Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/59860ec1-5f08-4648-8fa9-79f2bbf2ec8d.roa
File: 59860ec1-5f08-4648-8fa9-79f2bbf2ec8d.roa (raw, json)
Hash identifier: b4j+uJEwhnZ/4cu2XVReH2CQucrSV5fJmUkhudvpW7E=
Subject key identifier: 8D:EB:69:5B:BB:E0:B0:44:93:DE:9C:00:20:CD:C1:9C:D5:45:A7:A2
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 28F4B5F322297D06E2E8124602C7EF79A1DF5E06
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/59860ec1-5f08-4648-8fa9-79f2bbf2ec8d.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300:1004::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:f4:b5:f3:22:29:7d:06:e2:e8:12:46:02:c7:ef:79:a1:df:5e:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:a0:a3:0f:e4:68:c3:ec:da:15:7b:ce:aa:cf:
ab:aa:d5:eb:96:28:20:73:61:ae:a9:fe:5d:70:5f:
b6:e8:84:45:ff:42:48:4b:49:d9:1a:80:7f:a6:14:
74:05:16:60:3b:51:8a:bd:02:0b:24:8c:7a:8f:3c:
80:73:dc:15:3d:d7:6b:96:22:0b:22:1e:e4:97:52:
cb:e1:fd:f8:7d:51:80:df:58:a7:b3:af:f8:3e:5b:
02:21:66:24:71:b6:9b:07:88:68:33:c2:dd:82:18:
7f:5f:22:59:ea:a1:4c:71:dd:c9:e4:e3:63:98:bc:
5f:96:af:90:84:5e:f1:5c:7f:4e:7f:20:9b:0b:98:
31:60:68:69:f1:3e:df:7f:f6:46:b9:3c:b7:38:80:
3f:ec:df:e4:6f:7c:d8:ce:06:11:ca:4d:d9:9a:48:
29:12:52:d4:4a:58:05:05:d4:42:45:13:e5:68:4f:
90:d2:6b:d9:b9:09:a7:f4:10:de:e6:22:28:df:33:
05:00:36:a6:75:73:f1:7e:80:02:0b:92:d1:5f:ba:
18:24:74:9a:10:64:b5:4b:4f:03:a2:0a:9f:d3:63:
93:9b:91:2e:b5:3c:e2:3a:1e:d6:b8:16:6d:92:1e:
54:55:9e:00:a8:22:f3:9d:23:f0:42:08:52:f3:2d:
4f:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:EB:69:5B:BB:E0:B0:44:93:DE:9C:00:20:CD:C1:9C:D5:45:A7:A2
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/59860ec1-5f08-4648-8fa9-79f2bbf2ec8d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300:1004::/48
Signature Algorithm: sha256WithRSAEncryption
72:43:6f:fc:7e:6c:ce:c1:b4:56:8a:86:21:82:28:17:2a:d8:
40:81:00:73:d7:8a:98:be:45:e1:2a:e8:13:22:6e:55:d6:7f:
74:a2:64:01:4b:00:19:b2:01:90:bb:f5:24:3b:b1:e3:15:dc:
c1:be:54:dc:35:6d:6f:84:68:c2:21:ba:c8:cc:e5:73:96:b7:
63:e7:83:d3:14:7b:9a:1a:74:ea:87:66:d6:40:e8:4f:65:3a:
e6:65:9e:ed:1d:de:e4:11:78:4f:c7:8e:3d:ae:3e:95:4f:21:
17:1a:d2:a2:b3:13:1d:cd:95:b0:d7:67:20:d6:09:1b:d2:3d:
c7:78:87:bc:c8:d6:85:59:b2:94:7b:40:1b:ab:11:5d:cf:c2:
6f:e5:17:48:5f:fb:19:0b:20:20:a6:53:05:97:f4:c0:52:09:
6d:c3:78:5d:80:de:1a:12:30:bc:4e:2b:85:4e:2b:4c:28:c9:
3e:2c:81:54:d3:f4:75:0f:ee:e8:d6:65:40:05:a1:f2:2c:05:
ca:c6:b8:df:1f:a8:d8:4b:20:85:6e:3f:25:d2:2f:77:e8:4f:
00:db:49:00:aa:c5:10:e3:82:f6:c8:dc:89:4c:c6:d9:0d:8c:
47:d1:0c:3e:6e:bc:e9:31:58:26:d6:79:d9:8c:2a:a8:a7:54:
30:1b:3b:8e
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUKPS18yIpfQbi6BJGAsfveaHfXgYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNANGIxNWViODY5MmFhYTQxZGQ0ZTVi
Y2NmZTU2ZDRiYTA2Yzc5YzA1Yjk1M2FjNDllZjE0ZTljM2IxM2U1YmIwNTEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtaCjD+Row+zaFXvOqs+rqtXrligg
c2Guqf5dcF+26IRF/0JIS0nZGoB/phR0BRZgO1GKvQILJIx6jzyAc9wVPddrliIL
Ih7kl1LL4f34fVGA31ins6/4PlsCIWYkcbabB4hoM8Ldghh/XyJZ6qFMcd3J5ONj
mLxflq+QhF7xXH9OfyCbC5gxYGhp8T7ff/ZGuTy3OIA/7N/kb3zYzgYRyk3Zmkgp
ElLUSlgFBdRCRRPlaE+Q0mvZuQmn9BDe5iIo3zMFADamdXPxfoACC5LRX7oYJHSa
EGS1S08Dogqf02OTm5EutTziOh7WuBZtkh5UVZ4AqCLznSPwQghS8y1PTQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFI3raVu74LBEk96cACDNwZzVRaeiMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzU5ODYwZWMxLTVmMDgtNDY0OC04ZmE5LTc5ZjJiYmYyZWM4ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAOzABAEMA0GCSqGSIb3DQEBCwUAA4IBAQByQ2/8fmzOwbRWioYh
gigXKthAgQBz14qYvkXhKugTIm5V1n90omQBSwAZsgGQu/UkO7HjFdzBvlTcNW1v
hGjCIbrIzOVzlrdj54PTFHuaGnTqh2bWQOhPZTrmZZ7tHd7kEXhPx449rj6VTyEX
GtKisxMdzZWw12cg1gkb0j3HeIe8yNaFWbKUe0AbqxFdz8Jv5RdIX/sZCyAgplMF
l/TAUgltw3hdgN4aEjC8TiuFTitMKMk+LIFU0/R1D+7o1mVABaHyLAXKxrjfH6jY
SyCFbj8l0i936E8A20kAqsUQ44L2yNyJTMbZDYxH0Qw+brzpMVgm1nnZjCqop1Qw
GzuO
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:35:02 2025 by rpki-client