Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e349b597-0f1d-4a25-8fba-bd1085fa368b.roa
File: e349b597-0f1d-4a25-8fba-bd1085fa368b.roa (raw, json)
Hash identifier: tTa0o8meXce2H1tS4xlqXR7KgfmzVQ4HcSGWgqSseb8=
Subject key identifier: 88:2D:B4:07:B4:E4:6C:70:E1:23:41:4F:2B:0A:E0:42:35:92:93:56
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3A2FE712D551598615CC001E5B3FE936C0FAA0AA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e349b597-0f1d-4a25-8fba-bd1085fa368b.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:8800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:2f:e7:12:d5:51:59:86:15:cc:00:1e:5b:3f:e9:36:c0:fa:a0:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:76:44:b0:92:ec:d9:c5:8b:7b:5f:99:e8:61:
8f:f3:7c:e9:78:08:cc:91:57:5c:92:18:94:06:1c:
38:f9:c7:1f:67:e4:b5:83:23:7a:f7:ec:d7:d1:58:
90:6d:77:7a:a4:dd:39:60:85:8b:31:58:11:9e:61:
c5:ce:c3:02:0d:b1:5c:f4:af:ca:15:0e:f6:c5:9f:
47:f6:5e:d9:68:35:0f:b5:0b:30:00:42:87:d0:d4:
4d:79:de:78:09:86:7c:56:29:9a:09:6b:7c:13:f2:
ce:35:8d:0f:37:e0:32:c2:1f:23:a3:90:1d:07:de:
cf:91:11:de:9d:9a:e1:67:35:e8:62:49:8e:61:05:
a8:33:a6:9e:a2:c6:f7:92:7e:4f:88:e7:39:a9:e1:
64:d6:2f:5b:00:8f:0f:e3:dd:21:68:1c:b4:04:c8:
a7:87:a4:86:90:09:66:c0:b2:ce:59:81:04:56:64:
87:26:77:e5:10:7a:17:2e:2f:f4:f5:af:17:66:da:
e7:a4:69:77:78:9b:84:77:81:94:72:dc:92:f9:01:
45:cb:41:dc:e7:5a:8e:1c:70:4e:f2:72:15:00:54:
af:2e:dd:cf:a8:0c:c2:c8:32:05:b4:d0:43:8c:44:
c9:c6:e3:3f:5d:30:1b:c8:c2:de:b1:85:5c:6d:e4:
f7:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:2D:B4:07:B4:E4:6C:70:E1:23:41:4F:2B:0A:E0:42:35:92:93:56
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e349b597-0f1d-4a25-8fba-bd1085fa368b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:8800::/40
Signature Algorithm: sha256WithRSAEncryption
5b:23:68:2b:f8:6b:2d:88:03:84:df:20:d2:9e:75:1d:6d:aa:
65:4e:1a:c7:c7:75:58:a7:38:16:72:0e:19:1d:19:34:62:34:
c4:8a:d5:52:29:99:dc:dd:a0:f0:90:d0:8d:32:7c:af:37:77:
49:40:94:6c:2e:a0:f0:2c:a5:9a:5a:2d:2d:bb:a5:7c:4d:97:
7f:5e:52:bc:f7:7f:ea:f3:ba:de:e4:0d:30:26:4c:a9:a9:ed:
f1:37:81:79:0a:d8:4a:30:b4:ff:83:05:00:05:f6:41:78:f8:
63:5f:2e:6c:5a:98:b0:ae:69:f1:64:05:f1:ee:80:c7:30:b1:
44:ba:fa:e3:da:26:d0:c8:13:67:e9:2e:9c:0c:c6:7d:89:48:
d9:f7:a9:fe:5b:83:59:88:52:69:5a:43:f2:89:14:00:da:1f:
d0:0a:17:a8:af:80:1a:ab:47:b9:bc:3a:fa:d9:42:8c:3c:7d:
88:cf:b6:6c:5e:fe:9e:4c:5f:f2:89:7f:30:c4:b3:27:c7:c5:
64:48:55:a7:ff:e9:14:47:59:6b:a3:35:d6:bb:a8:7b:0d:0a:
29:6a:76:37:05:3e:ba:f2:e1:3b:03:64:c5:e8:8d:ef:f5:8c:
ec:93:14:bf:c9:e0:52:c3:31:ab:33:9b:6a:52:b1:51:1c:3d:
8f:2c:95:92
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUOi/nEtVRWYYVzAAeWz/pNsD6oKowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIyNTAwMDAwMFoX
DTI1MDEyOTIzNTk1OVowejFJMEcGA1UEBRNAY2QzZTA4ODM5YThlNTViNDQ3NWU4
YThmMmJlNTQyY2FhZDI3NDZlM2VlMjE1MmZlN2NmYjBiY2E5YzFhZmU3YTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXZEsJLs2cWLe1+Z6GGP83zpeAjM
kVdckhiUBhw4+ccfZ+S1gyN69+zX0ViQbXd6pN05YIWLMVgRnmHFzsMCDbFc9K/K
FQ72xZ9H9l7ZaDUPtQswAEKH0NRNed54CYZ8VimaCWt8E/LONY0PN+Aywh8jo5Ad
B97PkRHenZrhZzXoYkmOYQWoM6aeosb3kn5PiOc5qeFk1i9bAI8P490haBy0BMin
h6SGkAlmwLLOWYEEVmSHJnflEHoXLi/09a8XZtrnpGl3eJuEd4GUctyS+QFFy0Hc
51qOHHBO8nIVAFSvLt3PqAzCyDIFtNBDjETJxuM/XTAbyMLesYVcbeT3ywIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIgttAe05Gxw4SNBTysK4EI1kpNWMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UzNDliNTk3LTBmMWQtNGEyNS04ZmJhLWJkMTA4NWZhMzY4Yi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba94gwDQYJKoZIhvcNAQELBQADggEBAFsjaCv4ay2IA4TfINKe
dR1tqmVOGsfHdVinOBZyDhkdGTRiNMSK1VIpmdzdoPCQ0I0yfK83d0lAlGwuoPAs
pZpaLS27pXxNl39eUrz3f+rzut7kDTAmTKmp7fE3gXkK2EowtP+DBQAF9kF4+GNf
LmxamLCuafFkBfHugMcwsUS6+uPaJtDIE2fpLpwMxn2JSNn3qf5bg1mIUmlaQ/KJ
FADaH9AKF6ivgBqrR7m8OvrZQow8fYjPtmxe/p5MX/KJfzDEsyfHxWRIVaf/6RRH
WWujNda7qHsNCilqdjcFPrry4TsDZMXoje/1jOyTFL/J4FLDMaszm2pSsVEcPY8s
lZI=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:57 2025 by rpki-client