Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/60731d0c-6ab8-4ac3-80f2-e01e6c207335.roa
File: 60731d0c-6ab8-4ac3-80f2-e01e6c207335.roa (raw, json)
Hash identifier: 4C0h6CmSNugkbel5F7NTzkXf0xLvL2ra0olWLni6Bps=
Subject key identifier: BB:19:E4:89:35:03:70:DA:07:4F:20:7E:5E:D0:5B:02:28:BE:EA:08
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0897FCFF3C12188C0CD7B0B311180E9D358C2949
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/60731d0c-6ab8-4ac3-80f2-e01e6c207335.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:880::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:97:fc:ff:3c:12:18:8c:0c:d7:b0:b3:11:18:0e:9d:35:8c:29:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=af9aa67063af0622c43360e07d2ad2e0dac16a9431a7bab2c825149bd139fb2a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d5:17:5d:82:df:57:b8:aa:08:e0:09:62:9d:
b9:5d:ee:3b:32:cb:9a:00:81:d7:42:82:52:83:37:
67:c2:40:7b:ec:8b:b2:7e:6f:bf:98:b7:41:9c:aa:
2c:93:bb:6f:8f:3c:39:7d:db:d7:4d:eb:0e:c6:87:
c0:93:29:02:02:c2:19:30:ae:0f:25:8e:cf:4c:df:
df:9b:34:3e:8c:71:49:a3:9a:b2:0f:f4:fe:ae:f9:
4a:a2:11:42:e2:fb:65:be:05:81:cb:0f:8f:ea:1f:
4a:8f:55:58:3a:98:4f:ba:a5:a3:16:94:b3:cc:47:
6f:9e:8d:9d:e4:6d:a5:bf:33:72:fc:21:f1:e8:4e:
c1:fd:6e:f8:34:d7:e2:e6:81:f2:26:41:e4:53:88:
8f:fb:4a:54:5f:76:83:60:92:a2:13:bc:f0:fd:b7:
58:ed:2c:15:61:b0:ff:3b:59:5f:08:a2:d3:a6:44:
bd:c5:ea:9f:e3:10:8f:c4:77:b9:f8:0a:90:3d:47:
12:14:74:45:27:84:52:de:8d:b0:f5:2e:8e:7a:35:
6d:a9:6b:2f:0d:18:dd:42:4e:2e:27:c6:39:39:04:
c7:ef:20:23:1f:e3:72:2e:48:ec:b6:9c:99:71:16:
b8:fc:d2:d3:e9:06:50:48:1e:ae:5d:9d:b6:21:b3:
24:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:19:E4:89:35:03:70:DA:07:4F:20:7E:5E:D0:5B:02:28:BE:EA:08
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/60731d0c-6ab8-4ac3-80f2-e01e6c207335.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:880::/46
Signature Algorithm: sha256WithRSAEncryption
32:22:14:4b:15:43:d9:d8:c1:79:9e:f0:32:77:76:31:86:43:
33:21:66:81:94:97:ee:30:6b:62:76:be:81:16:d1:d5:f2:3d:
72:e1:c0:8d:5a:f2:38:a7:6e:96:3f:12:ef:e4:d4:f7:b5:3f:
8b:27:e1:84:80:ab:4d:8e:98:8b:5b:66:bf:45:b6:1c:7f:ed:
e2:b7:4b:a3:e7:ea:e8:2e:ea:b9:7c:fd:c4:a9:33:6e:1b:fb:
9b:5b:33:15:8a:a9:43:34:a9:4e:70:5d:5c:20:d6:14:56:21:
9a:62:1f:11:df:20:ba:b7:ac:ea:7f:94:f7:d7:b0:32:0b:09:
f4:27:fd:7b:08:fc:75:e3:8c:bd:ad:61:49:dc:11:e8:3f:0a:
20:08:b2:9c:c9:da:01:df:59:b4:21:9e:d8:39:28:95:4a:1d:
0a:f9:cd:d7:20:27:c7:bf:15:93:66:9e:89:f9:9a:02:21:aa:
7b:5d:85:37:0a:af:ad:26:aa:f8:2c:82:1f:cd:63:b7:8d:46:
50:21:67:2c:de:8c:39:b7:af:a4:92:af:05:8e:d6:5c:21:55:
88:02:65:fb:a5:2d:58:ae:75:99:cd:33:43:64:f9:25:3e:51:
73:37:84:47:74:19:4c:06:6d:1d:7a:2e:36:10:ab:1f:27:b4:
0b:71:37:b8
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUCJf8/zwSGIwM17CzERgOnTWMKUkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYWY5YWE2NzA2M2FmMDYyMmM0MzM2
MGUwN2QyYWQyZTBkYWMxNmE5NDMxYTdiYWIyYzgyNTE0OWJkMTM5ZmIyYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNUXXYLfV7iqCOAJYp25Xe47Msua
AIHXQoJSgzdnwkB77Iuyfm+/mLdBnKosk7tvjzw5fdvXTesOxofAkykCAsIZMK4P
JY7PTN/fmzQ+jHFJo5qyD/T+rvlKohFC4vtlvgWByw+P6h9Kj1VYOphPuqWjFpSz
zEdvno2d5G2lvzNy/CHx6E7B/W74NNfi5oHyJkHkU4iP+0pUX3aDYJKiE7zw/bdY
7SwVYbD/O1lfCKLTpkS9xeqf4xCPxHe5+AqQPUcSFHRFJ4RS3o2w9S6OejVtqWsv
DRjdQk4uJ8Y5OQTH7yAjH+NyLkjstpyZcRa4/NLT6QZQSB6uXZ22IbMk+QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFLsZ5Ik1A3DaB08gfl7QWwIovuoIMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzYwNzMxZDBjLTZhYjgtNGFjMy04MGYyLWUwMWU2YzIwNzMzNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaYAiAMA0GCSqGSIb3DQEBCwUAA4IBAQAyIhRLFUPZ2MF5nvAy
d3YxhkMzIWaBlJfuMGtidr6BFtHV8j1y4cCNWvI4p26WPxLv5NT3tT+LJ+GEgKtN
jpiLW2a/RbYcf+3it0uj5+roLuq5fP3EqTNuG/ubWzMViqlDNKlOcF1cINYUViGa
Yh8R3yC6t6zqf5T317AyCwn0J/17CPx144y9rWFJ3BHoPwogCLKcydoB31m0IZ7Y
OSiVSh0K+c3XICfHvxWTZp6J+ZoCIap7XYU3Cq+tJqr4LIIfzWO3jUZQIWcs3ow5
t6+kkq8FjtZcIVWIAmX7pS1YrnWZzTNDZPklPlFzN4RHdBlMBm0dei42EKsfJ7QL
cTe4
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:30:02 2025 by rpki-client