Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/037679cc-778a-417e-add9-45a9bf4f8fbc.roa
File: 037679cc-778a-417e-add9-45a9bf4f8fbc.roa (raw, json)
Hash identifier: fj9/49d3V2xA+cDUnKIUymeZgJF2f0/fbn2FMPSmxpw=
Subject key identifier: A3:80:28:3A:C7:CF:04:1E:A8:DC:26:D5:6C:DA:F7:A0:A7:7C:CF:3E
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 40BD4F4C903B2AD547485C69C6705681C5FEEC79
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/037679cc-778a-417e-add9-45a9bf4f8fbc.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300:10b8::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
40:bd:4f:4c:90:3b:2a:d5:47:48:5c:69:c6:70:56:81:c5:fe:ec:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:39:65:88:5e:06:d2:96:89:82:7f:b8:5d:52:
8d:79:78:bb:ea:24:cc:15:61:c8:79:1f:77:01:3c:
6c:07:e9:d8:d3:10:54:7c:ee:b5:4c:4c:43:a3:17:
bb:15:49:f9:30:de:fe:05:4e:67:ce:cd:76:f9:ba:
28:80:b7:81:9f:d5:a1:24:4e:07:11:61:38:88:19:
88:92:8a:70:03:6a:2e:fc:c6:d2:cd:e9:9d:6d:cb:
cc:c1:77:bb:c2:ce:5f:8a:d8:67:47:28:04:53:af:
d6:8c:99:4a:49:35:11:97:ba:e2:79:c9:f9:bd:34:
82:68:31:4b:0e:c9:fb:14:5d:75:52:54:6a:2c:0d:
44:23:a0:1c:d0:09:09:73:32:e0:5c:68:ef:0a:50:
f7:b2:5a:a4:91:7c:66:0f:1c:56:b4:2d:b4:3a:de:
23:5f:7d:9e:41:d7:9f:1c:62:1d:eb:03:b7:9d:06:
f2:7e:55:4d:67:22:3c:54:82:9e:c5:fe:a8:7e:15:
c0:b7:7d:bc:f1:22:24:5b:32:12:ad:55:be:52:15:
52:9a:d3:09:13:5c:d6:0b:2a:50:10:60:84:ed:7c:
17:86:08:f0:46:a3:b6:29:32:5d:2f:9f:95:0f:52:
0b:f2:7d:a1:2e:03:98:e0:23:96:86:07:a8:9b:46:
d7:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:80:28:3A:C7:CF:04:1E:A8:DC:26:D5:6C:DA:F7:A0:A7:7C:CF:3E
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/037679cc-778a-417e-add9-45a9bf4f8fbc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300:10b8::/48
Signature Algorithm: sha256WithRSAEncryption
6d:7d:c0:33:c4:11:34:b4:db:ad:9c:93:d5:24:c0:35:2a:f9:
f3:14:72:59:f1:9e:ef:84:69:72:f8:ad:79:2f:0c:a7:63:c7:
34:48:00:c4:95:97:ce:d0:65:1a:bb:94:fb:1c:a9:ff:0a:5e:
0a:e2:96:1b:14:71:1e:ee:14:a9:34:35:3f:50:65:30:f7:99:
4b:95:d4:2b:19:e4:56:85:52:4f:85:32:d9:0f:72:f4:5d:d4:
16:7d:df:a5:0b:cb:00:de:ec:f2:8a:fd:74:8f:c0:15:ff:fb:
88:dc:34:1d:56:e4:25:ae:50:82:d2:aa:25:d9:aa:96:d8:5f:
23:b4:af:28:2e:fb:78:b5:67:72:a8:c4:ae:ad:68:a1:57:76:
6e:08:51:69:ab:30:86:bd:08:84:0c:3e:da:5a:0b:1e:5e:df:
81:a4:26:36:0f:12:16:03:4a:0a:5b:74:ad:38:53:1d:07:b9:
98:8b:5e:89:7b:c9:9a:84:64:77:b8:d7:7b:89:36:a0:91:79:
8c:36:03:15:75:3b:64:ee:59:8e:d3:a2:7c:8d:b1:f4:82:86:
50:f9:a9:5d:1d:b5:a2:6f:68:ce:80:60:68:c8:60:8c:0d:e9:
32:ce:f7:73:ec:5e:d9:4d:6c:aa:2a:fe:4f:0f:a5:09:09:0d:
fb:47:f0:d8
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUQL1PTJA7KtVHSFxpxnBWgcX+7HkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNANzYwYTEwZTRkOTQzOWY0ZGIxNDY3
Mzg5OWJlZDhkODc4MmY0Zjk0YjZmNDEyNmE5MTJkNDBiZmUzY2I4NGRjNTEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxDlliF4G0paJgn+4XVKNeXi76iTM
FWHIeR93ATxsB+nY0xBUfO61TExDoxe7FUn5MN7+BU5nzs12+boogLeBn9WhJE4H
EWE4iBmIkopwA2ou/MbSzemdbcvMwXe7ws5fithnRygEU6/WjJlKSTURl7riecn5
vTSCaDFLDsn7FF11UlRqLA1EI6Ac0AkJczLgXGjvClD3slqkkXxmDxxWtC20Ot4j
X32eQdefHGId6wO3nQbyflVNZyI8VIKexf6ofhXAt3288SIkWzISrVW+UhVSmtMJ
E1zWCypQEGCE7XwXhgjwRqO2KTJdL5+VD1IL8n2hLgOY4COWhgeom0bXtQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKOAKDrHzwQeqNwm1Wza96CnfM8+MB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzAzNzY3OWNjLTc3OGEtNDE3ZS1hZGQ5LTQ1YTliZjRmOGZiYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAOzABC4MA0GCSqGSIb3DQEBCwUAA4IBAQBtfcAzxBE0tNutnJPV
JMA1KvnzFHJZ8Z7vhGly+K15LwynY8c0SADElZfO0GUau5T7HKn/Cl4K4pYbFHEe
7hSpNDU/UGUw95lLldQrGeRWhVJPhTLZD3L0XdQWfd+lC8sA3uzyiv10j8AV//uI
3DQdVuQlrlCC0qol2aqW2F8jtK8oLvt4tWdyqMSurWihV3ZuCFFpqzCGvQiEDD7a
WgseXt+BpCY2DxIWA0oKW3StOFMdB7mYi16Je8mahGR3uNd7iTagkXmMNgMVdTtk
7lmO06J8jbH0goZQ+aldHbWib2jOgGBoyGCMDekyzvdz7F7ZTWyqKv5PD6UJCQ37
R/DY
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:04:08 2025 by rpki-client