Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea4aa742-f8b2-48b7-88b3-6ffe63189359.roa
File: ea4aa742-f8b2-48b7-88b3-6ffe63189359.roa (raw, json)
Hash identifier: QU7w06Zz0Tap4zShqaBim00pZOlES7qaUfxyKQGfVtg=
Subject key identifier: 55:2E:46:A6:CC:18:40:B9:6C:C0:A7:9E:67:56:23:63:FA:BD:47:58
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 07CE071BE21BFFA95274E9C2FCC29408D47AE292
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea4aa742-f8b2-48b7-88b3-6ffe63189359.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da30:9000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:ce:07:1b:e2:1b:ff:a9:52:74:e9:c2:fc:c2:94:08:d4:7a:e2:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:12:af:db:29:e2:da:c0:07:e5:2b:d7:dc:85:
ed:5f:35:8f:6f:24:1f:89:21:67:82:52:42:5d:ae:
01:69:63:97:ae:80:62:3a:49:db:79:00:dd:e3:0a:
d0:81:b8:63:47:e2:35:8c:87:4d:89:9b:dd:ea:f3:
5e:7e:bf:5f:ac:88:c3:63:b0:fa:f3:4d:57:83:ea:
92:bb:63:92:6f:dc:46:33:0d:18:e4:e0:15:cd:e8:
26:d1:3e:30:49:5d:a7:67:60:aa:57:09:47:b2:04:
6b:5c:45:de:f3:00:43:29:6a:5b:0d:d5:89:d6:36:
82:56:55:c1:ac:df:c6:37:ae:9d:09:c5:d7:17:10:
c8:2d:7d:5d:a3:d2:8c:23:59:45:7a:a3:a7:6b:a2:
dd:54:92:c6:32:cf:5e:a8:75:b2:37:50:9b:38:27:
c3:b8:a5:97:11:53:1e:d1:a9:cf:f0:58:51:a1:1a:
32:e1:a4:95:cb:a6:5b:8d:f3:b7:2d:16:87:60:36:
12:be:f8:eb:6d:20:5e:d2:42:6c:e8:d3:bd:f4:1e:
6e:0b:ea:b2:33:78:a9:6c:0d:32:8f:3f:30:b0:54:
05:99:5a:e0:a3:e1:1b:c3:14:3a:62:49:4a:f9:6a:
c1:00:d5:bd:ae:89:2f:ec:68:fd:f3:fa:3a:94:d0:
2c:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:2E:46:A6:CC:18:40:B9:6C:C0:A7:9E:67:56:23:63:FA:BD:47:58
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ea4aa742-f8b2-48b7-88b3-6ffe63189359.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da30:9000::/40
Signature Algorithm: sha256WithRSAEncryption
7e:8a:75:7e:89:6f:e5:64:f1:28:8b:9a:b4:e3:35:d2:c1:53:
f9:03:4c:97:52:fe:8f:63:6d:39:39:6b:c7:9b:1b:97:e6:d5:
e8:26:45:69:82:ad:58:b0:9d:05:39:4e:a7:04:09:51:b1:6d:
d8:73:e6:74:49:06:74:be:80:91:71:95:5f:0d:f5:ec:d3:f1:
f7:1d:ff:68:31:81:9b:4a:1d:41:b6:2a:84:7b:4b:74:4c:6c:
cc:0d:8e:b8:55:ec:a9:b6:07:7c:6f:71:37:ed:7c:6b:c2:69:
99:4a:24:6c:f4:ed:bc:70:4d:e0:28:c6:dd:4a:77:12:ba:ac:
3f:a0:89:f1:0b:89:f5:6b:e6:ff:dc:94:91:20:c1:ed:ce:fe:
c6:ee:4d:da:f7:d6:79:1f:54:e6:5f:f5:9f:10:69:10:79:96:
0f:34:9d:92:35:ae:5a:b3:4e:dd:45:99:fa:db:7b:c1:c6:4c:
ed:d5:d9:b0:4d:44:ed:9b:db:26:3f:20:9a:66:d0:c1:e5:68:
1d:36:8f:24:fa:f5:f1:05:9c:ad:27:8d:c0:e4:0e:11:12:9b:
fa:34:c0:4a:72:c3:88:30:ee:5b:10:39:91:ef:ab:b5:16:90:
3a:4b:60:84:ac:92:95:e2:a2:ab:c0:f2:58:e1:b6:f1:fe:b6:
2f:27:df:81
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUB84HG+Ib/6lSdOnC/MKUCNR64pIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMDAwMDAwMFoX
DTI1MDIxNDIzNTk1OVowejFJMEcGA1UEBRNAYzY5MDFjYTJjYTNmYjk1NDNhY2U5
ZTZlM2ZlZDk0ZjdiM2RkOTZmNDcxYWI4ZGUzMWYyMDFmZTcxNWZjYjQ1NzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApxKv2yni2sAH5SvX3IXtXzWPbyQf
iSFnglJCXa4BaWOXroBiOknbeQDd4wrQgbhjR+I1jIdNiZvd6vNefr9frIjDY7D6
801Xg+qSu2OSb9xGMw0Y5OAVzegm0T4wSV2nZ2CqVwlHsgRrXEXe8wBDKWpbDdWJ
1jaCVlXBrN/GN66dCcXXFxDILX1do9KMI1lFeqOna6LdVJLGMs9eqHWyN1CbOCfD
uKWXEVMe0anP8FhRoRoy4aSVy6ZbjfO3LRaHYDYSvvjrbSBe0kJs6NO99B5uC+qy
M3ipbA0yjz8wsFQFmVrgo+EbwxQ6YklK+WrBANW9rokv7Gj98/o6lNAsfwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFUuRqbMGEC5bMCnnmdWI2P6vUdYMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VhNGFhNzQyLWY4YjItNDhiNy04OGIzLTZmZmU2MzE4OTM1OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaMJAwDQYJKoZIhvcNAQELBQADggEBAH6KdX6Jb+Vk8SiLmrTj
NdLBU/kDTJdS/o9jbTk5a8ebG5fm1egmRWmCrViwnQU5TqcECVGxbdhz5nRJBnS+
gJFxlV8N9ezT8fcd/2gxgZtKHUG2KoR7S3RMbMwNjrhV7Km2B3xvcTftfGvCaZlK
JGz07bxwTeAoxt1KdxK6rD+gifELifVr5v/clJEgwe3O/sbuTdr31nkfVOZf9Z8Q
aRB5lg80nZI1rlqzTt1Fmfrbe8HGTO3V2bBNRO2b2yY/IJpm0MHlaB02jyT69fEF
nK0njcDkDhESm/o0wEpyw4gw7lsQOZHvq7UWkDpLYISskpXioqvA8ljhtvH+ti8n
34E=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:38 2025 by rpki-client