Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6c826f56-d1e7-4f1c-9da9-d1e523c4c28f.roa
File: 6c826f56-d1e7-4f1c-9da9-d1e523c4c28f.roa (raw, json)
Hash identifier: 23uLGq/d1VBgPklpRQrPcOouA17KzdVtE1JvLZPpLFQ=
Subject key identifier: 0C:5B:19:07:3C:CA:1F:F6:00:A5:E4:F3:A2:9D:70:B1:D7:0C:EA:0A
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 042A61ACE802E5E6A96C261EC3D8F811E9D0B87B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6c826f56-d1e7-4f1c-9da9-d1e523c4c28f.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 27.0.0.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:2a:61:ac:e8:02:e5:e6:a9:6c:26:1e:c3:d8:f8:11:e9:d0:b8:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=ea492e012e3d873ba8b437e1aa60dfb0555a7deb5b0c19ac8dca50084ac5da9f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:92:b9:c9:8c:6e:49:b2:28:ea:55:b1:17:ff:
86:f5:b3:e8:0a:27:4b:63:01:49:1a:92:13:d6:d8:
e7:cf:c0:0f:ac:28:38:23:9e:4e:97:fa:ad:fb:52:
a1:95:2c:bb:0e:3a:84:a3:a8:b8:d6:47:c4:46:08:
3d:a0:e4:33:6a:21:16:1b:56:2d:47:d9:8d:a4:94:
7f:b0:a9:6d:c7:68:67:6e:ea:5e:68:7f:4e:27:21:
24:5f:70:e1:7a:0b:58:a5:b2:e7:f8:1a:47:47:36:
52:d6:9f:4d:b0:d3:51:98:ba:70:c2:56:bc:79:87:
33:c1:e3:ca:03:45:c7:04:9a:f9:e1:7a:13:00:f1:
ff:4e:4e:71:53:ae:b6:82:cd:4f:cf:01:b0:23:f7:
48:cf:c3:9f:56:6b:39:cd:ef:5e:b9:ca:12:85:84:
41:c7:16:6d:fc:1e:65:a9:0f:cf:77:d2:e6:c6:52:
50:04:11:a6:2d:67:06:e9:cd:de:fb:b0:34:69:87:
d3:34:3c:79:58:e8:40:ed:ad:45:9a:6e:15:14:67:
a2:a2:12:c4:fa:b8:fc:1c:ec:35:37:bd:e1:0f:c8:
15:31:96:0e:90:78:77:e7:c2:c6:cf:07:80:da:17:
5e:1a:64:29:5c:0d:e2:c7:c7:94:8c:bb:a8:98:1f:
b8:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:5B:19:07:3C:CA:1F:F6:00:A5:E4:F3:A2:9D:70:B1:D7:0C:EA:0A
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6c826f56-d1e7-4f1c-9da9-d1e523c4c28f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.0.0.0/22
Signature Algorithm: sha256WithRSAEncryption
96:f5:35:53:db:35:61:11:4d:b9:94:f3:88:be:9a:82:fa:99:
cd:a2:f4:fc:93:b9:f9:d5:0c:f5:de:7c:49:96:1f:85:10:38:
ea:81:d7:e5:59:d4:82:b7:b1:53:8c:6f:7e:94:cd:d3:ae:ce:
b6:8b:a8:52:10:30:cc:10:b7:f1:3c:17:5c:b6:a8:e7:c7:76:
86:a2:cd:81:10:39:4c:53:05:5b:96:61:3a:d7:d9:3a:eb:bb:
a5:a2:d6:19:3b:15:e4:2f:10:4d:1d:b2:02:72:cc:ac:d9:2a:
62:76:99:98:ee:dd:98:fa:5f:a8:44:50:48:bc:4e:83:1b:c5:
27:f6:76:4e:c9:c6:65:67:4c:51:64:10:1c:c5:de:2a:42:76:
b0:3f:b4:60:cb:15:74:81:b2:0a:3e:2d:62:fb:fc:a6:34:57:
69:64:a9:09:9c:c6:d8:5d:49:78:17:3b:25:9d:0c:69:7e:99:
48:d2:4e:d3:70:da:9a:18:59:0a:fc:f9:0b:a1:45:05:57:8a:
50:84:43:a0:d2:80:1e:50:a0:78:a7:36:bd:87:aa:fe:e5:a3:
34:73:36:58:4e:22:d1:04:7e:50:3a:c3:e4:9b:56:42:9c:d1:
ff:35:7b:26:d1:bc:7e:ce:21:45:5c:8e:f4:b6:c9:1a:61:3f:
33:f1:6b:d8
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUBCphrOgC5eapbCYew9j4EenQuHswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMDAwMDAwMFoX
DTI1MDIxNDIzNTk1OVowejFJMEcGA1UEBRNAZWE0OTJlMDEyZTNkODczYmE4YjQz
N2UxYWE2MGRmYjA1NTVhN2RlYjViMGMxOWFjOGRjYTUwMDg0YWM1ZGE5ZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAypK5yYxuSbIo6lWxF/+G9bPoCidL
YwFJGpIT1tjnz8APrCg4I55Ol/qt+1KhlSy7DjqEo6i41kfERgg9oOQzaiEWG1Yt
R9mNpJR/sKltx2hnbupeaH9OJyEkX3DhegtYpbLn+BpHRzZS1p9NsNNRmLpwwla8
eYczwePKA0XHBJr54XoTAPH/Tk5xU662gs1PzwGwI/dIz8OfVms5ze9eucoShYRB
xxZt/B5lqQ/Pd9LmxlJQBBGmLWcG6c3e+7A0aYfTNDx5WOhA7a1Fmm4VFGeiohLE
+rj8HOw1N73hD8gVMZYOkHh358LGzweA2hdeGmQpXA3ix8eUjLuomB+4vQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFAxbGQc8yh/2AKXk86KdcLHXDOoKMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzZjODI2ZjU2LWQxZTctNGYxYy05ZGE5LWQxZTUyM2M0YzI4Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCGwAAMA0GCSqGSIb3DQEBCwUAA4IBAQCW9TVT2zVhEU25lPOIvpqC
+pnNovT8k7n51Qz13nxJlh+FEDjqgdflWdSCt7FTjG9+lM3Trs62i6hSEDDMELfx
PBdctqjnx3aGos2BEDlMUwVblmE619k667ulotYZOxXkLxBNHbICcsys2SpidpmY
7t2Y+l+oRFBIvE6DG8Un9nZOycZlZ0xRZBAcxd4qQnawP7RgyxV0gbIKPi1i+/ym
NFdpZKkJnMbYXUl4FzslnQxpfplI0k7TcNqaGFkK/PkLoUUFV4pQhEOg0oAeUKB4
pza9h6r+5aM0czZYTiLRBH5QOsPkm1ZCnNH/NXsm0bx+ziFFXI70tskaYT8z8WvY
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:29:25 2025 by rpki-client