Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c94ba698-f48b-499a-9e9f-3681b985bb5d.roa
File: c94ba698-f48b-499a-9e9f-3681b985bb5d.roa (raw, json)
Hash identifier: i85gmSjVvGMwOkVDSFp+C8hDx/w7CtdaWXwr49Bsw5A=
Subject key identifier: 0A:E0:19:F8:4C:52:82:45:CA:35:D4:0B:D4:51:C4:EB:A5:F2:F2:AA
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 35CA8C277CBB569FEC522EF053DFEE67B75FF790
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c94ba698-f48b-499a-9e9f-3681b985bb5d.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 240f:8000:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:ca:8c:27:7c:bb:56:9f:ec:52:2e:f0:53:df:ee:67:b7:5f:f7:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000, serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=015f8649b619928ee31824a6a0e7e15c02f1dd80255afd9c1c44f57d5799e5af, CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:a6:02:18:a8:dc:d6:89:0a:c3:22:ce:c2:ff:
b6:e4:69:89:c8:4b:e9:4f:a0:9e:55:6f:1b:92:3a:
05:2a:9d:33:0e:03:49:d8:bf:a7:0b:02:d6:70:6b:
1f:4f:5b:b1:35:be:43:b0:3c:5a:93:45:cc:94:c8:
ca:7d:69:1b:32:8c:0e:15:26:fa:81:7a:7a:91:51:
2d:f3:22:28:f8:be:2c:91:d9:b8:a5:12:16:bb:8b:
7e:e2:40:16:c4:81:7e:5e:1b:f1:42:7a:ec:90:41:
9c:0e:d2:92:6c:76:4a:3f:f8:51:cb:6c:37:3f:06:
63:7f:28:4d:4f:a8:4b:e5:42:3e:3d:61:5a:86:86:
cd:1a:04:7f:f3:15:e0:d5:e8:33:2e:86:cc:d0:20:
5d:96:a3:c8:f6:3d:ad:ab:d6:1c:0f:83:7f:29:a4:
e4:d0:c0:b7:e9:7d:1d:c5:75:21:ac:85:d5:d3:36:
57:dd:0f:d5:8f:d4:63:c3:ee:be:51:b2:9d:3b:7e:
ef:16:49:70:f3:6c:8d:07:a5:28:ff:ee:f2:bf:d5:
56:c9:5e:da:b8:cf:8d:8e:a4:6b:40:aa:bb:12:9b:
58:d3:c7:58:b6:c0:13:ce:97:ae:71:7f:f1:2e:45:
8d:9c:90:10:15:b8:25:52:0e:1a:10:fb:46:2c:65:
2a:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:E0:19:F8:4C:52:82:45:CA:35:D4:0B:D4:51:C4:EB:A5:F2:F2:AA
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/c94ba698-f48b-499a-9e9f-3681b985bb5d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
240f:8000:8000::/40
Signature Algorithm: sha256WithRSAEncryption
7f:1a:db:ff:0d:19:54:e3:ee:09:bd:36:fe:1d:61:3c:81:30:
c6:e2:9f:60:84:11:d5:f1:c5:95:e1:0e:12:81:3a:26:eb:fc:
a5:47:f4:c2:c6:42:bf:94:90:90:f4:70:9d:f2:5c:82:33:6f:
15:a1:5e:8a:3a:44:4a:5f:90:57:24:e3:56:2d:3f:4f:86:c8:
c7:4c:0e:a2:7a:0c:d2:84:d0:75:91:55:eb:84:de:0f:60:f5:
8a:1a:56:6f:1c:f3:16:ea:ce:32:1f:da:63:f0:09:1c:d2:49:
d2:11:bc:64:bb:92:32:80:96:c7:77:8f:31:e3:08:58:dc:eb:
17:fa:6d:1a:49:ff:e2:63:29:a0:b2:cf:41:97:c7:38:2a:d8:
ff:4a:c6:94:48:07:ff:96:93:30:c9:5a:27:ce:00:84:bc:b5:
e4:ca:32:78:ed:fe:89:39:d3:12:4c:15:35:67:52:84:82:e1:
bc:95:15:d8:98:65:f3:5b:76:cc:94:dd:0e:27:52:2d:c0:09:
e8:33:16:59:81:de:37:21:58:1e:c5:ee:ad:d9:61:73:73:92:
67:8a:9e:2c:a4:76:14:7f:f1:84:5d:a4:23:7b:e7:c5:34:3c:
2b:32:8e:cb:9b:0c:43:03:56:97:c4:c3:4b:9a:e8:59:eb:54:
ed:18:9f:49
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUNcqMJ3y7Vp/sUi7wU9/uZ7df95AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNAMDE1Zjg2NDliNjE5OTI4ZWUzMTgy
NGE2YTBlN2UxNWMwMmYxZGQ4MDI1NWFmZDljMWM0NGY1N2Q1Nzk5ZTVhZjEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt6YCGKjc1okKwyLOwv+25GmJyEvp
T6CeVW8bkjoFKp0zDgNJ2L+nCwLWcGsfT1uxNb5DsDxak0XMlMjKfWkbMowOFSb6
gXp6kVEt8yIo+L4skdm4pRIWu4t+4kAWxIF+XhvxQnrskEGcDtKSbHZKP/hRy2w3
PwZjfyhNT6hL5UI+PWFahobNGgR/8xXg1egzLobM0CBdlqPI9j2tq9YcD4N/KaTk
0MC36X0dxXUhrIXV0zZX3Q/Vj9Rjw+6+UbKdO37vFklw82yNB6Uo/+7yv9VWyV7a
uM+NjqRrQKq7EptY08dYtsATzpeucX/xLkWNnJAQFbglUg4aEPtGLGUqiwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFArgGfhMUoJFyjXUC9RRxOul8vKqMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2M5NGJhNjk4LWY0OGItNDk5YS05ZTlmLTM2ODFiOTg1YmI1ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJA+AAIAwDQYJKoZIhvcNAQELBQADggEBAH8a2/8NGVTj7gm9Nv4d
YTyBMMbin2CEEdXxxZXhDhKBOibr/KVH9MLGQr+UkJD0cJ3yXIIzbxWhXoo6REpf
kFck41YtP0+GyMdMDqJ6DNKE0HWRVeuE3g9g9YoaVm8c8xbqzjIf2mPwCRzSSdIR
vGS7kjKAlsd3jzHjCFjc6xf6bRpJ/+JjKaCyz0GXxzgq2P9KxpRIB/+WkzDJWifO
AIS8teTKMnjt/ok50xJMFTVnUoSC4byVFdiYZfNbdsyU3Q4nUi3ACegzFlmB3jch
WB7F7q3ZYXNzkmeKniykdhR/8YRdpCN758U0PCsyjsubDEMDVpfEw0ua6FnrVO0Y
n0k=
-----END CERTIFICATE-----
Generated at Fri May 9 10:11:06 2025 by rpki-client