDn4tBuD5TKLpwPUoiovWYOPKg9FIsHO
I47FCKQa2Tk4FWKOlvE7bixywC1U6CwhndaQLxuCqQTW75V6IxYL0+p/+CnAiiJs
bjClw5m3NY8cZmf2Ff4n+UfnW7dVLU4aMNhr0ctKhPCutkMwBWavW2OL7eBZgGwP
mOdlCdMcGyZL1fRH6A2ebiEHzb33oTcoZoanm7JfU6/bBPN3onR2F5WlHpYh0fBH
lfs=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:11:37 2025 by rpki-client