Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/e1c8ca39-fe1f-44c7-802a-b0dc7fdb5616.roa
File: e1c8ca39-fe1f-44c7-802a-b0dc7fdb5616.roa (raw, json)
Hash identifier: JBFErqrWhSvVpnqittWJebldVuJmVdK5LyHgtdQOLA4=
Subject key identifier: F0:46:66:72:CE:C9:6E:25:B8:0E:7E:E8:84:01:45:32:D4:14:D2:B2
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 6836950A4129A9BE837F1A2ABB36E8E56C2C1E75
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/e1c8ca39-fe1f-44c7-802a-b0dc7fdb5616.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300:10bc::/48 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:36:95:0a:41:29:a9:be:83:7f:1a:2a:bb:36:e8:e5:6c:2c:1e:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:dc:ce:27:d4:d1:a2:2d:75:4c:04:e2:15:f8:
44:1a:7e:22:c5:93:fa:7a:2e:be:39:55:95:62:32:
03:89:75:ec:95:b1:9b:52:37:dc:9f:35:a6:82:25:
49:f2:ef:3b:7f:03:4d:1f:ef:36:bd:e8:78:df:14:
6d:8e:63:3d:8c:dd:09:81:6d:08:a2:63:6c:4c:81:
5c:1e:bb:f7:a7:d0:8c:d4:98:0d:8d:bf:81:2f:f0:
25:6b:c4:b5:87:3c:5a:f7:2a:24:22:a2:8d:2d:b5:
ec:e2:82:35:bf:76:6f:f0:86:03:16:4e:ad:21:7a:
ad:a8:07:51:2c:79:f1:10:10:90:22:bb:f4:e7:ba:
5d:64:09:7b:29:59:57:40:1f:5e:4c:b4:e2:65:7a:
ee:c2:76:50:cb:16:c1:92:38:f2:12:03:2d:9d:72:
13:da:dd:1c:e4:b7:35:b7:53:c2:c0:7a:34:8c:e3:
ca:39:01:23:6f:2f:1e:96:a8:8a:fc:b4:b4:7b:b0:
4b:cb:01:76:76:c5:d4:c7:b7:33:6e:20:4d:db:db:
dc:1a:f2:25:d3:a5:e9:22:5f:d3:3f:6e:80:69:0e:
6b:35:a0:f5:ca:a6:26:f8:fd:c4:e6:e7:59:bb:9c:
cc:2c:45:4f:5d:d9:d1:18:1b:a5:90:60:b2:de:90:
1b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:46:66:72:CE:C9:6E:25:B8:0E:7E:E8:84:01:45:32:D4:14:D2:B2
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/e1c8ca39-fe1f-44c7-802a-b0dc7fdb5616.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300:10bc::/48
Signature Algorithm: sha256WithRSAEncryption
8c:ed:11:fe:5c:fd:ee:a1:23:cb:73:42:27:d9:d0:27:30:d1:
9e:ed:23:48:4e:da:c0:8b:94:8b:54:69:62:1a:76:47:f5:e6:
cf:7d:81:98:e4:15:b8:21:90:e1:eb:a5:39:85:40:fb:ea:bd:
85:57:2a:c9:66:a4:11:a4:3f:49:7d:04:cc:84:25:fe:9d:65:
ea:b1:80:47:d9:9f:8c:72:35:91:aa:92:aa:2a:4e:15:74:74:
94:eb:68:2b:15:bb:25:da:7a:fc:4d:b4:13:d2:e5:a7:1b:da:
81:96:a2:55:95:de:1e:56:18:80:ac:ac:35:2e:3e:2e:24:04:
e1:87:5d:9b:1a:c6:83:80:13:4a:ef:e1:85:6a:9d:82:cc:aa:
8e:8d:b5:20:e3:cf:88:b7:85:3c:11:41:29:6c:66:4b:f6:5a:
90:5f:97:6a:d7:ad:66:5b:4a:28:a4:38:49:43:86:e7:64:3d:
30:eb:68:46:0f:92:fd:37:c2:5d:44:70:e7:28:d9:04:f7:72:
a8:61:fd:74:94:bd:60:08:b9:59:c0:b4:03:c3:1b:80:49:e4:
24:6a:c5:1e:4d:4f:c0:67:55:2e:c7:a0:1c:ac:b7:b8:fb:ab:
8f:9b:3a:2c:b6:7b:06:ee:e5:9c:c0:fd:58:80:5d:78:b2:48:
52:15:5e:b9
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUaDaVCkEpqb6Dfxoquzbo5WwsHnUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNAZTcxMDA2MDZjMDM4OTRlYmZjYmYy
YTRlMDQ4MmYxOGYwM2EwYmQ1OTA5MjRhZTMxOGQyNWYzMDQ3NTQ4MGU3MzEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA09zOJ9TRoi11TATiFfhEGn4ixZP6
ei6+OVWVYjIDiXXslbGbUjfcnzWmgiVJ8u87fwNNH+82veh43xRtjmM9jN0JgW0I
omNsTIFcHrv3p9CM1JgNjb+BL/Ala8S1hzxa9yokIqKNLbXs4oI1v3Zv8IYDFk6t
IXqtqAdRLHnxEBCQIrv057pdZAl7KVlXQB9eTLTiZXruwnZQyxbBkjjyEgMtnXIT
2t0c5Lc1t1PCwHo0jOPKOQEjby8elqiK/LS0e7BLywF2dsXUx7czbiBN29vcGvIl
06XpIl/TP26AaQ5rNaD1yqYm+P3E5udZu5zMLEVPXdnRGBulkGCy3pAb2wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPBGZnLOyW4luA5+6IQBRTLUFNKyMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
L2UxYzhjYTM5LWZlMWYtNDRjNy04MDJhLWIwZGM3ZmRiNTYxNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAOzABC8MA0GCSqGSIb3DQEBCwUAA4IBAQCM7RH+XP3uoSPLc0In
2dAnMNGe7SNITtrAi5SLVGliGnZH9ebPfYGY5BW4IZDh66U5hUD76r2FVyrJZqQR
pD9JfQTMhCX+nWXqsYBH2Z+McjWRqpKqKk4VdHSU62grFbsl2nr8TbQT0uWnG9qB
lqJVld4eVhiArKw1Lj4uJAThh12bGsaDgBNK7+GFap2CzKqOjbUg48+It4U8EUEp
bGZL9lqQX5dq161mW0oopDhJQ4bnZD0w62hGD5L9N8JdRHDnKNkE93KoYf10lL1g
CLlZwLQDwxuASeQkasUeTU/AZ1Uux6AcrLe4+6uPmzostnsG7uWcwP1YgF14skhS
FV65
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:55:32 2025 by rpki-client