Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/28716f72-e93f-4c3d-a271-5f3613042c49.roa
File: 28716f72-e93f-4c3d-a271-5f3613042c49.roa (raw, json)
Hash identifier: s3tKDaqGWUEHboQ33Kks+9E3Le6aiEwzeBwH8bhb4a0=
Subject key identifier: EA:52:44:E7:5B:2D:07:62:11:D0:DC:C2:E0:76:62:D0:0F:77:A1:66
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 23BD757F30F709EDF22B700B91155B215FC855EB
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/28716f72-e93f-4c3d-a271-5f3613042c49.roa
Signing time: Sat 30 Nov 2024 00:00:00 +0000
ROA not before: Sat 30 Nov 2024 00:00:00 +0000
ROA not after: Sat 04 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2400:6500::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:bd:75:7f:30:f7:09:ed:f2:2b:70:0b:91:15:5b:21:5f:c8:55:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001
Validity
Not Before: Nov 30 00:00:00 2024 GMT
Not After : Jan 4 23:59:59 2025 GMT
Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:e8:d7:2c:ea:d0:55:57:a9:67:ef:c8:c4:45:
b1:66:44:27:96:0b:cf:9e:5c:0f:59:33:86:d1:31:
4f:1a:c1:00:23:59:ef:23:cc:55:a2:b1:6a:fe:3e:
f6:26:7b:da:11:58:fe:89:e5:22:f3:c1:ba:ee:05:
6e:29:0b:4e:dd:bb:e0:a9:22:0d:ce:40:b1:48:52:
be:7c:05:2a:1a:98:48:d7:89:60:83:b0:17:bd:b1:
b8:57:d5:b6:73:b1:e4:51:19:53:e4:52:86:9b:2a:
85:00:38:90:61:f6:40:ed:d4:f8:f1:a8:15:9c:76:
1e:c4:1d:5a:21:8e:d1:ac:f6:da:11:29:c8:1a:1f:
16:2c:c2:7a:0a:de:05:c7:93:d3:2d:3e:ec:8d:60:
eb:7d:cd:a5:a3:f2:0c:b3:bb:aa:40:a7:26:2b:4c:
d0:ed:26:8b:4b:8c:37:ce:7c:d2:14:9f:72:54:0d:
d4:21:76:86:0b:01:95:21:fb:72:aa:f1:f9:ad:de:
4f:11:c6:6a:41:7c:cb:1a:2a:ca:7a:65:d9:0d:da:
11:b3:16:20:fa:36:69:40:4b:ae:03:3a:86:56:bf:
37:97:d2:ce:11:73:d4:49:f6:60:8d:13:0b:ee:d1:
43:d2:fd:65:e9:8b:24:c7:3e:c0:b7:91:b0:3e:7e:
52:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:52:44:E7:5B:2D:07:62:11:D0:DC:C2:E0:76:62:D0:0F:77:A1:66
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/28716f72-e93f-4c3d-a271-5f3613042c49.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6500::/32
Signature Algorithm: sha256WithRSAEncryption
6d:a6:d7:e5:03:b2:5c:b8:30:2d:db:b9:d2:c3:7a:25:a4:82:
3c:98:37:4d:a5:39:fd:c2:92:c8:80:f2:ee:b8:88:b7:de:b8:
c4:2a:36:93:3e:8b:8e:09:1a:78:9d:78:f3:43:5b:83:84:d2:
a5:e8:58:cd:cc:42:bf:70:ff:88:2b:b8:56:f5:f4:e5:70:13:
12:f0:18:02:c6:ef:22:17:fe:f3:2a:92:7b:d0:d7:4f:3a:dd:
41:ff:d1:6c:c7:25:76:11:d4:b7:42:88:a6:d2:00:70:2d:e7:
bf:2f:ae:48:c4:bb:9e:cc:12:98:69:b0:85:6f:7f:04:7f:5e:
85:78:52:f1:47:8d:0b:40:4c:55:7e:35:ee:77:80:a4:a6:c9:
52:52:e9:08:cd:33:1b:50:18:e8:10:75:1d:1d:51:06:e1:f4:
00:ee:28:63:02:c2:42:73:79:dd:2e:13:76:9c:3e:29:7c:80:
e0:c8:b5:e6:a1:0d:27:26:43:28:c8:4e:e3:9c:92:8d:2e:0d:
e1:79:23:d9:f0:e4:84:56:7f:cb:72:54:bc:26:5e:7d:22:94:
64:f1:ca:4f:82:01:89:d9:4b:74:1d:e7:76:5f:cc:74:ce:bd:
dd:0e:71:e0:ad:2e:0b:63:a0:5a:fa:90:ac:0d:f7:19:20:26:
1f:f9:e3:d5
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUI711fzD3Ce3yK3ALkRVbIV/IVeswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTEzMDAwMDAwMFoX
DTI1MDEwNDIzNTk1OVowejFJMEcGA1UEBRNAMWYzZDA5NjFhMDJiOWVlN2QwZGQw
NWFhOGFkZDFmNTg3YzlmZjU2NmZiMTA2ZDJjMTMyODRhNzY1MWM1ODI2MzEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8+jXLOrQVVepZ+/IxEWxZkQnlgvP
nlwPWTOG0TFPGsEAI1nvI8xVorFq/j72JnvaEVj+ieUi88G67gVuKQtO3bvgqSIN
zkCxSFK+fAUqGphI14lgg7AXvbG4V9W2c7HkURlT5FKGmyqFADiQYfZA7dT48agV
nHYexB1aIY7RrPbaESnIGh8WLMJ6Ct4Fx5PTLT7sjWDrfc2lo/IMs7uqQKcmK0zQ
7SaLS4w3znzSFJ9yVA3UIXaGCwGVIftyqvH5rd5PEcZqQXzLGirKemXZDdoRsxYg
+jZpQEuuAzqGVr83l9LOEXPUSfZgjRML7tFD0v1l6Yskxz7At5GwPn5SLQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFOpSROdbLQdiEdDcwuB2YtAPd6FmMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzI4NzE2ZjcyLWU5M2YtNGMzZC1hMjcxLTVmMzYxMzA0MmM0OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEAbabX5QOyXLgwLdu50sN6
JaSCPJg3TaU5/cKSyIDy7riIt964xCo2kz6LjgkaeJ1480Nbg4TSpehYzcxCv3D/
iCu4VvX05XATEvAYAsbvIhf+8yqSe9DXTzrdQf/RbMcldhHUt0KIptIAcC3nvy+u
SMS7nswSmGmwhW9/BH9ehXhS8UeNC0BMVX417neApKbJUlLpCM0zG1AY6BB1HR1R
BuH0AO4oYwLCQnN53S4Tdpw+KXyA4Mi15qENJyZDKMhO45ySjS4N4Xkj2fDkhFZ/
y3JUvCZefSKUZPHKT4IBidlLdB3ndl/MdM693Q5x4K0uC2OgWvqQrA33GSAmH/nj
1Q==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:27:55 2025 by rpki-client