Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e73cf5f8-ee0d-4dce-80b1-b508f319b1ca.roa
File: e73cf5f8-ee0d-4dce-80b1-b508f319b1ca.roa (raw, json)
Hash identifier: IQJMjeoY4Nyl2rjQZmFQGhEYdk/KCh9xM+aOrJ9SCzY=
Subject key identifier: 83:75:15:07:86:15:1E:EF:ED:65:80:99:0E:C3:7A:8C:A3:C4:A8:22
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 699D00D833033D89BCBF098DEF23423F2E047992
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e73cf5f8-ee0d-4dce-80b1-b508f319b1ca.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:6000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:9d:00:d8:33:03:3d:89:bc:bf:09:8d:ef:23:42:3f:2e:04:79:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:2c:6f:cf:da:b3:87:6f:d6:66:92:11:30:9a:
22:38:8b:29:56:7b:82:4c:8c:7a:32:62:d0:ff:5c:
3c:33:4f:f4:c6:b3:4d:48:53:fd:ce:76:06:89:a6:
0e:61:ce:b1:5c:a7:fb:a8:c6:fa:e9:e5:10:d5:4b:
64:89:11:27:38:e4:a1:ef:01:95:44:7d:88:47:2a:
98:1e:8d:b3:5f:3f:53:61:cc:04:59:1b:db:9a:e4:
ad:cd:9f:c3:3c:81:7b:37:0c:1c:97:fb:f6:db:c1:
1a:b9:f1:8f:9b:77:09:eb:f7:d9:d6:49:d8:b0:a3:
21:4a:5f:d7:d9:55:58:d8:ef:8e:d1:a8:95:7f:eb:
b2:ed:f1:c1:df:d3:fa:0f:ab:e1:8e:2c:be:c0:76:
2f:f5:30:81:78:fc:2a:8f:e3:94:0b:00:e9:5c:87:
73:b4:81:ea:d4:9d:9b:67:78:d9:16:c7:01:38:a1:
35:58:b4:26:08:33:6b:9e:d5:f3:96:30:f1:bb:d1:
6e:86:1d:48:fe:61:3c:d6:11:2d:65:e2:bb:e8:fd:
d4:f8:54:f6:10:4a:9d:d6:05:28:8a:d6:cc:76:ae:
73:01:a5:ee:92:8e:bb:82:82:84:2e:2a:03:57:91:
a4:17:0a:37:ef:dd:73:09:ed:53:67:bc:3d:8f:a9:
b5:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:75:15:07:86:15:1E:EF:ED:65:80:99:0E:C3:7A:8C:A3:C4:A8:22
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e73cf5f8-ee0d-4dce-80b1-b508f319b1ca.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:6000::/40
Signature Algorithm: sha256WithRSAEncryption
b1:41:b8:18:ff:82:60:33:97:d2:33:cb:14:38:c0:20:22:35:
a4:c5:06:70:88:17:66:1d:45:2b:5c:48:2f:03:d7:c0:17:ca:
c3:d6:1c:b7:cd:c0:10:bb:27:15:a0:df:eb:19:28:6c:cd:03:
f7:6a:5d:97:49:d3:44:e0:d8:8f:0b:4c:35:2a:6f:f5:4a:ab:
b1:27:a6:30:e9:b8:8f:c5:28:90:5a:d0:5f:e5:41:2f:43:36:
52:53:66:02:c6:95:31:d4:6f:c7:d2:20:22:a4:8d:65:3a:71:
44:5d:4c:19:d9:9c:d3:2d:8b:08:62:ab:64:1e:51:f0:6b:8b:
a8:8a:0b:d7:2c:3c:8b:cc:b6:01:3d:46:8c:0a:a1:65:e7:c7:
ce:a8:ef:86:20:9f:2e:a2:4c:a6:e1:69:18:f1:4d:f9:af:ab:
2b:b2:8f:4f:11:8e:23:09:d2:d0:a3:c5:de:87:aa:df:79:c2:
bb:0b:4b:0a:53:e9:cb:58:c6:24:81:26:91:cb:fe:25:e6:06:
2f:1c:95:15:e7:08:9c:be:0f:5a:2e:50:fe:9e:31:a9:84:02:
0c:a1:5e:c1:e5:b0:ab:32:9f:1b:19:4d:0c:ee:2c:69:7e:63:
12:8d:5a:cb:75:f3:fc:59:7b:1c:6b:13:ef:2d:29:be:18:71:
16:77:78:b9
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUaZ0A2DMDPYm8vwmN7yNCPy4EeZIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAYmUzODU2ODc3N2E2MmYyNWJmM2Ez
NjkwNWZjNjAxNGNlYjgxMTVmMTkzMGMwOTFmYzM5NWM4NzU3MDQ0NWE1NDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAySxvz9qzh2/WZpIRMJoiOIspVnuC
TIx6MmLQ/1w8M0/0xrNNSFP9znYGiaYOYc6xXKf7qMb66eUQ1UtkiREnOOSh7wGV
RH2IRyqYHo2zXz9TYcwEWRvbmuStzZ/DPIF7Nwwcl/v228EaufGPm3cJ6/fZ1knY
sKMhSl/X2VVY2O+O0aiVf+uy7fHB39P6D6vhjiy+wHYv9TCBePwqj+OUCwDpXIdz
tIHq1J2bZ3jZFscBOKE1WLQmCDNrntXzljDxu9Fuhh1I/mE81hEtZeK76P3U+FT2
EEqd1gUoitbMdq5zAaXuko67goKELioDV5GkFwo3791zCe1TZ7w9j6m1HwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIN1FQeGFR7v7WWAmQ7DeoyjxKgiMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2U3M2NmNWY4LWVlMGQtNGRjZS04MGIxLWI1MDhmMzE5YjFjYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+2AwDQYJKoZIhvcNAQELBQADggEBALFBuBj/gmAzl9IzyxQ4
wCAiNaTFBnCIF2YdRStcSC8D18AXysPWHLfNwBC7JxWg3+sZKGzNA/dqXZdJ00Tg
2I8LTDUqb/VKq7EnpjDpuI/FKJBa0F/lQS9DNlJTZgLGlTHUb8fSICKkjWU6cURd
TBnZnNMtiwhiq2QeUfBri6iKC9csPIvMtgE9RowKoWXnx86o74Ygny6iTKbhaRjx
Tfmvqyuyj08RjiMJ0tCjxd6Hqt95wrsLSwpT6ctYxiSBJpHL/iXmBi8clRXnCJy+
D1ouUP6eMamEAgyhXsHlsKsynxsZTQzuLGl+YxKNWst18/xZexxrE+8tKb4YcRZ3
eLk=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:01 2025 by rpki-client