Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/751e30fc-3483-4f10-a851-e6330352553c.roa
File: 751e30fc-3483-4f10-a851-e6330352553c.roa (raw, json)
Hash identifier: tHL1I6C8mRYMRm5QeQb9kJ8TOShY1CMj6zVF2tknwug=
Subject key identifier: 4D:2A:E0:6F:C2:00:2A:DD:2A:2A:E5:BA:20:EB:EF:65:C2:73:4B:13
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 5C717159398339B6D5B906CD0EA76CD1D00F1E42
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/751e30fc-3483-4f10-a851-e6330352553c.roa
Signing time: Sat 30 Nov 2024 00:00:00 +0000
ROA not before: Sat 30 Nov 2024 00:00:00 +0000
ROA not after: Sat 04 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2400:6700::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5c:71:71:59:39:83:39:b6:d5:b9:06:cd:0e:a7:6c:d1:d0:0f:1e:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Nov 30 00:00:00 2024 GMT
Not After : Jan 4 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:8d:0f:8c:62:cd:1e:90:1b:5c:cb:65:03:3e:
9a:b1:f1:9e:8d:45:9b:96:46:a1:45:a7:8c:59:08:
e9:ad:d9:4d:cb:b6:0f:16:5a:19:95:44:ed:ba:bc:
24:68:0e:c3:f3:b6:f7:59:ff:a2:1d:ba:f4:1c:55:
d2:10:aa:9b:58:cc:6c:84:ca:f3:15:7e:0f:ca:6f:
45:c6:d5:a9:b0:e4:6f:af:43:83:7d:95:60:26:f4:
86:42:0a:e9:98:f5:48:d2:93:78:38:e4:04:d8:5b:
61:8a:0f:1b:3a:99:cd:b7:9a:01:8a:82:31:f3:2d:
32:85:ed:84:92:8c:a0:fa:2b:2f:cc:e7:ff:65:38:
b7:49:6d:79:93:ff:1d:55:c8:15:35:2b:fa:83:e4:
67:d5:55:01:76:49:84:b0:f3:a0:f6:f6:4d:81:37:
c5:21:5e:40:21:96:81:68:7f:aa:9d:6d:4c:a5:3a:
19:e1:bb:57:39:a8:ee:93:d2:2b:9e:78:4e:01:c1:
5a:88:70:42:53:fe:c9:1d:32:1e:64:36:5b:cd:da:
e6:2d:56:42:6e:05:c7:c2:9a:02:87:85:64:04:8c:
bb:b8:38:0c:e6:18:80:40:90:4c:a1:de:8e:7a:13:
61:56:2a:77:a6:7f:1a:76:9d:47:86:ea:f8:47:71:
b2:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:2A:E0:6F:C2:00:2A:DD:2A:2A:E5:BA:20:EB:EF:65:C2:73:4B:13
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/751e30fc-3483-4f10-a851-e6330352553c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6700::/32
Signature Algorithm: sha256WithRSAEncryption
0e:eb:b3:9f:be:c7:0f:0b:87:ac:c6:e1:e8:0f:f0:da:49:f9:
2a:ec:f3:ef:75:78:fd:57:16:17:ee:9b:cf:9b:2e:9f:11:44:
91:b3:b9:08:80:55:fd:15:e5:b1:3b:c9:86:c1:66:a1:74:cb:
9d:17:e6:83:f7:c5:38:d3:40:74:dc:bd:e6:c0:5e:db:10:aa:
9b:6e:8e:5e:29:57:30:f0:64:17:2e:c1:75:11:e0:69:4a:20:
d1:64:53:33:36:1c:8f:da:91:f1:b8:48:5d:7c:54:76:84:65:
25:6f:2a:81:75:4b:3e:c8:d2:4c:5c:03:ed:91:2c:6e:16:85:
a8:55:99:e5:36:6e:b8:a4:e2:03:23:28:e2:2e:5b:98:64:88:
df:b3:74:a2:5c:06:e1:df:a9:fd:03:bc:ed:ab:c9:c4:c3:7f:
80:30:3e:e8:88:60:ef:7f:83:54:a0:51:08:2d:9c:0f:ba:c3:
34:ae:c4:13:44:e6:1b:89:60:67:02:88:d5:8f:89:42:5b:cb:
ef:82:e3:9f:c9:ec:47:2c:35:74:45:09:1a:80:1b:44:fa:fc:
5b:49:a7:d1:16:ed:de:94:69:1f:42:9e:bb:b0:1d:a9:6e:9c:
58:41:c1:97:7d:b4:d7:0e:03:36:a7:b5:89:ac:20:eb:96:47:
d2:4e:50:87
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUXHFxWTmDObbVuQbNDqds0dAPHkIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTEzMDAwMDAwMFoX
DTI1MDEwNDIzNTk1OVowejFJMEcGA1UEBRNANjAwNGZhYjk4Zjk4MzgxZTE4Y2E1
ODU5Zjk4NzBlOTNiMjM3MGM2N2M3NzIxMDI5Yzc3YmViNjJkZTI4YWU2ZTEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAto0PjGLNHpAbXMtlAz6asfGejUWb
lkahRaeMWQjprdlNy7YPFloZlUTturwkaA7D87b3Wf+iHbr0HFXSEKqbWMxshMrz
FX4Pym9FxtWpsORvr0ODfZVgJvSGQgrpmPVI0pN4OOQE2Fthig8bOpnNt5oBioIx
8y0yhe2Ekoyg+isvzOf/ZTi3SW15k/8dVcgVNSv6g+Rn1VUBdkmEsPOg9vZNgTfF
IV5AIZaBaH+qnW1MpToZ4btXOajuk9IrnnhOAcFaiHBCU/7JHTIeZDZbzdrmLVZC
bgXHwpoCh4VkBIy7uDgM5hiAQJBMod6OehNhVip3pn8adp1Hhur4R3GymQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFE0q4G/CACrdKirluiDr72XCc0sTMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
Lzc1MWUzMGZjLTM0ODMtNGYxMC1hODUxLWU2MzMwMzUyNTUzYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJABnADANBgkqhkiG9w0BAQsFAAOCAQEADuuzn77HDwuHrMbh6A/w
2kn5Kuzz73V4/VcWF+6bz5sunxFEkbO5CIBV/RXlsTvJhsFmoXTLnRfmg/fFONNA
dNy95sBe2xCqm26OXilXMPBkFy7BdRHgaUog0WRTMzYcj9qR8bhIXXxUdoRlJW8q
gXVLPsjSTFwD7ZEsbhaFqFWZ5TZuuKTiAyMo4i5bmGSI37N0olwG4d+p/QO87avJ
xMN/gDA+6Ihg73+DVKBRCC2cD7rDNK7EE0TmG4lgZwKI1Y+JQlvL74Ljn8nsRyw1
dEUJGoAbRPr8W0mn0Rbt3pRpH0Keu7AdqW6cWEHBl3201w4DNqe1iawg65ZH0k5Q
hw==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:12:29 2025 by rpki-client