Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffb2df5f-aea0-4592-8143-5d55a0a6b1cc.roa
File: ffb2df5f-aea0-4592-8143-5d55a0a6b1cc.roa (raw, json)
Hash identifier: TE7Y4Sqt1mV4vQ7WNOpiMNbSrw/BfzGaAlQQtslaMTg=
Subject key identifier: 9B:EE:3C:01:CC:A4:54:49:0B:CB:3D:D3:17:84:FA:EE:52:AD:8B:6B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 79760AF80E74FFF19491D63E7A04C59AEFA0ECB3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffb2df5f-aea0-4592-8143-5d55a0a6b1cc.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
79:76:0a:f8:0e:74:ff:f1:94:91:d6:3e:7a:04:c5:9a:ef:a0:ec:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:7f:76:b0:f3:18:39:c4:0a:44:40:8a:6f:da:
ed:f5:58:02:50:e4:6e:b6:3c:2a:ae:9a:5e:06:ff:
f9:bb:68:15:13:35:f3:52:5b:f6:e5:20:0a:5d:70:
af:d7:de:ad:3d:9b:d2:ef:80:8d:c5:d5:f7:2a:fc:
02:d4:b1:ae:8e:2a:39:e3:48:0a:79:4a:bc:7a:ce:
d1:4c:19:15:32:22:bf:7d:22:5a:00:33:34:12:79:
da:5b:ea:14:90:a6:58:0f:2f:99:f9:3f:a3:39:09:
5a:2a:48:d2:37:c5:d5:9f:1f:3a:12:86:9b:0a:bc:
d0:0d:31:f5:da:07:2c:9d:53:1c:18:a9:23:5a:78:
a5:98:78:6e:e1:11:a4:ba:26:eb:b7:63:32:a3:5c:
cc:f5:08:3e:e6:94:14:1d:dc:aa:a1:6d:67:40:c6:
15:03:6a:28:9d:4a:85:4f:32:ab:89:a8:9e:e6:14:
a8:89:63:f1:21:00:90:67:cf:62:e6:89:a9:99:18:
da:c5:96:e5:03:c9:36:d5:d7:91:1b:ee:6f:44:76:
99:1b:d0:e8:2b:54:0d:c2:b7:90:dd:ce:67:a7:48:
46:3e:ed:71:76:4c:f0:8b:1e:1e:84:bc:c4:e4:14:
6c:3d:e0:40:4c:c7:c7:05:38:ca:76:33:cb:a5:f9:
9c:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:EE:3C:01:CC:A4:54:49:0B:CB:3D:D3:17:84:FA:EE:52:AD:8B:6B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ffb2df5f-aea0-4592-8143-5d55a0a6b1cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:2000::/40
Signature Algorithm: sha256WithRSAEncryption
23:04:38:7c:5d:73:08:8a:b2:a1:8a:18:3b:e8:7d:20:00:08:
ac:f0:c7:92:8a:35:9a:4a:ec:74:e8:f2:42:a6:6b:b3:50:3f:
1f:1d:df:af:67:8b:da:ea:e5:4d:06:76:83:d5:4a:98:bd:11:
7c:ce:06:5d:d3:f8:c0:89:58:84:d0:47:ec:48:7b:0c:ed:a4:
62:f4:da:50:e1:c6:47:bb:b2:bc:08:8d:d2:32:78:6c:18:f0:
40:45:0b:f7:13:b4:c3:dd:d9:bf:4e:76:1c:54:d7:15:46:d8:
b6:e7:df:51:69:3e:5f:f7:06:d6:ae:06:b0:32:4a:b4:c6:b0:
ef:82:a8:e8:30:79:93:2b:31:34:0f:49:62:f6:c4:57:ab:58:
02:4c:e8:56:1b:86:7c:b8:14:d5:aa:30:00:75:d0:b4:49:ba:
b3:63:96:61:56:ec:65:6e:b6:a5:8b:f5:d2:94:74:a8:96:16:
0f:ff:9b:e5:a1:48:02:f0:f1:12:93:13:03:1b:07:51:6c:65:
94:51:1c:15:68:56:81:5c:ce:69:fd:a2:53:98:cd:2e:ec:b0:
86:f5:51:bc:98:1f:e4:eb:e1:8c:a5:3d:0e:11:7b:f0:2f:ec:
2b:ee:e9:ad:d0:04:26:ba:64:42:c7:f3:1a:09:50:d9:c7:62:
cc:d7:b0:c1
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUeXYK+A50//GUkdY+egTFmu+g7LMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNANTVkNDczZjIwYTNhN2QwMzM5MjQx
MjQ4NzRlZjkxOWYwZDBjZGEyNThiMTg3MGI1NzcxZDMyMDhkZGYwMThiNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv392sPMYOcQKRECKb9rt9VgCUORu
tjwqrppeBv/5u2gVEzXzUlv25SAKXXCv196tPZvS74CNxdX3KvwC1LGujio540gK
eUq8es7RTBkVMiK/fSJaADM0EnnaW+oUkKZYDy+Z+T+jOQlaKkjSN8XVnx86Eoab
CrzQDTH12gcsnVMcGKkjWnilmHhu4RGkuibrt2Myo1zM9Qg+5pQUHdyqoW1nQMYV
A2oonUqFTzKriaie5hSoiWPxIQCQZ89i5ompmRjaxZblA8k21deRG+5vRHaZG9Do
K1QNwreQ3c5np0hGPu1xdkzwix4ehLzE5BRsPeBATMfHBTjKdjPLpfmcPwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJvuPAHMpFRJC8s90xeE+u5SrYtrMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZmYjJkZjVmLWFlYTAtNDU5Mi04MTQzLTVkNTVhMGE2YjFjYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYSAwDQYJKoZIhvcNAQELBQADggEBACMEOHxdcwiKsqGKGDvo
fSAACKzwx5KKNZpK7HTo8kKma7NQPx8d369ni9rq5U0GdoPVSpi9EXzOBl3T+MCJ
WITQR+xIewztpGL02lDhxke7srwIjdIyeGwY8EBFC/cTtMPd2b9OdhxU1xVG2Lbn
31FpPl/3BtauBrAySrTGsO+CqOgweZMrMTQPSWL2xFerWAJM6FYbhny4FNWqMAB1
0LRJurNjlmFW7GVutqWL9dKUdKiWFg//m+WhSALw8RKTEwMbB1FsZZRRHBVoVoFc
zmn9olOYzS7ssIb1UbyYH+Tr4YylPQ4Re/Av7Cvu6a3QBCa6ZELH8xoJUNnHYszX
sME=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:54:49 2025 by rpki-client