Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/7ec71d95-427c-491b-a7cc-55afd17c6f55.roa
File: 7ec71d95-427c-491b-a7cc-55afd17c6f55.roa (raw, json)
Hash identifier: XXce+lqRnCor2ySlcrxOSTxdFfvEcvZfMooszvHJW7Q=
Subject key identifier: 92:48:D6:B6:91:67:93:6A:5B:42:9A:6C:14:91:63:C6:60:E1:73:82
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 3FFAF6E238C42393E96CCC31A581446B9CB3F90E
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/7ec71d95-427c-491b-a7cc-55afd17c6f55.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300:108c::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:fa:f6:e2:38:c4:23:93:e9:6c:cc:31:a5:81:44:6b:9c:b3:f9:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:49:4e:c1:f1:80:77:aa:26:b8:ae:2d:44:8d:
eb:bc:19:b7:a5:93:95:31:a1:d0:75:b8:c2:24:37:
5e:e7:5c:c8:91:5b:ca:5b:e5:21:61:86:38:91:6d:
ac:7b:dc:e6:4f:4f:46:1d:cd:81:91:70:f8:0a:61:
eb:07:e2:49:ce:4f:6f:79:50:8d:64:9a:ce:7b:f1:
57:f3:46:df:fb:70:a4:b6:fd:ed:30:de:91:a5:02:
64:94:76:01:99:1e:f4:fb:4f:8d:c3:5d:73:2d:18:
50:6c:18:8a:31:96:73:0d:be:20:43:f9:aa:73:4b:
be:f8:d0:1b:b8:c2:38:1c:7b:4a:a5:d9:19:6d:64:
23:31:54:a9:a7:fb:c3:54:97:b0:d6:06:59:86:a9:
b2:59:f0:fb:72:82:4d:46:90:d2:4f:75:68:0e:2e:
b4:9b:5c:75:49:bc:d7:20:bb:89:d5:d7:32:4d:5c:
ef:79:a8:b8:1c:dd:a5:3f:19:7f:53:5f:7a:f0:66:
84:dd:f8:99:39:9e:86:0c:43:8b:54:e8:33:31:6f:
a1:ae:1f:c1:86:89:80:6e:df:c7:7d:50:71:d9:db:
8f:c7:e1:1d:50:8f:6b:d2:72:6c:7c:7d:23:0f:ac:
79:d2:e0:2b:8a:e9:28:87:f1:8a:9a:7a:b9:80:17:
ce:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:48:D6:B6:91:67:93:6A:5B:42:9A:6C:14:91:63:C6:60:E1:73:82
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/7ec71d95-427c-491b-a7cc-55afd17c6f55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300:108c::/48
Signature Algorithm: sha256WithRSAEncryption
02:ca:47:c7:f7:85:fe:5c:cb:df:27:c3:89:7b:47:f3:66:fa:
bf:a1:9e:04:ea:14:9f:96:97:5a:90:81:64:63:45:4f:f9:89:
90:4d:7d:a3:9b:0c:f9:04:35:d8:37:84:54:8a:dc:a6:a7:fd:
cd:83:0c:a8:21:6a:d2:7d:3a:57:59:41:b7:dc:3c:2f:f8:ba:
02:63:b8:5b:4b:61:36:c2:75:d4:d5:e8:76:04:40:3a:bd:40:
60:84:55:81:e2:e9:c0:d5:c7:16:c9:df:c2:cc:ff:e8:e4:36:
4d:02:eb:14:fe:19:86:47:63:80:8f:e1:b9:df:16:e5:54:bd:
e7:cb:0d:0e:09:94:12:89:31:3e:ee:fc:a9:87:f5:9f:ec:09:
fa:8b:aa:77:60:e5:1a:58:16:f9:e5:ab:a0:75:5d:f4:64:44:
53:d6:c3:2d:98:4a:98:f7:06:83:6d:fc:cf:92:72:b2:65:84:
a2:2f:63:b9:92:db:6e:42:6e:c0:fb:da:f5:1f:14:f6:32:e0:
78:5d:f1:62:08:4f:80:a7:11:72:2d:0f:71:c1:5f:45:f0:f0:
6e:d5:52:40:a9:95:12:31:3f:c2:a3:1c:62:6d:ff:0c:7b:8a:
b5:4a:99:9c:59:dd:7f:0d:c5:f5:2c:28:2b:c9:0d:77:30:ab:
03:a5:7e:ce
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUP/r24jjEI5PpbMwxpYFEa5yz+Q4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNAYzg2ZjAzNTdmMzVkMzMzYjlkNDll
MGY4YTc4NWYxMjNmMzg5YWVhZWU0YTc2NjI1ZWEyNmMwODk5YWNjNjZhMzEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0lOwfGAd6omuK4tRI3rvBm3pZOV
MaHQdbjCJDde51zIkVvKW+UhYYY4kW2se9zmT09GHc2BkXD4CmHrB+JJzk9veVCN
ZJrOe/FX80bf+3Cktv3tMN6RpQJklHYBmR70+0+Nw11zLRhQbBiKMZZzDb4gQ/mq
c0u++NAbuMI4HHtKpdkZbWQjMVSpp/vDVJew1gZZhqmyWfD7coJNRpDST3VoDi60
m1x1SbzXILuJ1dcyTVzveai4HN2lPxl/U1968GaE3fiZOZ6GDEOLVOgzMW+hrh/B
homAbt/HfVBx2duPx+EdUI9r0nJsfH0jD6x50uAriukoh/GKmnq5gBfO4wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJJI1raRZ5NqW0KabBSRY8Zg4XOCMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzdlYzcxZDk1LTQyN2MtNDkxYi1hN2NjLTU1YWZkMTdjNmY1NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAOzABCMMA0GCSqGSIb3DQEBCwUAA4IBAQACykfH94X+XMvfJ8OJ
e0fzZvq/oZ4E6hSflpdakIFkY0VP+YmQTX2jmwz5BDXYN4RUitymp/3NgwyoIWrS
fTpXWUG33Dwv+LoCY7hbS2E2wnXU1eh2BEA6vUBghFWB4unA1ccWyd/CzP/o5DZN
AusU/hmGR2OAj+G53xblVL3nyw0OCZQSiTE+7vyph/Wf7An6i6p3YOUaWBb55aug
dV30ZERT1sMtmEqY9waDbfzPknKyZYSiL2O5kttuQm7A+9r1HxT2MuB4XfFiCE+A
pxFyLQ9xwV9F8PBu1VJAqZUSMT/Coxxibf8Me4q1SpmcWd1/DcX1LCgryQ13MKsD
pX7O
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:52:58 2025 by rpki-client