Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f5a857aa-37d3-4869-b408-3e0070960f71.roa
File: f5a857aa-37d3-4869-b408-3e0070960f71.roa (raw, json)
Hash identifier: XYgZayMyalxWuMAwbNOUkp3A7eE7Xi19wR8dR6Y6n80=
Subject key identifier: 52:5E:D0:DF:C7:44:3D:84:DC:DC:58:4E:D4:79:1E:8B:57:5F:F8:75
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 278BA29BBA846949034E5B94669BAC930C23A475
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f5a857aa-37d3-4869-b408-3e0070960f71.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:c000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:8b:a2:9b:ba:84:69:49:03:4e:5b:94:66:9b:ac:93:0c:23:a4:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:24:33:b1:e7:64:5d:e9:e4:47:2d:e8:43:9f:
38:58:dc:40:1b:66:48:a5:02:1a:f9:0f:f1:08:f9:
43:7a:df:b4:a3:52:a1:a5:b3:32:2f:cb:d5:5d:17:
83:d0:dc:9d:82:f9:07:3e:33:a2:03:70:2c:d2:fe:
64:33:76:ea:d3:4e:c0:5b:51:18:99:93:7c:66:42:
3a:fd:21:37:7d:bf:af:21:03:2b:24:4d:ae:74:71:
55:57:29:33:e1:47:4c:ec:7f:86:21:02:59:80:d7:
eb:78:c3:e6:86:95:f6:59:da:86:3b:c6:b9:06:54:
4e:1b:5a:f0:52:5b:ed:4a:f7:0a:f2:8c:56:2e:9d:
c4:bf:33:82:cd:1d:bd:9b:fa:a3:47:45:c4:4a:1b:
0b:6e:64:a4:86:62:13:e3:60:46:d2:54:c4:3f:74:
7b:12:b5:98:f2:f4:3d:ef:4c:e1:57:b7:58:0c:0f:
7a:1c:13:de:0e:e2:df:9a:5f:21:ba:0b:34:07:06:
dc:19:95:c6:f5:71:98:70:17:7e:af:65:83:20:f8:
fa:56:43:39:6b:c4:54:82:0f:b9:78:b3:9c:ea:47:
cc:90:cb:f7:6d:82:a5:05:98:76:6a:3d:0e:ed:85:
86:ad:be:ad:7d:f1:8b:08:dd:03:c0:f5:dd:ce:53:
47:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
52:5E:D0:DF:C7:44:3D:84:DC:DC:58:4E:D4:79:1E:8B:57:5F:F8:75
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f5a857aa-37d3-4869-b408-3e0070960f71.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:c000::/40
Signature Algorithm: sha256WithRSAEncryption
49:34:bb:d0:fa:b0:be:ef:0d:cc:6a:92:1f:75:64:f5:9d:86:
ab:88:e0:cb:c9:81:32:07:82:e5:e9:cd:90:8b:d3:4b:7d:54:
ba:d9:28:06:78:d4:7b:73:c4:94:02:52:ac:9c:48:61:a6:f3:
da:4e:e2:23:d4:c3:62:f8:0c:ec:81:16:79:41:cb:ef:7c:45:
1a:0c:a0:41:02:40:5a:f4:d2:81:45:27:b3:3c:5a:63:5f:9f:
a1:76:3b:12:73:e3:20:9e:c2:ed:d6:ff:1c:cf:9f:7e:0d:fc:
7a:fa:14:1a:f5:a9:1b:88:af:d0:69:00:0b:40:37:69:58:b0:
6d:0d:83:43:85:33:24:dd:bd:b4:de:55:ca:ed:eb:86:55:0a:
a9:af:c9:86:db:f5:49:b5:e7:e3:15:e8:6e:7f:c6:09:52:e5:
25:53:f0:14:e3:00:f9:cf:11:36:77:de:ac:e2:36:70:e0:d0:
bd:cf:bd:ce:63:49:62:44:e1:a0:34:b2:10:b7:d1:eb:01:a4:
25:8b:0a:50:3c:25:8d:1b:4f:7b:48:29:06:ea:4a:38:a3:e0:
7c:10:fb:fc:e0:a0:9c:53:a1:50:e6:73:51:a8:42:88:ad:9e:
e5:58:09:3e:95:cf:23:5f:2e:d3:e8:3f:c4:30:f0:2a:63:87:
e2:ea:2b:aa
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUJ4uim7qEaUkDTluUZpuskwwjpHUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAMWQ1NmY5YjI5MWNhNDQ5MzhkZGI3
MmM1NDU1MTQyN2U0NDY2NWFiYmRkMWUxZmJiOTlkMjZjNjdiZDhhYjU4ZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SQzsedkXenkRy3oQ584WNxAG2ZI
pQIa+Q/xCPlDet+0o1KhpbMyL8vVXReD0NydgvkHPjOiA3As0v5kM3bq007AW1EY
mZN8ZkI6/SE3fb+vIQMrJE2udHFVVykz4UdM7H+GIQJZgNfreMPmhpX2WdqGO8a5
BlROG1rwUlvtSvcK8oxWLp3EvzOCzR29m/qjR0XEShsLbmSkhmIT42BG0lTEP3R7
ErWY8vQ970zhV7dYDA96HBPeDuLfml8hugs0BwbcGZXG9XGYcBd+r2WDIPj6VkM5
a8RUgg+5eLOc6kfMkMv3bYKlBZh2aj0O7YWGrb6tffGLCN0DwPXdzlNHJQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFJe0N/HRD2E3NxYTtR5HotXX/h1MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Y1YTg1N2FhLTM3ZDMtNDg2OS1iNDA4LTNlMDA3MDk2MGY3MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaacAwDQYJKoZIhvcNAQELBQADggEBAEk0u9D6sL7vDcxqkh91
ZPWdhquI4MvJgTIHguXpzZCL00t9VLrZKAZ41HtzxJQCUqycSGGm89pO4iPUw2L4
DOyBFnlBy+98RRoMoEECQFr00oFFJ7M8WmNfn6F2OxJz4yCewu3W/xzPn34N/Hr6
FBr1qRuIr9BpAAtAN2lYsG0Ng0OFMyTdvbTeVcrt64ZVCqmvyYbb9Um15+MV6G5/
xglS5SVT8BTjAPnPETZ33qziNnDg0L3Pvc5jSWJE4aA0shC30esBpCWLClA8JY0b
T3tIKQbqSjij4HwQ+/zgoJxToVDmc1GoQoitnuVYCT6VzyNfLtPoP8Qw8Cpjh+Lq
K6o=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:42:26 2025 by rpki-client