Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4405afbc-8142-45d5-8895-2ec41a185020.roa
File: 4405afbc-8142-45d5-8895-2ec41a185020.roa (raw, json)
Hash identifier: ZKyyKJ54x6zHqYV8/YF7Z8a3D2SHs0bL3T98mdIIOVY=
Subject key identifier: 83:03:59:59:82:17:07:CD:E3:80:5C:F7:09:21:19:4E:53:F1:80:AA
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7BF741526F190DCE66A2AE3155463974B59C02CB
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4405afbc-8142-45d5-8895-2ec41a185020.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf9:e000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:f7:41:52:6f:19:0d:ce:66:a2:ae:31:55:46:39:74:b5:9c:02:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=5abea1cec632fb9f9daa906966f97c80646bda38dea95f85c5e2f286ca2f77e3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:81:64:6a:7b:48:7c:81:93:35:1f:f8:18:7b:
d7:9e:31:07:70:a0:95:75:ef:63:df:21:39:fd:48:
d4:67:1c:16:dd:43:50:2f:20:66:2b:c4:c2:da:b5:
15:96:30:fd:e0:4b:75:be:3e:d0:37:1f:76:d1:49:
25:e2:0b:fc:e2:d2:47:a0:f3:27:04:22:c1:b4:c8:
2e:33:15:95:4f:e0:38:06:e0:7e:d4:87:92:2a:4c:
eb:45:4d:af:a0:7a:47:24:2e:ad:6c:fd:bf:5f:af:
ce:2d:f6:f7:20:64:7a:9c:2e:b8:db:87:54:1f:c3:
f4:01:15:32:d6:72:79:8c:9f:17:be:f3:ad:84:bb:
3f:c2:88:6d:07:ab:ad:0f:96:3a:a2:35:ad:f5:48:
71:d3:d7:1e:d4:c8:ce:1a:97:71:05:27:c6:cb:62:
44:d4:ba:43:62:d2:5a:4e:9f:cd:30:43:71:62:29:
75:44:8a:1d:55:e2:b1:38:7f:17:b7:56:5c:08:93:
8f:a0:5f:60:d9:7d:40:68:64:90:52:c1:7c:72:1e:
9d:de:ac:67:e0:2e:92:9e:db:3d:25:f0:13:d5:76:
d7:a9:28:20:12:66:ab:c2:f7:86:d3:23:fc:fc:f5:
87:8d:91:22:25:94:f1:64:1f:55:49:ae:1a:02:e5:
a1:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:03:59:59:82:17:07:CD:E3:80:5C:F7:09:21:19:4E:53:F1:80:AA
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4405afbc-8142-45d5-8895-2ec41a185020.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf9:e000::/40
Signature Algorithm: sha256WithRSAEncryption
79:3a:04:10:94:6b:97:a2:86:39:c5:4f:fb:85:bc:fd:4d:7e:
8a:4f:97:b3:de:42:9a:a3:f9:ba:6c:2c:10:b6:16:1e:0e:8e:
b9:31:c9:26:23:36:06:81:93:ac:85:f3:03:11:8f:00:59:ad:
1c:80:17:2f:ae:19:44:31:be:d4:91:4b:3f:dd:1d:d0:78:32:
ad:19:fb:0b:1e:60:9b:14:a6:3d:cc:6e:a7:65:36:ae:9a:c4:
45:44:b3:02:a4:27:f7:0d:4c:40:11:ec:ac:06:17:f6:50:6e:
03:11:63:18:3f:72:70:b6:8a:cb:1d:86:64:29:0e:91:ed:4f:
3a:23:05:06:df:40:52:2f:50:8a:5b:96:57:30:be:8e:85:a3:
5d:35:c4:62:6b:97:38:19:2b:18:49:5b:08:a9:46:a6:d0:96:
64:b6:b0:c0:5f:23:ca:bb:bf:29:2f:af:5f:b0:e9:bc:48:11:
f1:2d:52:e9:6d:35:7d:6a:9f:d0:37:77:72:b3:d4:76:ff:fa:
c7:d4:8d:c9:b9:c6:43:79:bb:64:8a:66:06:f9:5d:85:cc:d0:
88:13:c6:04:b8:f6:61:ad:45:21:79:a2:b4:bd:19:cb:82:91:
3c:8e:b8:1a:39:4e:13:c8:c7:9f:a7:54:28:c3:b4:3f:41:23:
59:42:d1:d9
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUe/dBUm8ZDc5moq4xVUY5dLWcAsswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMDAwMDAwMFoX
DTI1MDIxNDIzNTk1OVowejFJMEcGA1UEBRNANWFiZWExY2VjNjMyZmI5ZjlkYWE5
MDY5NjZmOTdjODA2NDZiZGEzOGRlYTk1Zjg1YzVlMmYyODZjYTJmNzdlMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlIFkantIfIGTNR/4GHvXnjEHcKCV
de9j3yE5/UjUZxwW3UNQLyBmK8TC2rUVljD94Et1vj7QNx920Ukl4gv84tJHoPMn
BCLBtMguMxWVT+A4BuB+1IeSKkzrRU2voHpHJC6tbP2/X6/OLfb3IGR6nC6424dU
H8P0ARUy1nJ5jJ8XvvOthLs/wohtB6utD5Y6ojWt9Uhx09ce1MjOGpdxBSfGy2JE
1LpDYtJaTp/NMENxYil1RIodVeKxOH8Xt1ZcCJOPoF9g2X1AaGSQUsF8ch6d3qxn
4C6Snts9JfAT1XbXqSggEmarwveG0yP8/PWHjZEiJZTxZB9VSa4aAuWhXQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIMDWVmCFwfN44Bc9wkhGU5T8YCqMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQ0MDVhZmJjLTgxNDItNDVkNS04ODk1LTJlYzQxYTE4NTAyMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+eAwDQYJKoZIhvcNAQELBQADggEBAHk6BBCUa5eihjnFT/uF
vP1NfopPl7PeQpqj+bpsLBC2Fh4OjrkxySYjNgaBk6yF8wMRjwBZrRyAFy+uGUQx
vtSRSz/dHdB4Mq0Z+wseYJsUpj3MbqdlNq6axEVEswKkJ/cNTEAR7KwGF/ZQbgMR
Yxg/cnC2issdhmQpDpHtTzojBQbfQFIvUIpbllcwvo6Fo101xGJrlzgZKxhJWwip
RqbQlmS2sMBfI8q7vykvr1+w6bxIEfEtUultNX1qn9A3d3Kz1Hb/+sfUjcm5xkN5
u2SKZgb5XYXM0IgTxgS49mGtRSF5orS9GcuCkTyOuBo5ThPIx5+nVCjDtD9BI1lC
0dk=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:40:04 2025 by rpki-client