Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e65a7bae-3455-401c-9c8b-31b1d31be854.roa
File: e65a7bae-3455-401c-9c8b-31b1d31be854.roa (raw, json)
Hash identifier: zcZkdOflCQljLjXdyIikLU8xX2sEQGEFysdOjuDWtLI=
Subject key identifier: 94:EC:65:9B:14:1E:6C:6F:16:E7:24:80:5C:1E:54:63:C6:58:98:6C
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 07A017BB2FEB2242F355A89B8D29CE15F9D06F37
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e65a7bae-3455-401c-9c8b-31b1d31be854.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:4800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:a0:17:bb:2f:eb:22:42:f3:55:a8:9b:8d:29:ce:15:f9:d0:6f:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:09:b3:34:54:ca:72:7d:34:de:da:ec:51:e8:
7b:bd:79:a3:52:0b:a2:a4:f7:db:44:b2:fe:05:f3:
63:fc:26:c7:2f:61:b9:cc:b9:bc:cb:e4:2d:9c:25:
ba:4b:06:b6:a4:fe:ac:9e:55:95:8c:13:f2:c6:00:
aa:16:15:d6:47:72:2e:ab:50:57:dc:f9:c5:fc:ad:
bb:14:67:30:9e:d4:db:0c:d5:3b:7c:b8:90:a9:19:
00:5a:ac:eb:e8:58:df:57:d9:f9:3d:4d:d4:ef:2f:
c0:6a:5e:80:ed:4e:bb:8b:53:a1:00:55:c0:1b:6c:
b4:86:00:ee:d6:40:88:7c:34:d5:72:4d:22:4c:4f:
33:e1:db:79:13:e4:d3:dc:30:b5:a1:c6:ec:fa:90:
f6:29:71:fd:e3:b8:cf:89:db:51:3f:cb:ff:f7:4b:
0c:fc:84:87:f0:3a:3b:ed:bc:fa:e0:6a:fc:ee:5d:
61:92:c6:c1:8d:65:b8:6d:88:43:f8:86:6e:28:77:
1c:4b:64:fd:ff:a3:61:05:01:1b:0b:9e:d6:40:bf:
b2:b1:34:95:ff:d1:d3:59:27:dc:c2:6a:86:92:10:
27:ef:c1:c8:73:9c:33:36:ad:1c:45:55:e2:eb:1f:
19:5a:5f:55:f5:ed:d8:36:35:5c:bd:50:d2:ae:ed:
93:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:EC:65:9B:14:1E:6C:6F:16:E7:24:80:5C:1E:54:63:C6:58:98:6C
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e65a7bae-3455-401c-9c8b-31b1d31be854.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:4800::/40
Signature Algorithm: sha256WithRSAEncryption
8e:ae:a7:03:bb:5a:34:1b:54:a9:39:f4:0f:9c:f2:40:70:ce:
0e:2d:78:29:ef:df:12:b8:f7:5f:24:09:1d:84:b7:e2:aa:cc:
32:a2:92:3d:19:91:1d:d0:e4:5f:5e:a2:f9:3f:0a:23:24:87:
90:5b:32:83:f9:71:cd:3e:82:ef:6d:63:e4:96:bd:31:96:ff:
f2:3b:74:f6:06:7e:31:9f:60:bf:59:cd:01:91:9c:81:53:5c:
d4:9b:c1:d0:77:18:7f:01:84:b2:09:e9:d3:e2:89:c3:a3:08:
7d:65:76:c8:7e:0d:20:ec:c9:9a:e5:65:7d:82:cb:52:80:f1:
17:89:a7:a1:66:34:76:20:d7:17:d2:32:94:e4:9b:85:fb:d3:
64:cd:45:95:e3:d9:0c:fa:3a:34:a9:2e:8b:5c:45:85:ac:cb:
60:ea:2a:b1:d0:ce:65:73:9e:08:24:ec:96:39:c9:03:94:21:
9c:f9:74:43:43:96:06:ec:6b:8b:23:39:d4:90:4f:44:f8:20:
59:af:b8:a5:b2:0b:be:66:56:e1:1f:17:c2:fb:31:a7:66:61:
bf:8f:f2:38:bb:4e:5e:d5:48:b1:76:9e:11:88:72:9a:61:f6:
ac:23:85:47:1f:98:71:ec:9f:03:68:21:3c:83:8d:25:7a:fa:
52:91:85:e5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUB6AXuy/rIkLzVaibjSnOFfnQbzcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAYzQyODFiNTIxMGVkMzQzYTBiMTJi
OWU5NTUzZDQ0ZWE0OWY1MWJiMjFlMTljMDU3NjE0MmU4YzRkYTkyNDIzYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuAmzNFTKcn003trsUeh7vXmjUgui
pPfbRLL+BfNj/CbHL2G5zLm8y+QtnCW6Swa2pP6snlWVjBPyxgCqFhXWR3Iuq1BX
3PnF/K27FGcwntTbDNU7fLiQqRkAWqzr6FjfV9n5PU3U7y/Aal6A7U67i1OhAFXA
G2y0hgDu1kCIfDTVck0iTE8z4dt5E+TT3DC1ocbs+pD2KXH947jPidtRP8v/90sM
/ISH8Do77bz64Gr87l1hksbBjWW4bYhD+IZuKHccS2T9/6NhBQEbC57WQL+ysTSV
/9HTWSfcwmqGkhAn78HIc5wzNq0cRVXi6x8ZWl9V9e3YNjVcvVDSru2TDwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJTsZZsUHmxvFuckgFweVGPGWJhsMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2U2NWE3YmFlLTM0NTUtNDAxYy05YzhiLTMxYjFkMzFiZTg1NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+0gwDQYJKoZIhvcNAQELBQADggEBAI6upwO7WjQbVKk59A+c
8kBwzg4teCnv3xK4918kCR2Et+KqzDKikj0ZkR3Q5F9eovk/CiMkh5BbMoP5cc0+
gu9tY+SWvTGW//I7dPYGfjGfYL9ZzQGRnIFTXNSbwdB3GH8BhLIJ6dPiicOjCH1l
dsh+DSDsyZrlZX2Cy1KA8ReJp6FmNHYg1xfSMpTkm4X702TNRZXj2Qz6OjSpLotc
RYWsy2DqKrHQzmVznggk7JY5yQOUIZz5dENDlgbsa4sjOdSQT0T4IFmvuKWyC75m
VuEfF8L7MadmYb+P8ji7Tl7VSLF2nhGIcpph9qwjhUcfmHHsnwNoITyDjSV6+lKR
heU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:07:18 2025 by rpki-client