Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e4664211-6230-459e-9eaf-340bafb7f5d0.roa
File: e4664211-6230-459e-9eaf-340bafb7f5d0.roa (raw, json)
Hash identifier: s1CXZb0U2447Ww53zm/gOVbhq0o9xdm0BhZ/4ji9PxQ=
Subject key identifier: AF:FC:DC:5F:36:89:DC:0C:40:4A:25:9D:B1:92:A0:6E:3A:59:3D:11
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 21753340113149BE6C2CF688A982F27D3F7F1426
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e4664211-6230-459e-9eaf-340bafb7f5d0.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da17::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:75:33:40:11:31:49:be:6c:2c:f6:88:a9:82:f2:7d:3f:7f:14:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:17:1c:e7:1f:b9:3d:03:19:a4:57:d3:85:6e:
b7:2f:f4:46:13:09:4e:64:15:88:bf:68:05:fa:d7:
f9:a3:0a:68:6d:e8:6e:42:85:03:40:f7:85:79:28:
68:2b:a0:cc:ea:ea:bf:d4:34:2b:49:ec:9e:5f:e1:
47:e4:33:89:00:3d:9e:80:49:58:da:44:95:07:61:
c9:46:e0:f2:d1:cf:ba:32:d7:05:a7:8e:d0:08:2e:
98:84:0f:f7:ed:e1:19:d0:85:e2:f2:db:3b:2e:b2:
57:e7:76:96:48:64:27:4f:54:f5:bc:24:ad:c4:8f:
1f:78:06:67:bc:5f:fd:ca:90:8b:3c:1b:c8:df:4e:
56:e7:36:27:07:31:d9:6c:87:11:ff:69:6e:f3:0c:
fe:7c:09:9b:d0:47:0f:a2:a3:3c:da:b0:f6:d1:89:
9f:20:0f:06:8f:e1:2c:41:5a:8f:36:61:18:26:2f:
5a:87:dd:ee:b2:18:03:75:aa:68:4c:e6:37:2d:82:
b5:75:c1:81:2d:31:b8:39:48:0f:98:77:e2:59:aa:
c0:e3:20:4a:f1:25:ee:96:87:ab:e4:11:68:b0:07:
5b:6d:d9:ca:c3:77:64:0a:c2:74:82:91:27:ba:a4:
97:30:ac:f7:cf:3f:ca:ed:25:88:ce:35:ba:0d:b5:
5d:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:FC:DC:5F:36:89:DC:0C:40:4A:25:9D:B1:92:A0:6E:3A:59:3D:11
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e4664211-6230-459e-9eaf-340bafb7f5d0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da17::/36
Signature Algorithm: sha256WithRSAEncryption
55:93:9c:de:94:08:1f:66:e4:0a:d3:3d:37:6a:04:df:da:56:
19:c3:79:3b:6f:df:d3:a2:e9:73:af:ee:93:6e:dc:24:2a:56:
95:ab:9a:8f:57:6f:b8:8f:cd:97:4f:e5:e2:54:bb:31:c7:35:
d1:fa:ec:fb:1c:3e:92:54:2d:cc:1f:86:5f:fc:ee:72:77:30:
b0:32:0e:47:3f:b7:6c:df:49:31:a2:f3:78:b3:e3:c4:46:29:
47:95:ca:39:bf:b2:66:08:58:69:2e:c3:4d:40:71:04:3a:09:
ef:78:4b:ab:60:4e:d1:f2:12:83:fb:cf:d0:34:1d:a3:00:ed:
b3:25:4d:2e:fb:07:a5:9b:38:e7:73:66:d4:ac:ba:d0:58:c1:
11:4c:58:20:97:3a:14:1d:40:fd:9f:fa:26:81:08:8e:d5:6e:
a3:49:a8:bf:81:fa:2d:be:88:c3:8c:8f:6f:68:f2:99:86:44:
17:95:03:39:88:33:05:38:a5:6e:6a:98:6a:4f:e9:bb:54:a3:
ad:28:14:9e:52:6b:1c:b9:f0:14:6d:ec:66:fc:c2:05:de:58:
55:9d:6d:68:44:81:58:31:dc:3c:b3:e6:bd:f8:92:38:c0:f4:
46:3d:ac:8e:88:96:8d:61:0f:31:02:d5:2e:8c:61:25:c0:55:
aa:02:3c:19
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUIXUzQBExSb5sLPaIqYLyfT9/FCYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAYTA1ZDdlMjk5NTM2N2M2OTIxMzVk
ZGFmMjEzMWY2NTU0MmRhNWZlOTdkYjYyNjQwMWZjMTMxMWM1ZDdiM2E4MTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwBcc5x+5PQMZpFfThW63L/RGEwlO
ZBWIv2gF+tf5owpobehuQoUDQPeFeShoK6DM6uq/1DQrSeyeX+FH5DOJAD2egElY
2kSVB2HJRuDy0c+6MtcFp47QCC6YhA/37eEZ0IXi8ts7LrJX53aWSGQnT1T1vCSt
xI8feAZnvF/9ypCLPBvI305W5zYnBzHZbIcR/2lu8wz+fAmb0EcPoqM82rD20Ymf
IA8Gj+EsQVqPNmEYJi9ah93ushgDdapoTOY3LYK1dcGBLTG4OUgPmHfiWarA4yBK
8SXuloer5BFosAdbbdnKw3dkCsJ0gpEnuqSXMKz3zz/K7SWIzjW6DbVdpQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFK/83F82idwMQEolnbGSoG46WT0RMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2U0NjY0MjExLTYyMzAtNDU5ZS05ZWFmLTM0MGJhZmI3ZjVkMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaFwAwDQYJKoZIhvcNAQELBQADggEBAFWTnN6UCB9m5ArTPTdq
BN/aVhnDeTtv39Oi6XOv7pNu3CQqVpWrmo9Xb7iPzZdP5eJUuzHHNdH67PscPpJU
Lcwfhl/87nJ3MLAyDkc/t2zfSTGi83iz48RGKUeVyjm/smYIWGkuw01AcQQ6Ce94
S6tgTtHyEoP7z9A0HaMA7bMlTS77B6WbOOdzZtSsutBYwRFMWCCXOhQdQP2f+iaB
CI7VbqNJqL+B+i2+iMOMj29o8pmGRBeVAzmIMwU4pW5qmGpP6btUo60oFJ5Saxy5
8BRt7Gb8wgXeWFWdbWhEgVgx3Dyz5r34kjjA9EY9rI6Ilo1hDzEC1S6MYSXAVaoC
PBk=
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:37:11 2025 by rpki-client