Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/86cfd33f-a067-4c5c-8ad5-49ec8cde1823.roa
File: 86cfd33f-a067-4c5c-8ad5-49ec8cde1823.roa (raw, json)
Hash identifier: SLqmZ0B6fyBGoEGkXPOOoeBaxtW4PEzYmzriyGXMbho=
Subject key identifier: 69:FB:94:9A:4C:B0:7D:B8:EE:F2:84:E1:53:A2:2D:5A:42:1F:73:43
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 2C74109AF58C6F1D28814321BA3BD42F270D1CA9
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/86cfd33f-a067-4c5c-8ad5-49ec8cde1823.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:80fc:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:74:10:9a:f5:8c:6f:1d:28:81:43:21:ba:3b:d4:2f:27:0d:1c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a1:9d:ed:35:77:28:15:c9:80:b3:c9:cf:eb:
12:47:b6:5a:c7:ce:e3:6a:a1:7f:9e:42:86:18:a3:
a6:69:19:98:92:9e:59:ab:ba:6c:5d:68:36:4c:ad:
4c:78:d6:1b:b0:8c:f3:e2:da:02:13:eb:c2:8e:9f:
0a:8c:44:6f:5c:4d:7c:df:50:e1:26:5a:26:b3:ea:
32:5b:90:e4:56:4d:1d:49:4e:48:fc:f0:d0:89:57:
8b:18:d2:42:7c:86:63:fa:75:ee:c8:8e:d6:bc:e7:
10:ca:32:9d:98:c4:99:2a:fc:e9:f8:20:1a:80:55:
ed:7a:ca:df:94:6b:cf:db:8b:9f:d4:36:f2:be:a2:
b6:02:ed:13:63:17:28:f9:57:c3:dc:91:02:c3:3e:
dc:b5:e8:25:dc:95:41:81:00:7e:96:b3:74:7a:88:
ec:6e:11:4c:aa:f0:05:a1:17:bc:56:d3:be:ae:bb:
31:ca:a7:9e:72:02:2c:84:31:e7:48:b2:4a:41:be:
15:1e:d0:5f:4f:34:63:0d:ec:a1:c6:b4:08:29:2a:
c5:3f:0b:39:26:ad:b8:0b:36:43:6d:c9:ba:b1:99:
c7:67:1f:16:d2:8a:d1:39:15:87:a1:4d:29:ac:b1:
50:f3:28:0b:c3:d7:54:b3:ae:48:39:15:f4:11:37:
16:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:FB:94:9A:4C:B0:7D:B8:EE:F2:84:E1:53:A2:2D:5A:42:1F:73:43
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/86cfd33f-a067-4c5c-8ad5-49ec8cde1823.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:80fc:8000::/40
Signature Algorithm: sha256WithRSAEncryption
59:58:15:33:18:d0:f5:f3:7f:b7:43:f8:c1:42:a3:ca:41:9a:
51:4c:0b:d1:4d:cb:c4:d6:b4:dc:dc:ab:7b:73:a0:8f:c3:b8:
a8:53:e7:b1:a2:9e:ca:a4:43:8b:67:48:bd:a4:09:dc:bb:e8:
b2:c5:63:7b:d4:a6:9f:be:fe:0d:3f:73:ec:cc:5b:47:e2:43:
03:0b:7e:4e:2d:91:08:14:08:a5:64:ad:e5:60:12:f8:71:12:
fa:0c:04:4d:4c:f5:e3:55:f7:33:00:1e:d4:a3:62:12:0f:38:
fd:cf:55:2c:12:de:55:0a:1b:7a:17:d6:41:2e:cc:b1:bc:45:
60:0b:dc:7e:de:a2:5f:03:ef:52:35:90:7a:24:62:0e:df:28:
eb:49:41:6f:eb:5b:ee:6a:02:00:e0:aa:21:df:1f:4c:63:02:
4f:0d:34:c5:69:9d:ee:01:59:d1:61:72:df:f2:7a:86:c1:4f:
c7:2f:d4:6a:b6:00:4f:f6:18:fe:c5:43:f7:46:45:e6:09:b2:
3f:79:94:3a:76:d1:68:0b:dd:09:00:ea:d9:ec:d2:c3:b6:65:
f2:85:9a:c3:e4:51:8d:6d:6d:08:a2:4d:52:48:ec:2f:22:8d:
b8:9a:4f:fa:5b:65:b2:fd:00:62:a5:01:71:42:8e:17:a3:ef:
04:f1:cb:64
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIULHQQmvWMbx0ogUMhujvULycNHKkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTIxNzAwMDAwMFoX
DTI1MDEyMTIzNTk1OVowejFJMEcGA1UEBRNAYTFmNjBjNWRiZWE3NzI0MzFjODY3
NjliOTZhM2ZlYWQ0MTZlNjUwMTc0Njg1MjhmZTdkOTc3MDcwNTkwYzZjMTEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6Gd7TV3KBXJgLPJz+sSR7Zax87j
aqF/nkKGGKOmaRmYkp5Zq7psXWg2TK1MeNYbsIzz4toCE+vCjp8KjERvXE1831Dh
Jloms+oyW5DkVk0dSU5I/PDQiVeLGNJCfIZj+nXuyI7WvOcQyjKdmMSZKvzp+CAa
gFXtesrflGvP24uf1DbyvqK2Au0TYxco+VfD3JECwz7ctegl3JVBgQB+lrN0eojs
bhFMqvAFoRe8VtO+rrsxyqeecgIshDHnSLJKQb4VHtBfTzRjDeyhxrQIKSrFPws5
Jq24CzZDbcm6sZnHZx8W0orRORWHoU0prLFQ8ygLw9dUs65IORX0ETcW1QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGn7lJpMsH247vKE4VOiLVpCH3NDMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
Lzg2Y2ZkMzNmLWEwNjctNGM1Yy04YWQ1LTQ5ZWM4Y2RlMTgyMy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+A/IAwDQYJKoZIhvcNAQELBQADggEBAFlYFTMY0PXzf7dD+MFC
o8pBmlFMC9FNy8TWtNzcq3tzoI/DuKhT57GinsqkQ4tnSL2kCdy76LLFY3vUpp++
/g0/c+zMW0fiQwMLfk4tkQgUCKVkreVgEvhxEvoMBE1M9eNV9zMAHtSjYhIPOP3P
VSwS3lUKG3oX1kEuzLG8RWAL3H7eol8D71I1kHokYg7fKOtJQW/rW+5qAgDgqiHf
H0xjAk8NNMVpne4BWdFhct/yeobBT8cv1Gq2AE/2GP7FQ/dGReYJsj95lDp20WgL
3QkA6tns0sO2ZfKFmsPkUY1tbQiiTVJI7C8ijbiaT/pbZbL9AGKlAXFCjhej7wTx
y2Q=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:20:28 2025 by rpki-client