Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d74980db-a60d-487c-9253-3e131534d8d4.roa
File: d74980db-a60d-487c-9253-3e131534d8d4.roa (raw, json)
Hash identifier: xG50cOMGPjyXqD/deVj6sw9NtF90zU1Pvi6SiSITRQo=
Subject key identifier: 99:90:EF:3B:84:C7:10:E8:FF:03:4D:F2:DE:9D:2C:54:46:0B:99:59
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 275D4F3A91F274661D204931ACC2194437C8AF95
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d74980db-a60d-487c-9253-3e131534d8d4.roa
Signing time: Fri 16 May 2025 15:31:03 +0000
ROA not before: Fri 16 May 2025 15:31:03 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab9:f000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:5d:4f:3a:91:f2:74:66:1d:20:49:31:ac:c2:19:44:37:c8:af:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: May 16 15:31:03 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=b2710f524e489dec5bd76d4de668bbc3c4551342973928a57d57df15eb0d4880, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3a:df:0f:74:3a:aa:a5:72:01:55:29:af:29:
89:7c:22:68:57:08:3f:4b:27:6a:af:15:e8:cf:85:
f5:21:e4:6a:22:41:1e:16:67:62:dc:54:ba:c1:ef:
e6:41:f0:e3:ff:a2:f0:c9:12:59:8d:66:a4:6e:e3:
bf:87:d0:78:a9:62:91:a1:c9:af:8f:b8:7e:9d:41:
30:a5:f4:e4:91:28:58:39:86:3a:5d:8b:7e:27:08:
cd:6d:b9:76:c5:35:ea:71:65:5f:d7:c7:19:a9:a0:
44:e0:f2:9a:65:4e:5b:6d:49:79:de:cd:c1:e7:4b:
04:dd:a6:51:ef:fb:6d:6a:6c:c3:b3:78:83:b1:20:
5e:4f:89:ee:f7:47:c4:1f:56:14:d6:e5:32:05:48:
06:31:7d:1a:70:37:29:f7:1b:3a:f2:a7:2d:00:ef:
92:f5:87:58:87:09:7b:a8:37:dd:4b:54:8b:b7:af:
71:c5:d6:f1:04:3c:b6:e7:bb:99:5d:e6:01:15:d5:
73:65:4b:7a:6e:8a:99:cb:bc:10:76:98:d9:6a:eb:
01:d9:2c:b1:74:cd:b7:8f:e0:fc:d2:a0:1c:f5:04:
81:54:fe:ab:c3:ae:14:e2:8b:81:c1:3c:c0:d9:a1:
e1:c3:08:40:b0:d7:62:ce:9f:44:31:bb:58:e9:a4:
3c:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:90:EF:3B:84:C7:10:E8:FF:03:4D:F2:DE:9D:2C:54:46:0B:99:59
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d74980db-a60d-487c-9253-3e131534d8d4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab9:f000::/40
Signature Algorithm: sha256WithRSAEncryption
41:dc:79:7b:08:a2:f3:59:e1:5d:e8:54:c6:fa:03:1b:8d:1b:
b0:d6:99:8a:51:cb:3d:cb:10:cf:46:c8:dc:a6:32:32:57:5b:
32:d6:b0:e5:8b:26:b3:12:75:71:5e:01:d3:e1:91:ca:3c:7a:
64:27:2e:12:9f:85:2a:7c:ef:3b:1f:7c:44:64:28:6c:0b:29:
69:e4:9e:b1:43:5a:2f:14:a4:95:02:b5:15:93:1a:6c:d1:b1:
85:46:10:5c:69:4d:62:41:39:95:fb:0c:45:15:43:5f:2a:b8:
79:65:26:66:31:7e:b6:bb:e7:9c:a2:99:29:fc:ce:3c:74:60:
be:20:2f:c7:da:a4:a9:0b:ae:e1:14:ac:58:f0:6c:d9:22:ed:
42:ea:6f:ff:22:fa:32:a0:30:51:01:e8:19:29:24:60:ad:b1:
4d:dd:cc:97:7e:a1:dd:69:6e:91:62:76:88:dc:54:39:f5:09:
98:1a:26:b2:3a:99:e0:1c:ce:ab:74:f3:76:74:1e:12:94:8f:
92:7d:fe:ab:6d:39:e7:f5:fb:22:be:f6:d0:c9:f3:3e:48:d5:
5e:b2:af:b4:64:6e:0a:5c:c3:82:cb:a4:ca:e7:e6:d8:58:57:
46:31:22:7c:ad:17:91:56:2e:af:3c:08:7a:b4:71:34:d6:a3:
5e:31:31:4d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUJ11POpHydGYdIEkxrMIZRDfIr5UwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MzEwM1oX
DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYjI3MTBmNTI0ZTQ4OWRlYzViZDc2
ZDRkZTY2OGJiYzNjNDU1MTM0Mjk3MzkyOGE1N2Q1N2RmMTVlYjBkNDg4MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsjrfD3Q6qqVyAVUprymJfCJoVwg/
SydqrxXoz4X1IeRqIkEeFmdi3FS6we/mQfDj/6LwyRJZjWakbuO/h9B4qWKRocmv
j7h+nUEwpfTkkShYOYY6XYt+JwjNbbl2xTXqcWVf18cZqaBE4PKaZU5bbUl53s3B
50sE3aZR7/ttamzDs3iDsSBeT4nu90fEH1YU1uUyBUgGMX0acDcp9xs68qctAO+S
9YdYhwl7qDfdS1SLt69xxdbxBDy257uZXeYBFdVzZUt6boqZy7wQdpjZausB2Syx
dM23j+D80qAc9QSBVP6rw64U4ouBwTzA2aHhwwhAsNdizp9EMbtY6aQ8/wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJmQ7zuExxDo/wNN8t6dLFRGC5lZMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Q3NDk4MGRiLWE2MGQtNDg3Yy05MjUzLTNlMTMxNTM0ZDhkNC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaufAwDQYJKoZIhvcNAQELBQADggEBAEHceXsIovNZ4V3oVMb6
AxuNG7DWmYpRyz3LEM9GyNymMjJXWzLWsOWLJrMSdXFeAdPhkco8emQnLhKfhSp8
7zsffERkKGwLKWnknrFDWi8UpJUCtRWTGmzRsYVGEFxpTWJBOZX7DEUVQ18quHll
JmYxfra755yimSn8zjx0YL4gL8fapKkLruEUrFjwbNki7ULqb/8i+jKgMFEB6Bkp
JGCtsU3dzJd+od1pbpFidojcVDn1CZgaJrI6meAczqt083Z0HhKUj5J9/qttOef1
+yK+9tDJ8z5I1V6yr7Rkbgpcw4LLpMrn5thYV0YxInytF5FWLq88CHq0cTTWo14x
MU0=
-----END CERTIFICATE-----
Generated at Mon Jun 30 19:37:14 2025 by rpki-client