Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4bdd1ef3-7214-4d8c-8829-8df3621a8099.roa
File: 4bdd1ef3-7214-4d8c-8829-8df3621a8099.roa (raw, json)
Hash identifier: jbVZwc0fHhEf923SoIucQcTBPPae9VcaKY4nYeo9ZuY=
Subject key identifier: 03:90:9D:AA:DE:10:6E:FE:58:17:D6:D2:C3:21:A9:03:A7:1F:E2:4D
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0F7C01F9BAD3FD670DF60DC9D9EDC45276186476
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4bdd1ef3-7214-4d8c-8829-8df3621a8099.roa
Signing time: Mon 13 Jan 2025 00:00:00 +0000
ROA not before: Mon 13 Jan 2025 00:00:00 +0000
ROA not after: Mon 17 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf9:8000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:7c:01:f9:ba:d3:fd:67:0d:f6:0d:c9:d9:ed:c4:52:76:18:64:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 13 00:00:00 2025 GMT
Not After : Feb 17 23:59:59 2025 GMT
Subject: serialNumber=f1567492eee8d05751671a33584186181c9926c2c7c9da5c7b65c604b3cb0e7d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:e2:9b:fb:b9:25:1f:2e:c5:c0:9e:d0:b1:35:
ae:75:9c:9f:51:3c:fc:e4:1f:1b:46:b5:00:a1:98:
b2:e0:08:fd:57:a2:f0:f3:d8:92:3f:e2:b2:0a:1e:
dd:46:da:8f:ed:8f:70:d6:a3:35:7c:4f:c2:99:2d:
c3:51:f5:5f:4c:69:fe:1f:7e:54:da:d1:3c:d4:8b:
62:dd:20:6c:e5:67:62:b3:e3:89:fe:4f:bf:18:f5:
43:31:a6:70:c2:d9:79:5c:d2:03:96:5f:42:fe:0a:
63:4e:72:99:bf:e9:e4:19:da:cf:14:1e:4e:99:1c:
d4:d9:1d:18:82:4f:1a:56:7e:0e:d7:6b:f5:27:af:
1a:81:d4:5c:cb:b3:ae:22:64:a5:fc:67:d9:37:93:
df:9a:0c:2a:1c:db:64:31:03:78:3c:02:52:ac:48:
b0:32:c9:b4:3e:79:59:f8:c6:c1:6f:77:6c:5c:03:
7f:61:88:2a:c1:bb:30:1d:ab:c2:68:b7:a7:dc:e4:
64:63:d4:8c:53:70:8d:a4:bc:3b:9b:38:2b:a2:72:
e0:e7:13:3e:8b:4e:2d:27:ff:b0:6f:29:1c:5e:1b:
ba:86:9d:12:0b:a3:f1:0d:d6:77:d0:42:64:89:5c:
f7:b5:f3:94:f1:1e:f9:7f:04:68:c9:c9:f0:a8:a0:
ce:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:90:9D:AA:DE:10:6E:FE:58:17:D6:D2:C3:21:A9:03:A7:1F:E2:4D
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4bdd1ef3-7214-4d8c-8829-8df3621a8099.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf9:8000::/40
Signature Algorithm: sha256WithRSAEncryption
cb:2e:ad:8e:03:c7:07:bf:b1:28:61:ef:83:d5:67:a5:67:b0:
d6:b2:b7:2a:25:ab:59:95:64:35:23:57:fd:a9:f8:ca:46:43:
55:5f:86:ea:60:92:49:83:52:06:5f:17:b9:11:68:d1:02:d1:
19:15:4e:5f:e0:d9:30:89:06:43:83:f5:04:87:36:b9:71:f4:
31:be:a5:5b:46:06:a0:cc:67:5e:7c:ec:b9:0d:aa:8e:b9:54:
5b:21:da:8d:ec:36:d7:e0:6b:3f:35:f8:f6:34:0d:0b:52:be:
d6:7c:60:b1:54:f7:fe:94:e2:e2:f7:f8:86:fc:fb:be:90:ca:
a0:4b:91:55:c6:05:55:67:fb:b8:9e:96:61:57:8f:da:83:82:
92:89:fd:21:f1:b1:18:26:73:be:16:53:e6:22:da:73:16:1f:
1e:52:9d:c7:0f:b1:98:12:29:5c:d6:01:c2:f9:b7:8e:b5:70:
f9:02:14:da:ac:2d:4e:d1:56:40:0a:74:28:b3:5f:12:ef:b7:
e7:b0:55:de:60:37:d5:dc:63:6d:cd:d7:6c:4a:cb:b5:f8:b3:
44:3c:f1:9c:15:9d:c4:04:33:69:cd:d7:4f:ae:66:a8:45:f3:
91:ab:20:3c:68:c3:3b:cb:71:0a:05:09:48:7c:e4:18:68:4c:
0f:9f:33:8b
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUD3wB+brT/WcN9g3J2e3EUnYYZHYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMzAwMDAwMFoX
DTI1MDIxNzIzNTk1OVowejFJMEcGA1UEBRNAZjE1Njc0OTJlZWU4ZDA1NzUxNjcx
YTMzNTg0MTg2MTgxYzk5MjZjMmM3YzlkYTVjN2I2NWM2MDRiM2NiMGU3ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAweKb+7klHy7FwJ7QsTWudZyfUTz8
5B8bRrUAoZiy4Aj9V6Lw89iSP+KyCh7dRtqP7Y9w1qM1fE/CmS3DUfVfTGn+H35U
2tE81Iti3SBs5Wdis+OJ/k+/GPVDMaZwwtl5XNIDll9C/gpjTnKZv+nkGdrPFB5O
mRzU2R0Ygk8aVn4O12v1J68agdRcy7OuImSl/GfZN5PfmgwqHNtkMQN4PAJSrEiw
Msm0PnlZ+MbBb3dsXAN/YYgqwbswHavCaLen3ORkY9SMU3CNpLw7mzgronLg5xM+
i04tJ/+wbykcXhu6hp0SC6PxDdZ30EJkiVz3tfOU8R75fwRoycnwqKDOqQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAOQnareEG7+WBfW0sMhqQOnH+JNMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRiZGQxZWYzLTcyMTQtNGQ4Yy04ODI5LThkZjM2MjFhODA5OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+YAwDQYJKoZIhvcNAQELBQADggEBAMsurY4Dxwe/sShh74PV
Z6VnsNaytyolq1mVZDUjV/2p+MpGQ1VfhupgkkmDUgZfF7kRaNEC0RkVTl/g2TCJ
BkOD9QSHNrlx9DG+pVtGBqDMZ1587LkNqo65VFsh2o3sNtfgaz81+PY0DQtSvtZ8
YLFU9/6U4uL3+Ib8+76QyqBLkVXGBVVn+7ielmFXj9qDgpKJ/SHxsRgmc74WU+Yi
2nMWHx5SnccPsZgSKVzWAcL5t461cPkCFNqsLU7RVkAKdCizXxLvt+ewVd5gN9Xc
Y23N12xKy7X4s0Q88ZwVncQEM2nN10+uZqhF85GrIDxowzvLcQoFCUh85BhoTA+f
M4s=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:33:48 2025 by rpki-client