Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3fcff10-dbdb-4a68-be9a-7bdfc27ca36d.roa
File: f3fcff10-dbdb-4a68-be9a-7bdfc27ca36d.roa (raw, json)
Hash identifier: 8ExI4YLThn+BCYR/KYKvZs9mQc4gAM9WjV76DWrymfg=
Subject key identifier: 8D:8B:5F:75:98:7E:2A:5A:35:07:76:2D:02:11:8E:2C:85:C6:5D:A0
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1E880DD4EECB9203872416A76752DA78727B7854
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3fcff10-dbdb-4a68-be9a-7bdfc27ca36d.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf6:1000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:88:0d:d4:ee:cb:92:03:87:24:16:a7:67:52:da:78:72:7b:78:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:84:8e:23:c6:cf:06:9a:6c:8f:2b:12:24:01:
fa:6a:6f:03:cd:fd:b6:9f:cf:3c:bb:dd:23:56:73:
20:32:9e:8b:7b:80:19:d5:1e:71:82:3e:cb:a9:8e:
7a:72:91:11:d4:d4:2a:96:83:60:40:b7:0f:20:f0:
d3:77:04:06:8d:4d:4a:79:e3:50:f8:ae:b7:af:37:
10:f6:5e:55:ab:cd:9b:de:ff:62:21:df:f5:45:fc:
be:1c:6c:05:a2:e2:f6:66:d7:a5:0e:35:5e:ac:85:
62:57:c7:5d:fb:77:da:f4:ba:80:1a:c5:4f:cc:6a:
e7:dc:a3:3d:6c:75:c4:4c:03:8f:2c:fb:d3:e5:e5:
c4:89:7e:4d:ae:f4:42:fa:6c:fb:c8:c8:c4:a9:4f:
ce:52:c0:23:ca:d0:e7:58:55:99:4e:90:51:5c:9b:
40:e0:6a:c3:7d:46:23:e4:fe:03:fa:05:4d:95:1e:
3e:58:8f:44:48:5f:ed:92:7d:a6:93:93:f0:b9:2f:
da:96:41:e8:24:96:85:e6:4c:37:a5:02:9a:8f:14:
21:1f:48:5b:f3:5f:83:19:20:a9:d8:c7:fe:ac:a1:
ac:61:59:6d:38:0a:95:1e:57:6b:be:72:ae:11:d8:
51:ee:d9:a3:14:a1:31:b7:8b:83:63:ac:49:0d:96:
cb:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:8B:5F:75:98:7E:2A:5A:35:07:76:2D:02:11:8E:2C:85:C6:5D:A0
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f3fcff10-dbdb-4a68-be9a-7bdfc27ca36d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf6:1000::/40
Signature Algorithm: sha256WithRSAEncryption
77:a6:05:21:2e:34:3a:0b:40:74:c3:00:4e:a0:16:a0:cc:51:
0f:7b:04:05:43:4e:12:75:51:27:28:81:45:c1:31:08:4e:0d:
08:4e:be:b2:79:e2:1b:b0:5b:05:9b:ed:9c:6a:d0:ee:92:75:
32:bf:c7:f0:1e:ae:40:2f:9c:b3:c8:93:e3:71:2b:a0:95:c5:
bd:88:d0:88:7c:fe:b4:ac:d1:42:9e:99:b1:9d:2b:94:80:2c:
bd:d6:ae:77:ae:1e:8e:7a:ed:ec:d3:9b:05:b4:b4:3b:11:ca:
73:0f:04:40:02:46:88:06:50:50:d9:24:23:22:4a:ce:15:53:
84:7f:5d:2c:cf:e8:85:69:d8:ca:1a:0e:ea:b7:59:a1:77:80:
20:77:95:8b:fd:01:1c:05:09:44:2b:58:d6:01:cc:23:03:e5:
20:68:c0:3e:60:e5:f8:fa:13:3c:e5:0a:bb:50:7f:75:d4:64:
00:29:7f:89:b1:bb:a7:ab:20:2f:1b:56:bb:d5:62:7e:d7:33:
b4:ac:62:03:f6:95:3a:7a:0a:cb:e4:5e:c7:81:df:9c:79:61:
fb:00:5b:ba:b4:12:34:85:42:bd:ed:5e:03:24:8b:c5:a6:8a:
2e:c3:39:32:c4:26:85:72:17:20:b6:8e:25:f8:88:7b:06:72:
b6:22:cb:7d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUHogN1O7LkgOHJBanZ1LaeHJ7eFQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNzAwMDAwMFoX
DTI1MDEyMTIzNTk1OVowejFJMEcGA1UEBRNAOTM1N2FhOTU5MTM1YjM5Y2I0YjRl
ZWYzZmM4OGI4M2MzNTgxZDJhZGQ3MTM5MWI1MzZlZTMwNzBhNmJlMmMzYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqISOI8bPBppsjysSJAH6am8Dzf22
n888u90jVnMgMp6Le4AZ1R5xgj7LqY56cpER1NQqloNgQLcPIPDTdwQGjU1KeeNQ
+K63rzcQ9l5Vq82b3v9iId/1Rfy+HGwFouL2ZtelDjVerIViV8dd+3fa9LqAGsVP
zGrn3KM9bHXETAOPLPvT5eXEiX5NrvRC+mz7yMjEqU/OUsAjytDnWFWZTpBRXJtA
4GrDfUYj5P4D+gVNlR4+WI9ESF/tkn2mk5PwuS/alkHoJJaF5kw3pQKajxQhH0hb
81+DGSCp2Mf+rKGsYVltOAqVHldrvnKuEdhR7tmjFKExt4uDY6xJDZbL0wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFI2LX3WYfipaNQd2LQIRjiyFxl2gMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2YzZmNmZjEwLWRiZGItNGE2OC1iZTlhLTdiZGZjMjdjYTM2ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9hAwDQYJKoZIhvcNAQELBQADggEBAHemBSEuNDoLQHTDAE6g
FqDMUQ97BAVDThJ1UScogUXBMQhODQhOvrJ54huwWwWb7Zxq0O6SdTK/x/AerkAv
nLPIk+NxK6CVxb2I0Ih8/rSs0UKembGdK5SALL3WrneuHo567ezTmwW0tDsRynMP
BEACRogGUFDZJCMiSs4VU4R/XSzP6IVp2MoaDuq3WaF3gCB3lYv9ARwFCUQrWNYB
zCMD5SBowD5g5fj6EzzlCrtQf3XUZAApf4mxu6erIC8bVrvVYn7XM7SsYgP2lTp6
CsvkXseB35x5YfsAW7q0EjSFQr3tXgMki8Wmii7DOTLEJoVyFyC2jiX4iHsGcrYi
y30=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:38:26 2025 by rpki-client