Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/885b5ce4-a69f-43ea-9b3e-ff7cac764e58.roa
File: 885b5ce4-a69f-43ea-9b3e-ff7cac764e58.roa (raw, json)
Hash identifier: alOaah4JVU0EyQWCU9AYfOYe6eBJK9u9avXE58JjUEc=
Subject key identifier: 05:54:FB:DE:CF:78:58:97:93:F5:3C:97:B5:29:43:78:76:52:B8:71
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1D06F12EFF526D36613F8C3E2781B79B3162CE08
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/885b5ce4-a69f-43ea-9b3e-ff7cac764e58.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:20c0::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:06:f1:2e:ff:52:6d:36:61:3f:8c:3e:27:81:b7:9b:31:62:ce:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=27f7ffc7a37716cfefb6da8afb8d4bf62cfc53b0efaa3540abb31f0864ff2113, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:a0:fb:3b:e9:02:77:b2:0d:8b:9c:f7:18:db:
90:9b:13:10:76:6c:76:49:b3:79:a4:ae:00:93:a4:
e9:b6:9a:e4:85:1c:b2:e0:aa:a7:a6:5a:9a:af:c0:
a7:04:d4:c6:c4:fd:e7:19:34:d5:ba:86:1d:c8:91:
39:47:e1:c5:cd:03:f5:bf:46:72:f7:37:94:56:91:
4f:36:fd:ea:89:1e:5d:2a:b6:67:2d:45:f6:69:ec:
97:5d:04:65:c4:8c:12:56:d3:02:1a:87:ac:b6:25:
9e:27:d0:d8:1b:1f:f2:7e:5c:ef:82:5d:06:ce:c2:
7e:85:8d:9b:53:bb:e5:eb:a8:45:b1:b9:e6:f4:ec:
1e:a6:df:8a:8e:c4:81:77:cf:33:7f:5f:33:df:89:
84:c9:f5:ea:33:53:70:84:12:a6:86:92:5f:13:6e:
08:97:69:87:7e:9f:a3:3a:3f:cc:22:5c:93:40:e2:
66:72:71:0f:0a:12:83:bd:06:50:f1:05:65:a1:3b:
7a:8a:7d:78:ce:15:54:f9:22:e3:f2:bb:c7:de:13:
6c:56:d8:04:d3:13:25:50:ae:98:53:9b:45:27:55:
b9:4d:ca:0c:d0:b9:d5:9f:30:cb:c8:d4:86:ad:04:
f3:85:e8:31:6f:84:96:26:1f:31:98:5b:2c:bc:ab:
ca:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:54:FB:DE:CF:78:58:97:93:F5:3C:97:B5:29:43:78:76:52:B8:71
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/885b5ce4-a69f-43ea-9b3e-ff7cac764e58.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:20c0::/46
Signature Algorithm: sha256WithRSAEncryption
7d:3b:5b:50:94:60:0c:03:98:0b:5b:23:ea:fd:e8:e4:36:07:
a8:83:e8:0a:1c:b2:45:65:c5:d9:32:fa:a6:43:75:19:2d:c7:
f4:d6:79:c5:02:70:07:30:a6:4d:aa:c0:95:ae:f3:5f:7d:2e:
25:86:46:42:3b:d1:eb:4f:a6:ce:e8:38:e1:fd:7d:ad:ae:be:
9e:6b:9a:53:3e:90:75:2d:31:f1:a3:5e:0f:27:b1:4f:43:b4:
a0:dd:4e:14:d8:16:27:0e:fc:e3:f3:b6:8c:f0:fe:fc:03:26:
50:47:d0:a6:13:d0:ec:20:71:f7:21:72:79:a0:4e:3f:c3:82:
40:2a:14:2c:72:c5:f4:ab:8d:c9:e6:b0:4a:de:a9:1d:91:58:
b9:e8:0a:10:56:cb:b4:5f:77:b4:11:6c:9b:a6:dd:1b:59:68:
00:f0:42:0a:1d:66:79:90:9e:11:2b:76:be:6c:19:0f:f5:cd:
01:3b:7d:c6:ad:e6:b1:9b:54:fb:3b:ac:8b:9a:a8:b5:b3:50:
80:78:f8:04:4a:70:e4:ce:80:58:f6:25:f6:e0:3f:b5:75:e8:
75:19:ed:20:47:05:4f:1a:0f:5a:0b:77:e1:bf:75:71:b3:a0:
6e:05:2e:13:ec:1b:1d:b3:63:15:85:8b:45:15:7e:f2:10:c8:
cc:8d:11:a4
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUHQbxLv9SbTZhP4w+J4G3mzFizggwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMjdmN2ZmYzdhMzc3MTZjZmVmYjZk
YThhZmI4ZDRiZjYyY2ZjNTNiMGVmYWEzNTQwYWJiMzFmMDg2NGZmMjExMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy6D7O+kCd7INi5z3GNuQmxMQdmx2
SbN5pK4Ak6TptprkhRyy4Kqnplqar8CnBNTGxP3nGTTVuoYdyJE5R+HFzQP1v0Zy
9zeUVpFPNv3qiR5dKrZnLUX2aeyXXQRlxIwSVtMCGoestiWeJ9DYGx/yflzvgl0G
zsJ+hY2bU7vl66hFsbnm9Owept+KjsSBd88zf18z34mEyfXqM1NwhBKmhpJfE24I
l2mHfp+jOj/MIlyTQOJmcnEPChKDvQZQ8QVloTt6in14zhVU+SLj8rvH3hNsVtgE
0xMlUK6YU5tFJ1W5TcoM0LnVnzDLyNSGrQTzhegxb4SWJh8xmFssvKvK+QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAVU+97PeFiXk/U8l7UpQ3h2UrhxMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzg4NWI1Y2U0LWE2OWYtNDNlYS05YjNlLWZmN2NhYzc2NGU1OC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaYCDAMA0GCSqGSIb3DQEBCwUAA4IBAQB9O1tQlGAMA5gLWyPq
/ejkNgeog+gKHLJFZcXZMvqmQ3UZLcf01nnFAnAHMKZNqsCVrvNffS4lhkZCO9Hr
T6bO6Djh/X2trr6ea5pTPpB1LTHxo14PJ7FPQ7Sg3U4U2BYnDvzj87aM8P78AyZQ
R9CmE9DsIHH3IXJ5oE4/w4JAKhQscsX0q43J5rBK3qkdkVi56AoQVsu0X3e0EWyb
pt0bWWgA8EIKHWZ5kJ4RK3a+bBkP9c0BO33Greaxm1T7O6yLmqi1s1CAePgESnDk
zoBY9iX24D+1deh1Ge0gRwVPGg9aC3fhv3Vxs6BuBS4T7Bsds2MVhYtFFX7yEMjM
jRGk
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:29:22 2025 by rpki-client