Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/65f60eb5-aea2-48c7-83e9-3e1305e6dbea.roa
File: 65f60eb5-aea2-48c7-83e9-3e1305e6dbea.roa (raw, json)
Hash identifier: PRa7jx+ry5oYLEarN+ut5qfAl25rQpmGQCM6kSl7cxk=
Subject key identifier: 4B:55:41:E6:5F:62:FB:9D:35:44:E9:A1:9A:7B:4F:B9:0D:D1:DE:04
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 508BDA5801A8C4D91E045991F464895CD257B3A5
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/65f60eb5-aea2-48c7-83e9-3e1305e6dbea.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:8018::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:8b:da:58:01:a8:c4:d9:1e:04:59:91:f4:64:89:5c:d2:57:b3:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:03:06:69:64:03:92:c2:b9:a0:33:67:86:3a:
9e:f5:42:4b:ee:80:5b:ba:4b:bd:49:8a:2a:66:9a:
1d:a8:c7:6e:f1:e2:8d:44:81:6b:5b:41:57:a1:a0:
c9:2a:6a:59:3a:da:b8:49:21:21:a1:ae:94:9f:ad:
4a:75:31:1b:f2:16:1e:f9:9c:e0:e7:25:07:63:2f:
31:a8:b7:d7:19:d4:99:65:27:79:f1:25:05:08:a0:
26:3e:40:25:ea:c0:42:51:a5:e6:fd:6c:08:ee:f2:
ee:3a:4d:5a:f3:a6:1c:db:ec:8d:2f:9f:e8:c2:e0:
4f:b4:d7:b9:2a:8e:8f:da:8f:2e:e5:c4:7e:14:02:
02:98:d2:0c:d3:2e:fe:ba:ba:ef:e2:55:e7:7e:d1:
fa:13:94:a5:1d:96:51:f1:35:e5:f4:8b:f0:3d:60:
1a:d9:15:fc:9e:f0:47:80:a9:d8:02:c9:2b:55:08:
ec:22:9f:eb:54:89:84:92:43:d4:54:37:f2:d7:11:
79:43:73:48:5e:fe:a0:10:fa:47:5a:c7:3f:18:33:
d2:df:0c:8f:39:bb:17:15:fc:81:38:e4:af:9b:60:
0b:14:26:bc:c9:da:8c:8b:81:89:45:e0:16:f2:e1:
74:0e:61:dd:3e:c5:7a:19:27:c5:60:01:e4:18:40:
86:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:55:41:E6:5F:62:FB:9D:35:44:E9:A1:9A:7B:4F:B9:0D:D1:DE:04
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/65f60eb5-aea2-48c7-83e9-3e1305e6dbea.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:8018::/36
Signature Algorithm: sha256WithRSAEncryption
49:77:de:f0:a5:ee:8b:7c:e8:37:e0:99:dd:20:62:2c:0d:fc:
c6:74:6e:7d:03:d9:87:b8:ff:b9:81:01:02:3a:ef:ed:2a:c4:
9e:9c:f0:0f:08:09:c1:e7:f2:7a:0a:7e:a6:9b:84:a1:b8:5e:
31:3a:f7:2c:31:c1:86:f8:d8:39:0e:3d:de:d8:9a:3e:27:29:
4d:7f:2f:03:e6:82:e6:90:69:40:6f:4b:17:ff:00:04:0e:46:
f6:06:b6:a8:43:81:7a:c7:27:f5:c9:d1:e6:16:12:6f:e9:4a:
3f:3c:f6:58:2b:90:0f:74:0e:d5:bd:34:fa:31:a5:62:60:88:
7f:de:d7:45:aa:41:b3:64:a6:b5:ba:db:ed:04:78:5d:dc:c5:
55:62:2f:86:3c:7b:f6:b5:28:c5:92:82:14:f1:9a:e0:50:3f:
82:1a:7d:f1:2f:a8:46:5f:9b:d0:a3:a1:5f:cf:04:8a:01:f1:
d2:81:6b:58:0a:78:e3:42:90:84:80:19:61:ab:2b:b9:7e:da:
27:c0:87:3e:99:7a:ec:0c:37:01:fd:06:26:61:1c:94:40:52:
fe:d2:a9:df:e1:87:5a:31:6e:18:d1:91:00:61:40:27:50:1f:
b9:b0:45:2e:aa:6d:06:3d:94:7f:b2:58:3b:93:b1:bd:e9:cc:
bd:24:6b:89
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUUIvaWAGoxNkeBFmR9GSJXNJXs6UwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTIxNzAwMDAwMFoX
DTI1MDEyMTIzNTk1OVowejFJMEcGA1UEBRNAMTE1NTFjM2ZiZDc5NTJiMThjNzdj
NGEyNWM0YTBlNzZmYjdiY2JlODA4MGI4MDJkZWNkOTY3MzJlZGEzOTRiNDEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArAMGaWQDksK5oDNnhjqe9UJL7oBb
uku9SYoqZpodqMdu8eKNRIFrW0FXoaDJKmpZOtq4SSEhoa6Un61KdTEb8hYe+Zzg
5yUHYy8xqLfXGdSZZSd58SUFCKAmPkAl6sBCUaXm/WwI7vLuOk1a86Yc2+yNL5/o
wuBPtNe5Ko6P2o8u5cR+FAICmNIM0y7+urrv4lXnftH6E5SlHZZR8TXl9IvwPWAa
2RX8nvBHgKnYAskrVQjsIp/rVImEkkPUVDfy1xF5Q3NIXv6gEPpHWsc/GDPS3wyP
ObsXFfyBOOSvm2ALFCa8ydqMi4GJReAW8uF0DmHdPsV6GSfFYAHkGECGZwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEtVQeZfYvudNUTpoZp7T7kN0d4EMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzY1ZjYwZWI1LWFlYTItNDhjNy04M2U5LTNlMTMwNWU2ZGJlYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJA+AGAAwDQYJKoZIhvcNAQELBQADggEBAEl33vCl7ot86Dfgmd0g
YiwN/MZ0bn0D2Ye4/7mBAQI67+0qxJ6c8A8ICcHn8noKfqabhKG4XjE69ywxwYb4
2DkOPd7Ymj4nKU1/LwPmguaQaUBvSxf/AAQORvYGtqhDgXrHJ/XJ0eYWEm/pSj88
9lgrkA90DtW9NPoxpWJgiH/e10WqQbNkprW62+0EeF3cxVViL4Y8e/a1KMWSghTx
muBQP4IaffEvqEZfm9CjoV/PBIoB8dKBa1gKeONCkISAGWGrK7l+2ifAhz6ZeuwM
NwH9BiZhHJRAUv7Sqd/hh1oxbhjRkQBhQCdQH7mwRS6qbQY9lH+yWDuTsb3pzL0k
a4k=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:33:55 2025 by rpki-client