Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/06bb5c69-f162-4ed9-a914-ee1937b1546f.roa
File: 06bb5c69-f162-4ed9-a914-ee1937b1546f.roa (raw, json)
Hash identifier: BISUI3OPMWCRY3vZG4+z0pdVkdXIBoET8WGyFMGE56c=
Subject key identifier: 33:A7:8B:B5:4F:B9:0F:22:80:27:A6:A0:81:67:1C:8E:95:62:45:8A
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0ABEB0D9A8FC91B527FC5F95FA60A3D5FB404E47
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/06bb5c69-f162-4ed9-a914-ee1937b1546f.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:70c0::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:be:b0:d9:a8:fc:91:b5:27:fc:5f:95:fa:60:a3:d5:fb:40:4e:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=c20205479aeaa4dfc5459cde66371617edc8842e7a226c9e7c723c27f4d52c8b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:44:8d:ed:58:05:80:f9:1f:7e:23:89:4c:10:
89:af:c1:b8:c7:78:3a:40:14:71:5e:f2:7d:81:ce:
74:73:93:10:29:e8:5e:11:e0:e6:6c:2d:50:eb:46:
ae:1a:96:11:ef:99:e4:b7:b2:74:21:f3:c4:66:27:
81:2a:72:48:da:de:69:89:eb:8d:9a:99:64:85:1c:
44:a3:a9:70:16:a2:af:7f:63:e9:15:a7:90:c5:66:
a4:d1:92:e0:ce:28:9a:2e:8d:ab:d0:78:3e:10:4e:
84:79:51:c0:f8:c6:fc:ca:6e:51:f8:29:01:6f:8f:
cb:2f:80:d0:3d:50:26:f2:59:d4:d6:ab:38:25:f4:
56:3f:60:6f:e0:3e:3c:65:bc:0e:db:32:53:40:0d:
84:69:0a:27:75:4e:61:ac:37:bf:de:86:41:3d:d3:
ac:d7:36:fa:22:5d:fe:18:06:32:dd:ae:9b:bd:d9:
bf:2a:7c:34:71:c4:8d:02:38:c1:6d:fc:23:35:c7:
96:fc:08:5e:b6:2b:5f:58:a6:3a:bb:ad:70:93:81:
97:77:d5:fb:63:46:38:1e:3f:db:5b:3a:a3:f4:48:
48:d9:0f:d5:5d:ac:ce:b8:59:32:b8:f2:62:64:04:
73:17:60:20:39:d6:fc:03:84:bc:d7:9e:fc:ed:d6:
0c:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:A7:8B:B5:4F:B9:0F:22:80:27:A6:A0:81:67:1C:8E:95:62:45:8A
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/06bb5c69-f162-4ed9-a914-ee1937b1546f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:70c0::/46
Signature Algorithm: sha256WithRSAEncryption
9b:cc:ec:95:53:f1:a7:a0:67:58:0f:d3:9c:e7:d8:15:44:91:
e3:69:75:20:d4:7e:cd:89:6a:3d:25:20:71:c9:05:ec:f2:17:
9a:99:0f:53:a0:d0:e7:ca:da:9b:91:02:d0:63:6d:b0:ee:ad:
c1:b1:e0:47:44:3a:8b:c2:ba:db:01:e3:ba:00:61:9f:69:33:
ba:5a:a2:d6:99:d1:ef:a9:3e:37:42:0f:9a:ad:85:67:3c:9c:
a7:be:1b:2f:71:5d:8f:c2:f4:c2:af:13:b1:4f:52:22:c8:ff:
c5:7b:71:c3:cb:f2:b4:4c:6e:2e:d7:8e:c8:77:8c:d7:4c:2d:
08:33:87:31:bb:02:df:3b:c9:f2:b1:59:49:c5:e1:ca:74:e4:
67:66:80:6b:d7:15:6c:eb:fe:ee:8e:d9:e0:54:b9:72:4b:53:
4c:b9:4b:15:2f:98:63:3f:38:d6:be:f7:21:10:3a:55:01:8a:
58:5d:81:28:e1:3c:cc:23:66:14:bc:9f:ed:4e:05:00:0e:6d:
67:5d:d2:29:a3:c1:15:b7:6c:9e:f6:2a:ab:3a:26:f0:d7:b7:
4f:89:42:b7:ee:89:42:ed:90:57:42:f6:e2:00:bc:15:7d:92:
fd:ff:2e:55:29:f5:7a:18:1d:ac:cf:c3:b3:d2:bd:c8:e8:b8:
ba:e3:de:19
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUCr6w2aj8kbUn/F+V+mCj1ftATkcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYzIwMjA1NDc5YWVhYTRkZmM1NDU5
Y2RlNjYzNzE2MTdlZGM4ODQyZTdhMjI2YzllN2M3MjNjMjdmNGQ1MmM4YjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwUSN7VgFgPkffiOJTBCJr8G4x3g6
QBRxXvJ9gc50c5MQKeheEeDmbC1Q60auGpYR75nkt7J0IfPEZieBKnJI2t5pieuN
mplkhRxEo6lwFqKvf2PpFaeQxWak0ZLgziiaLo2r0Hg+EE6EeVHA+Mb8ym5R+CkB
b4/LL4DQPVAm8lnU1qs4JfRWP2Bv4D48ZbwO2zJTQA2EaQondU5hrDe/3oZBPdOs
1zb6Il3+GAYy3a6bvdm/Knw0ccSNAjjBbfwjNceW/AhetitfWKY6u61wk4GXd9X7
Y0Y4Hj/bWzqj9EhI2Q/VXazOuFkyuPJiZARzF2AgOdb8A4S815787dYM6wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDOni7VPuQ8igCemoIFnHI6VYkWKMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzA2YmI1YzY5LWYxNjItNGVkOS1hOTE0LWVlMTkzN2IxNTQ2Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaYHDAMA0GCSqGSIb3DQEBCwUAA4IBAQCbzOyVU/GnoGdYD9Oc
59gVRJHjaXUg1H7NiWo9JSBxyQXs8heamQ9ToNDnytqbkQLQY22w7q3BseBHRDqL
wrrbAeO6AGGfaTO6WqLWmdHvqT43Qg+arYVnPJynvhsvcV2PwvTCrxOxT1IiyP/F
e3HDy/K0TG4u147Id4zXTC0IM4cxuwLfO8nysVlJxeHKdORnZoBr1xVs6/7ujtng
VLlyS1NMuUsVL5hjPzjWvvchEDpVAYpYXYEo4TzMI2YUvJ/tTgUADm1nXdIpo8EV
t2ye9iqrOibw17dPiUK37olC7ZBXQvbiALwVfZL9/y5VKfV6GB2sz8Oz0r3I6Li6
494Z
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:29:15 2025 by rpki-client