Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/22941216-14be-40e9-a7d3-c3720399ee20.roa
File: 22941216-14be-40e9-a7d3-c3720399ee20.roa (raw, json)
Hash identifier: FoYmcyCkqUDo4VXknrhfn8OfQCmNhH3+pfBIrZZVzk4=
Subject key identifier: 86:87:BC:97:3B:ED:70:67:5F:48:C4:05:DC:8B:04:F2:4B:78:1F:0F
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 26084D878893CBA142A6CCA199C4164ED2D05655
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/22941216-14be-40e9-a7d3-c3720399ee20.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300:1088::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:08:4d:87:88:93:cb:a1:42:a6:cc:a1:99:c4:16:4e:d2:d0:56:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:fb:e8:b7:3e:6f:1f:5d:1e:b0:ad:0d:70:d7:74:
41:61:bb:d9:e6:e2:39:f4:51:f7:6e:58:ef:f0:ba:
0b:0c:11:a8:62:bd:cc:09:b1:56:16:ea:43:9f:a2:
f3:2e:db:06:98:8c:12:bb:36:2f:e7:2a:23:f1:05:
2e:9c:1b:01:21:b8:3b:77:3a:92:66:c3:90:82:e6:
c5:51:b2:ae:34:c8:b5:16:34:51:c2:8a:e9:77:72:
ef:af:a4:68:02:be:10:05:9b:b6:bc:d4:75:e3:22:
e2:34:a5:3d:91:e4:7e:9a:64:cd:ad:2d:60:d4:4b:
02:66:d9:dd:8e:be:cc:61:27:3e:e7:45:b1:34:7e:
0b:50:72:fb:23:2e:41:be:5b:ad:72:d8:b5:cd:93:
db:20:20:f5:d1:7c:a1:c6:6d:33:23:2c:71:47:ab:
0b:b9:c8:5c:35:5b:31:36:75:c2:cf:60:46:2a:f6:
a2:71:a6:8d:26:db:eb:1d:35:35:f6:0f:f7:12:a7:
88:66:99:43:02:f7:98:46:3b:2f:54:9e:cd:f8:df:
fb:ba:31:c3:86:18:40:1a:61:18:d0:1b:0f:f7:04:
b9:1a:45:09:ea:af:eb:88:8e:03:1e:de:f1:b2:27:
4f:dc:59:19:df:20:79:fc:56:96:ae:71:14:0c:71:
57:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:87:BC:97:3B:ED:70:67:5F:48:C4:05:DC:8B:04:F2:4B:78:1F:0F
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/22941216-14be-40e9-a7d3-c3720399ee20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300:1088::/48
Signature Algorithm: sha256WithRSAEncryption
5a:dd:f5:d7:83:4c:ee:77:d5:3c:ad:aa:58:2a:be:5a:dc:9d:
0e:c4:6b:00:5b:ef:97:a2:8d:e4:96:4c:4e:03:33:fb:ee:c6:
8b:96:d5:fa:d9:68:5e:9c:7a:2c:4e:fa:57:9f:cc:af:7f:81:
0e:f6:0e:09:5f:13:cd:5a:a3:76:ab:98:57:4d:3f:d6:74:04:
0b:b2:bf:7d:dc:fe:5f:6b:26:93:8b:29:60:27:d6:3c:7d:c3:
8f:3c:b0:0b:81:53:53:43:6d:d4:ef:10:bc:e3:5c:32:9a:85:
cb:fe:0e:00:fc:31:d7:e8:99:81:4c:fa:f6:40:f4:40:a4:54:
24:a7:c9:60:8c:43:6f:96:13:76:e3:b7:dd:80:84:f3:61:96:
08:80:c1:aa:4c:04:7d:ba:00:fb:fc:f5:6f:f2:4b:7e:10:fd:
34:0d:69:93:3d:2b:31:d9:04:5b:ed:49:ce:17:db:74:b7:40:
dc:d1:87:7e:28:30:92:b4:2b:17:cf:88:a1:50:47:7b:e8:f0:
6e:56:74:e4:57:c3:bf:4b:4b:4b:ed:84:c1:43:ca:0c:e6:db:
2a:23:33:e1:7e:44:50:ac:96:1e:86:f6:13:9f:97:0c:04:e0:
06:df:c0:c4:5c:b4:25:3d:e8:8a:28:aa:ce:ea:1a:d4:46:d6:
09:0a:f7:47
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUJghNh4iTy6FCpsyhmcQWTtLQVlUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNAM2Y1ODg4YjEwMzE5NTQ0NTI1M2E0
ZDA5MmNiYjcwNjVlMjU0ZGMwZDUzNTQ4MGE4ODU5MTYyOGU5NWVmMGFkZjEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA++i3Pm8fXR6wrQ1w13RBYbvZ5uI5
9FH3bljv8LoLDBGoYr3MCbFWFupDn6LzLtsGmIwSuzYv5yoj8QUunBsBIbg7dzqS
ZsOQgubFUbKuNMi1FjRRworpd3Lvr6RoAr4QBZu2vNR14yLiNKU9keR+mmTNrS1g
1EsCZtndjr7MYSc+50WxNH4LUHL7Iy5Bvlutcti1zZPbICD10Xyhxm0zIyxxR6sL
uchcNVsxNnXCz2BGKvaicaaNJtvrHTU19g/3EqeIZplDAveYRjsvVJ7N+N/7ujHD
hhhAGmEY0BsP9wS5GkUJ6q/riI4DHt7xsidP3FkZ3yB5/FaWrnEUDHFXJQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFIaHvJc77XBnX0jEBdyLBPJLeB8PMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzIyOTQxMjE2LTE0YmUtNDBlOS1hN2QzLWMzNzIwMzk5ZWUyMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAOzABCIMA0GCSqGSIb3DQEBCwUAA4IBAQBa3fXXg0zud9U8rapY
Kr5a3J0OxGsAW++Xoo3klkxOAzP77saLltX62WhenHosTvpXn8yvf4EO9g4JXxPN
WqN2q5hXTT/WdAQLsr993P5fayaTiylgJ9Y8fcOPPLALgVNTQ23U7xC841wymoXL
/g4A/DHX6JmBTPr2QPRApFQkp8lgjENvlhN247fdgITzYZYIgMGqTAR9ugD7/PVv
8kt+EP00DWmTPSsx2QRb7UnOF9t0t0Dc0Yd+KDCStCsXz4ihUEd76PBuVnTkV8O/
S0tL7YTBQ8oM5tsqIzPhfkRQrJYehvYTn5cMBOAG38DEXLQlPeiKKKrO6hrURtYJ
CvdH
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:26 2025 by rpki-client