Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/54b92ba8-ed43-4a2c-99b4-5c5cf8c9408a.roa
File: 54b92ba8-ed43-4a2c-99b4-5c5cf8c9408a.roa (raw, json)
Hash identifier: pihxMdypP75gF5kcDxyYgCH/Fso6HRCXYTwlVQTwIe0=
Subject key identifier: 04:92:48:36:2C:A3:30:0E:53:3A:E1:FC:E5:EB:8F:C8:B4:EF:C0:69
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 6D8CE7206DE1F7234DEC0CDF8922A1F25EC0063F
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/54b92ba8-ed43-4a2c-99b4-5c5cf8c9408a.roa
Signing time: Sat 30 Nov 2024 00:00:00 +0000
ROA not before: Sat 30 Nov 2024 00:00:00 +0000
ROA not after: Sat 04 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2400:6700::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:8c:e7:20:6d:e1:f7:23:4d:ec:0c:df:89:22:a1:f2:5e:c0:06:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Nov 30 00:00:00 2024 GMT
Not After : Jan 4 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:27:ca:8b:d2:6b:fd:57:f0:5c:cd:b2:64:52:
cc:ae:9d:1d:f4:4d:23:b6:cf:ea:07:e8:4c:e5:dc:
7a:ba:76:3b:43:23:5e:2f:f4:d6:15:df:fe:51:e2:
22:4f:a2:08:65:01:fb:e1:fe:d5:e1:c2:e5:98:e2:
3f:25:51:f7:ee:a4:18:41:8d:ba:47:fc:62:e8:92:
8d:66:44:08:53:bd:12:2c:47:0d:12:85:30:f2:00:
dc:74:b5:cc:be:b6:d6:46:74:d5:a2:ac:5a:cd:70:
ac:19:24:c8:a2:07:cc:99:26:aa:f8:46:e4:a8:9d:
66:db:af:19:4e:5c:94:eb:83:bf:fb:f1:de:cd:25:
b2:25:18:83:18:a9:73:1f:d0:6f:2d:37:e9:cf:3e:
a8:c7:d9:34:d3:e3:ab:36:3d:f2:18:8c:7c:a9:f8:
2a:de:73:c5:22:78:ce:77:68:d5:f7:f9:c7:f7:59:
ba:17:6f:e0:cd:62:75:2c:6c:9e:bb:2e:ce:f7:20:
01:5c:4c:05:70:16:31:c3:ff:3a:f2:5c:6c:44:89:
05:8a:b8:24:69:0c:17:bf:90:90:46:98:02:fb:b7:
4c:2d:97:43:fe:ca:aa:f8:31:20:7f:f4:af:aa:e9:
6d:fe:3a:0f:2e:ca:27:84:82:7f:1a:07:62:91:1a:
c4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:92:48:36:2C:A3:30:0E:53:3A:E1:FC:E5:EB:8F:C8:B4:EF:C0:69
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/54b92ba8-ed43-4a2c-99b4-5c5cf8c9408a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6700::/32
Signature Algorithm: sha256WithRSAEncryption
3f:ad:73:d2:06:64:13:88:ee:3d:81:3b:68:ac:1d:af:41:54:
ad:fa:26:18:2a:07:a5:32:22:db:ff:ba:c5:db:0d:08:e4:e7:
5c:98:f4:9a:b9:4e:82:eb:a5:f8:57:fb:f0:8d:7d:7b:a4:a4:
b2:36:52:40:86:32:74:45:4c:b9:5c:2d:ee:81:2e:f2:71:4d:
ef:aa:18:0d:2a:c2:02:5a:88:cf:a0:17:d5:85:b6:b9:17:73:
af:8d:85:2e:3f:9c:fc:0c:95:b8:97:f8:86:97:3e:39:57:96:
c5:3f:61:7a:1a:ad:5a:a9:3d:b1:ec:6f:1c:4b:4f:af:16:fa:
60:79:a5:d4:09:ac:94:72:00:c7:d9:2e:fd:50:4a:f6:94:77:
eb:f0:bb:a3:fd:81:e9:c0:e0:7d:22:54:76:5b:62:ee:f4:93:
4f:7d:ac:98:ee:63:f9:e8:3e:61:4e:0e:7f:a2:ec:b2:ec:66:
ad:8e:79:6c:87:a3:fe:a1:02:e9:de:f6:6d:74:b1:de:ac:f9:
ef:7a:e6:d2:9e:f7:b3:23:27:f0:4e:87:98:4d:47:ee:1f:bf:
95:35:56:82:aa:a3:b7:ee:9a:fd:3b:fd:36:82:89:68:d9:35:
4e:a1:9f:24:55:1f:93:9e:95:1a:da:fb:a1:d9:18:07:21:e3:
a1:ae:80:85
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUbYznIG3h9yNN7AzfiSKh8l7ABj8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTEzMDAwMDAwMFoX
DTI1MDEwNDIzNTk1OVowejFJMEcGA1UEBRNANzA1NTUwOTU0YTE5YmI0OWQ1N2Nl
NjA3ZGFlMzMzNjdiYjhiZmRlMjM1MjFiZjQ0YjM0MDU2ZDYzM2Y0MGNkYzEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmifKi9Jr/VfwXM2yZFLMrp0d9E0j
ts/qB+hM5dx6unY7QyNeL/TWFd/+UeIiT6IIZQH74f7V4cLlmOI/JVH37qQYQY26
R/xi6JKNZkQIU70SLEcNEoUw8gDcdLXMvrbWRnTVoqxazXCsGSTIogfMmSaq+Ebk
qJ1m268ZTlyU64O/+/HezSWyJRiDGKlzH9BvLTfpzz6ox9k00+OrNj3yGIx8qfgq
3nPFInjOd2jV9/nH91m6F2/gzWJ1LGyeuy7O9yABXEwFcBYxw/868lxsRIkFirgk
aQwXv5CQRpgC+7dMLZdD/sqq+DEgf/Svqult/joPLsonhIJ/GgdikRrEcwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFASSSDYsozAOUzrh/OXrj8i078BpMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzU0YjkyYmE4LWVkNDMtNGEyYy05OWI0LTVjNWNmOGM5NDA4YS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEAP61z0gZkE4juPYE7aKwd
r0FUrfomGCoHpTIi2/+6xdsNCOTnXJj0mrlOguul+Ff78I19e6SksjZSQIYydEVM
uVwt7oEu8nFN76oYDSrCAlqIz6AX1YW2uRdzr42FLj+c/AyVuJf4hpc+OVeWxT9h
ehqtWqk9sexvHEtPrxb6YHml1AmslHIAx9ku/VBK9pR36/C7o/2B6cDgfSJUdlti
7vSTT32smO5j+eg+YU4Of6LssuxmrY55bIej/qEC6d72bXSx3qz573rm0p73syMn
8E6HmE1H7h+/lTVWgqqjt+6a/Tv9NoKJaNk1TqGfJFUfk56VGtr7odkYByHjoa6A
hQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:53:02 2025 by rpki-client