Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f38953cd-42bb-4366-8bc6-17e1a01d2f4a.roa
File: f38953cd-42bb-4366-8bc6-17e1a01d2f4a.roa (raw, json)
Hash identifier: k5Pm4GZn1NPDmASFSQraPjxil5B0z5X99p90wTQvZqs=
Subject key identifier: 0C:C3:25:99:67:8D:86:11:A7:F5:CF:96:AC:7B:A9:34:A1:8B:5A:67
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 234D09F990786986277CE3628F98339371C2C4BA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f38953cd-42bb-4366-8bc6-17e1a01d2f4a.roa
Signing time: Fri 21 Mar 2025 00:00:21 +0000
ROA not before: Fri 21 Mar 2025 00:00:21 +0000
ROA not after: Fri 25 Apr 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2406:da60:7000::/40 maxlen: 48
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:4d:09:f9:90:78:69:86:27:7c:e3:62:8f:98:33:93:71:c2:c4:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 21 00:00:21 2025 GMT
Not After : Apr 25 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:34:3d:0f:18:ea:98:d6:7c:1b:c1:d3:12:84:
20:e6:f9:70:d1:b8:3c:c2:5e:56:3c:35:8b:46:c4:
62:a3:db:2a:6e:49:08:cc:87:a4:84:80:65:38:5b:
88:44:06:fb:e1:8a:93:cf:2e:13:92:91:7f:06:28:
5d:f9:f6:98:d7:d2:f1:16:81:72:f2:aa:1d:5a:10:
cc:73:64:36:32:31:2c:fd:68:8c:7b:d9:18:a6:c7:
02:7d:b3:14:27:81:1d:c9:b7:19:18:a9:25:39:a6:
cc:2c:ca:fe:8e:7b:6a:d6:f6:58:01:e8:7f:da:84:
ce:81:f0:9e:87:d2:e5:53:6f:69:e6:bc:c6:2c:2c:
60:de:84:9c:db:52:7f:df:19:f9:0e:9b:54:ab:20:
78:1e:10:1f:fe:0d:9f:6d:5a:20:89:14:ff:d9:d0:
58:4d:93:3e:71:a0:fb:e1:26:ab:88:ed:85:c5:ae:
e4:31:28:74:5a:de:99:cf:dd:48:83:98:94:ff:ed:
93:85:26:dc:7d:14:7d:6b:65:1d:db:77:ff:d8:91:
49:f5:45:3d:cd:1f:37:9c:e8:84:bf:9f:51:e8:37:
f4:a0:fc:94:b1:d8:7d:b0:7f:97:48:ce:32:35:38:
96:ab:bc:29:02:ce:a0:8a:a2:d5:08:e0:a0:42:c8:
84:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:C3:25:99:67:8D:86:11:A7:F5:CF:96:AC:7B:A9:34:A1:8B:5A:67
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f38953cd-42bb-4366-8bc6-17e1a01d2f4a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:7000::/40
Signature Algorithm: sha256WithRSAEncryption
03:61:4b:18:ee:44:c1:39:22:63:60:2c:1a:76:93:48:47:e1:
62:e7:2e:06:7e:e9:63:dd:b8:0b:49:e8:15:2d:dc:6f:46:a8:
76:f0:0f:f9:39:a9:1d:19:99:93:9f:f7:e9:aa:f7:f6:8c:2e:
48:b7:11:1b:a9:bf:7a:7d:35:dd:84:d5:b0:f2:27:c4:50:00:
55:8d:e8:60:32:fe:f7:56:dd:4e:19:62:85:17:f9:4e:1e:28:
34:a6:97:3e:32:35:89:99:a5:55:28:8d:19:30:c5:3f:38:ae:
0b:fd:fa:6b:93:b2:8e:a6:96:4a:68:88:af:ce:3b:a3:b9:b1:
67:85:e5:cc:71:70:e7:4e:e0:ba:95:d3:84:6e:06:c4:a2:75:
4c:f5:7c:b6:7a:f9:5d:cc:45:06:c6:99:3a:67:95:f9:c5:9d:
98:09:c8:42:8c:ed:cb:9d:43:9e:7b:1b:b3:e0:f6:00:f5:ef:
44:35:88:0b:32:a6:ff:ec:11:3c:13:a2:8b:c7:f7:7c:df:53:
d7:71:d7:7d:63:68:b3:96:8d:1d:de:96:66:21:9a:6d:3a:9e:
03:4d:72:5f:a0:ce:42:39:fe:d4:a7:54:6c:93:4c:23:8b:ee:
16:c4:20:9f:57:1c:e6:65:18:1a:fb:50:89:76:a8:5f:26:8e:
aa:81:76:4c
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUI00J+ZB4aYYnfONij5gzk3HCxLowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyMTAwMDAyMVoX
DTI1MDQyNTIzNTk1OVowejFJMEcGA1UEBRNAYWM4NmMzNDBlZGRkOWEwYWJiMGUy
NDQ0M2YwOTc4NWFhN2M4NDJjNDFlYmFlYWVhYzIzZmQ5ZmE4YmU2ZWU0ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzQ9DxjqmNZ8G8HTEoQg5vlw0bg8
wl5WPDWLRsRio9sqbkkIzIekhIBlOFuIRAb74YqTzy4TkpF/Bihd+faY19LxFoFy
8qodWhDMc2Q2MjEs/WiMe9kYpscCfbMUJ4EdybcZGKklOabMLMr+jntq1vZYAeh/
2oTOgfCeh9LlU29p5rzGLCxg3oSc21J/3xn5DptUqyB4HhAf/g2fbVogiRT/2dBY
TZM+caD74SariO2Fxa7kMSh0Wt6Zz91Ig5iU/+2ThSbcfRR9a2Ud23f/2JFJ9UU9
zR83nOiEv59R6Df0oPyUsdh9sH+XSM4yNTiWq7wpAs6giqLVCOCgQsiEYQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAzDJZlnjYYRp/XPlqx7qTShi1pnMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2YzODk1M2NkLTQyYmItNDM2Ni04YmM2LTE3ZTFhMDFkMmY0YS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYHAwDQYJKoZIhvcNAQELBQADggEBAANhSxjuRME5ImNgLBp2
k0hH4WLnLgZ+6WPduAtJ6BUt3G9GqHbwD/k5qR0ZmZOf9+mq9/aMLki3ERupv3p9
Nd2E1bDyJ8RQAFWN6GAy/vdW3U4ZYoUX+U4eKDSmlz4yNYmZpVUojRkwxT84rgv9
+muTso6mlkpoiK/OO6O5sWeF5cxxcOdO4LqV04RuBsSidUz1fLZ6+V3MRQbGmTpn
lfnFnZgJyEKM7cudQ557G7Pg9gD170Q1iAsypv/sETwToovH93zfU9dx131jaLOW
jR3elmYhmm06ngNNcl+gzkI5/tSnVGyTTCOL7hbEIJ9XHOZlGBr7UIl2qF8mjqqB
dkw=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:42:06 2025 by rpki-client