Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e27bf057-dc28-40a3-a926-4fb934f0c994.roa
File: e27bf057-dc28-40a3-a926-4fb934f0c994.roa (raw, json)
Hash identifier: QBsJF8nHwIbj6ivMIcQdo3EK9fVfR1KQJBt0hD2YSpY=
Subject key identifier: AE:23:A0:04:11:F8:36:1C:1E:21:D8:D4:C2:BC:01:EB:DB:15:71:CB
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 10D1DFD8899ECBB58AF07C2DDFD56465AA376B07
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e27bf057-dc28-40a3-a926-4fb934f0c994.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da70:2800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
10:d1:df:d8:89:9e:cb:b5:8a:f0:7c:2d:df:d5:64:65:aa:37:6b:07
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:74:a0:ee:c4:83:39:0a:99:e9:a8:f3:b8:70:
03:de:16:28:46:a3:3d:db:46:fe:c0:ef:16:bc:65:
35:7f:f8:c3:e1:49:10:4e:fe:e2:71:6c:3a:de:ea:
b3:48:13:38:28:71:b8:ef:5e:75:bb:ac:80:74:0c:
d5:3a:3e:b9:b6:84:60:6c:2b:2b:91:db:48:b0:29:
f0:77:cb:88:ce:9b:71:c1:12:a1:bc:cb:a4:c5:7e:
7a:8b:53:c7:95:14:6a:6a:94:86:f3:b0:2b:28:e7:
61:2c:b9:ae:34:37:64:ba:fb:31:7c:64:87:5d:96:
87:6d:d2:12:0f:61:9f:82:36:57:a9:d3:5d:b4:f3:
a1:a2:03:d6:de:99:34:75:78:03:1b:96:39:fa:ee:
c5:07:9d:f3:d8:7c:da:1e:77:ea:58:23:8e:53:1c:
52:86:95:73:14:4e:79:e6:c1:ff:82:5f:ae:b4:7c:
78:13:d7:81:ff:6a:55:dc:6e:11:94:b9:77:2e:60:
8a:9c:a1:af:c1:3a:78:ea:81:23:44:6c:7d:81:8e:
5c:f5:94:3b:fc:71:e2:0e:5e:88:37:cc:ef:6f:9b:
26:ca:b4:12:78:99:ae:68:37:c2:de:20:21:4f:fa:
31:42:15:d3:2e:81:28:df:0f:31:17:44:06:91:7c:
74:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:23:A0:04:11:F8:36:1C:1E:21:D8:D4:C2:BC:01:EB:DB:15:71:CB
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e27bf057-dc28-40a3-a926-4fb934f0c994.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da70:2800::/40
Signature Algorithm: sha256WithRSAEncryption
b8:2a:e4:d9:86:9b:d2:83:6c:3a:b0:f5:2f:01:39:f4:8b:94:
71:bf:7a:95:8c:d3:f8:90:5a:bb:f0:39:c6:3a:19:3d:94:1b:
66:72:42:57:26:e0:02:d9:42:69:2f:80:78:c5:81:7a:f3:68:
07:ca:e3:7a:3f:1b:21:08:74:09:82:f8:5c:e5:8f:94:48:48:
d6:79:7f:61:90:e6:5f:cf:33:a3:8d:43:5a:e5:c3:9a:5b:d1:
36:40:6d:e1:49:9f:e0:ea:c6:55:f3:c7:d7:36:56:9f:60:79:
d7:55:8c:6e:fd:36:fc:65:3c:00:b1:e9:15:bc:ad:06:4b:cf:
06:f2:d4:44:27:b7:aa:62:d9:80:85:25:d0:24:0a:af:39:32:
b4:23:d0:aa:aa:a9:8b:b3:e9:e7:19:d6:e5:5a:f7:89:21:fb:
2f:bc:96:39:14:3e:c2:c7:6e:b8:7d:01:8f:7c:af:0c:a7:cc:
2b:0a:13:a5:12:b5:7a:1c:18:9a:e5:8e:63:6e:6f:15:ff:52:
94:39:29:6f:c8:0f:10:ac:65:43:ce:bc:eb:10:eb:b3:4e:7c:
ce:e8:31:5a:3d:62:6b:41:83:df:6a:94:8a:7f:3b:c7:1c:fd:
29:9b:54:cd:c0:52:20:44:1a:bf:a5:22:0f:90:ae:ed:bf:cd:
49:a4:91:58
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUENHf2Imey7WK8Hwt39VkZao3awcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAMDQ2YjkxMjY0MmMwNTY0N2VjY2Vm
NzM1OWU5ZjA3ZTIwNGQxZDMzYTdmNGJmZDgwYjlmZDE1MmVkYWJlZTE1YzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjHSg7sSDOQqZ6ajzuHAD3hYoRqM9
20b+wO8WvGU1f/jD4UkQTv7icWw63uqzSBM4KHG47151u6yAdAzVOj65toRgbCsr
kdtIsCnwd8uIzptxwRKhvMukxX56i1PHlRRqapSG87ArKOdhLLmuNDdkuvsxfGSH
XZaHbdISD2GfgjZXqdNdtPOhogPW3pk0dXgDG5Y5+u7FB53z2HzaHnfqWCOOUxxS
hpVzFE555sH/gl+utHx4E9eB/2pV3G4RlLl3LmCKnKGvwTp46oEjRGx9gY5c9ZQ7
/HHiDl6IN8zvb5smyrQSeJmuaDfC3iAhT/oxQhXTLoEo3w8xF0QGkXx0QwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFK4joAQR+DYcHiHY1MK8AevbFXHLMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UyN2JmMDU3LWRjMjgtNDBhMy1hOTI2LTRmYjkzNGYwYzk5NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbacCgwDQYJKoZIhvcNAQELBQADggEBALgq5NmGm9KDbDqw9S8B
OfSLlHG/epWM0/iQWrvwOcY6GT2UG2ZyQlcm4ALZQmkvgHjFgXrzaAfK43o/GyEI
dAmC+Fzlj5RISNZ5f2GQ5l/PM6ONQ1rlw5pb0TZAbeFJn+DqxlXzx9c2Vp9geddV
jG79NvxlPACx6RW8rQZLzwby1EQnt6pi2YCFJdAkCq85MrQj0KqqqYuz6ecZ1uVa
94kh+y+8ljkUPsLHbrh9AY98rwynzCsKE6UStXocGJrljmNubxX/UpQ5KW/IDxCs
ZUPOvOsQ67NOfM7oMVo9YmtBg99qlIp/O8cc/SmbVM3AUiBEGr+lIg+Qru2/zUmk
kVg=
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:31:56 2025 by rpki-client