Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/07cd85d2-b260-49e3-9ff0-8eea2d9ba85c.roa
File: 07cd85d2-b260-49e3-9ff0-8eea2d9ba85c.roa (raw, json)
Hash identifier: pG9E57YVyNttq+Wo7DXp/UuBVy3piO37zP3q4iThSrA=
Subject key identifier: 08:1A:47:67:3A:05:FC:49:5E:51:F2:21:05:69:49:4A:CE:D5:A0:7F
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7DC03FA191BE5196171FCA28C9A77B2663D42706
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/07cd85d2-b260-49e3-9ff0-8eea2d9ba85c.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:a000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7d:c0:3f:a1:91:be:51:96:17:1f:ca:28:c9:a7:7b:26:63:d4:27:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=9753dd89b829a1989d12a1ffa7300bc8d25e2a9a0907325b24bf978925b39b35, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:cc:43:94:91:e6:4d:ec:89:26:5f:16:fc:15:
43:65:f6:49:92:db:79:f2:65:39:ed:7c:6c:05:f9:
b3:2f:18:8c:eb:32:8e:a8:7b:de:9d:d3:88:dd:86:
01:90:6c:07:4d:83:d9:c1:30:be:87:36:23:c9:f3:
b0:f4:90:13:da:05:78:a7:8e:4c:9a:bd:db:68:af:
22:82:4b:8a:b9:5f:4f:11:00:e8:3e:5d:02:06:21:
95:63:e7:b2:3b:32:38:31:0b:e3:73:56:2b:82:9f:
1f:ac:b2:4b:5c:16:13:44:2d:ab:49:45:6c:d2:a4:
90:7c:4c:e4:92:cb:c9:a8:e9:72:74:07:03:b1:c3:
cd:7d:05:73:1e:6d:5f:68:35:c4:0f:51:d7:48:75:
25:da:21:a4:eb:b2:8f:43:6a:1f:05:24:ee:2b:af:
bd:4e:80:01:e0:cd:41:5e:e8:28:10:91:45:8a:78:
bc:77:51:cc:ce:e9:15:87:5d:25:51:f6:cb:ed:3c:
d8:60:57:57:98:b5:53:c5:c8:fc:10:80:32:54:cc:
56:f1:33:f9:cb:9c:23:a4:f7:72:7f:e8:c2:2f:66:
2f:72:2c:c6:30:67:38:d9:36:50:ff:d3:f3:21:01:
5e:70:34:a4:dd:ba:06:a7:0e:9f:11:ee:a9:21:01:
8c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:1A:47:67:3A:05:FC:49:5E:51:F2:21:05:69:49:4A:CE:D5:A0:7F
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/07cd85d2-b260-49e3-9ff0-8eea2d9ba85c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:a000::/40
Signature Algorithm: sha256WithRSAEncryption
2f:c0:85:c2:bd:bf:3d:8a:2a:d6:37:34:b7:41:fa:9d:7c:50:
55:b1:bf:16:1c:ab:ed:b3:6c:f6:a3:cf:61:62:d1:c4:59:d8:
52:e7:c7:0e:9e:7b:42:27:da:2d:96:1c:b3:73:35:4b:41:e5:
13:93:b8:a0:ba:e4:6a:9b:d1:f1:d7:48:a6:eb:8f:70:bb:de:
41:be:00:b2:23:cd:d3:29:78:72:91:0d:64:44:c1:7f:d9:34:
22:9d:92:40:86:f0:33:78:a8:e6:df:32:89:67:6f:07:bb:03:
22:c8:f0:47:13:fa:49:d5:9a:7b:63:ac:24:fc:b1:c9:dc:cb:
66:d4:14:dc:e1:b4:68:8b:4e:0c:1b:6b:a2:7a:63:fb:8a:b1:
c5:b1:05:a1:5a:bd:cd:59:9c:c7:d0:00:bc:bd:31:13:3d:7b:
09:cf:0a:31:8b:28:17:a4:c3:ef:e9:0a:76:6f:1b:3b:5d:a1:
4d:ba:62:4f:b9:0b:e3:a9:7e:e2:4b:44:29:2b:3a:70:c0:05:
38:6e:86:5e:30:4c:ce:1b:58:27:09:ff:f1:56:c6:4c:97:8c:
fa:65:6c:68:ec:15:07:59:d7:de:4e:32:35:f9:2b:62:d2:13:
42:6f:16:96:fd:7f:d5:cc:5d:de:71:c7:7d:3b:d0:8e:1e:81:
0c:79:d2:a2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUfcA/oZG+UZYXH8ooyad7JmPUJwYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAOTc1M2RkODliODI5YTE5ODlkMTJh
MWZmYTczMDBiYzhkMjVlMmE5YTA5MDczMjViMjRiZjk3ODkyNWIzOWIzNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqcxDlJHmTeyJJl8W/BVDZfZJktt5
8mU57XxsBfmzLxiM6zKOqHvendOI3YYBkGwHTYPZwTC+hzYjyfOw9JAT2gV4p45M
mr3baK8igkuKuV9PEQDoPl0CBiGVY+eyOzI4MQvjc1Yrgp8frLJLXBYTRC2rSUVs
0qSQfEzkksvJqOlydAcDscPNfQVzHm1faDXED1HXSHUl2iGk67KPQ2ofBSTuK6+9
ToAB4M1BXugoEJFFini8d1HMzukVh10lUfbL7TzYYFdXmLVTxcj8EIAyVMxW8TP5
y5wjpPdyf+jCL2YvcizGMGc42TZQ/9PzIQFecDSk3boGpw6fEe6pIQGMOQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAgaR2c6BfxJXlHyIQVpSUrO1aB/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzA3Y2Q4NWQyLWIyNjAtNDllMy05ZmYwLThlZWEyZDliYTg1Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYKAwDQYJKoZIhvcNAQELBQADggEBAC/AhcK9vz2KKtY3NLdB
+p18UFWxvxYcq+2zbPajz2Fi0cRZ2FLnxw6ee0In2i2WHLNzNUtB5ROTuKC65Gqb
0fHXSKbrj3C73kG+ALIjzdMpeHKRDWREwX/ZNCKdkkCG8DN4qObfMolnbwe7AyLI
8EcT+knVmntjrCT8scncy2bUFNzhtGiLTgwba6J6Y/uKscWxBaFavc1ZnMfQALy9
MRM9ewnPCjGLKBekw+/pCnZvGztdoU26Yk+5C+OpfuJLRCkrOnDABThuhl4wTM4b
WCcJ//FWxkyXjPplbGjsFQdZ195OMjX5K2LSE0JvFpb9f9XMXd5xx3070I4egQx5
0qI=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:29:17 2025 by rpki-client