Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8afcb99e-66f7-4122-b1f9-0045ba8d1def.roa
File: 8afcb99e-66f7-4122-b1f9-0045ba8d1def.roa (raw, json)
Hash identifier: gCq+upMIGcH7Sx+WzhQyoXzU0v2VBGdgnOwEUAKZpqk=
Subject key identifier: 19:13:13:4D:C6:57:76:77:F8:03:71:F2:48:3A:98:E0:7B:4E:09:E5
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: BB252C7FA4A980B6E605D5F05F20280DD47586
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8afcb99e-66f7-4122-b1f9-0045ba8d1def.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:c040::/46 maxlen: 46
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
bb:25:2c:7f:a4:a9:80:b6:e6:05:d5:f0:5f:20:28:0d:d4:75:86
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=0518643396ea8d84bf14439d56391631edf09d4bd40b91b09d33f0760ed4c4e3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:96:ce:5d:0e:f0:c5:74:31:95:e2:84:1a:cf:
c3:3e:ef:f8:81:8a:e2:c6:ee:41:55:5b:d7:a2:a3:
06:99:05:d4:41:7b:83:58:38:d4:0a:2d:c6:4d:47:
dc:1e:44:f0:7f:d9:63:19:98:07:1c:b7:e1:29:05:
67:e0:a1:11:73:4f:9b:92:19:34:c7:94:29:83:b8:
a6:ff:ef:19:c2:9e:5b:5a:d4:17:96:ca:90:dd:56:
bc:41:c4:47:1e:96:b8:90:e3:1a:68:a5:ed:4a:36:
ca:55:8d:fb:45:7f:81:06:fa:97:5b:d2:c8:00:01:
1d:36:a2:38:26:27:db:7e:3b:5c:d4:b0:77:dc:84:
df:b8:0a:40:21:d0:d6:b3:60:1f:09:c5:70:e3:c2:
9d:a6:64:87:dc:5f:85:ac:17:cb:51:3d:45:d5:dd:
32:29:3c:41:fd:7e:92:9f:a3:f6:fa:71:92:ef:45:
08:d9:a6:29:57:6c:7f:57:80:2c:4f:95:64:5f:c4:
cf:fb:88:56:b7:2e:3e:62:d5:5a:a1:3c:34:a2:38:
bb:0e:64:35:14:0f:71:76:d9:f5:1a:32:63:50:e1:
01:8e:89:ab:bb:c0:68:10:3c:78:7c:d0:19:16:e5:
d1:8b:0c:b9:a4:31:a8:51:61:ae:5f:79:44:98:e1:
da:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:13:13:4D:C6:57:76:77:F8:03:71:F2:48:3A:98:E0:7B:4E:09:E5
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8afcb99e-66f7-4122-b1f9-0045ba8d1def.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:c040::/46
Signature Algorithm: sha256WithRSAEncryption
95:60:e3:81:a4:bc:81:7c:13:d0:c6:0f:51:33:cc:09:b3:24:
94:41:45:bd:17:5f:97:6d:7d:8f:14:45:a4:31:5f:69:8e:c8:
73:2e:20:aa:89:d4:7c:8d:96:04:27:96:d3:3a:fb:3e:be:b0:
3b:67:69:08:53:e8:4d:cd:0d:4d:80:34:3f:46:da:2b:29:3a:
87:ad:69:9a:61:b9:a5:eb:c2:f7:23:d5:b3:4f:cc:4b:07:01:
0c:fa:96:22:47:d5:b8:63:c2:89:3c:34:4f:b0:18:22:9d:12:
85:44:88:07:7c:d9:b7:38:75:dc:33:2b:a4:a5:96:c8:22:ef:
04:df:6f:66:f8:3e:1b:bd:60:20:78:8b:76:24:fb:27:3d:1c:
25:5e:7a:cf:c0:3a:57:06:54:e8:7e:f0:0a:bc:bc:4f:52:8d:
1d:96:41:a6:14:fb:e9:6c:bf:27:27:d2:74:5d:51:05:88:b1:
e5:42:6c:09:1a:2c:23:9c:44:81:70:8e:3a:11:89:01:25:0f:
77:34:5b:83:4b:5e:5b:42:04:62:ef:a5:e5:d4:ab:fe:f9:1e:
d5:ea:d0:bb:18:62:42:1b:73:c9:16:97:77:4b:c3:99:d0:45:
0a:b4:f9:f1:67:cd:a4:e1:90:2a:bd:e5:37:37:d7:11:76:60:
3d:28:16:96
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUALslLH+kqYC25gXV8F8gKA3UdYYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMDUxODY0MzM5NmVhOGQ4NGJmMTQ0
MzlkNTYzOTE2MzFlZGYwOWQ0YmQ0MGI5MWIwOWQzM2YwNzYwZWQ0YzRlMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJbOXQ7wxXQxleKEGs/DPu/4gYri
xu5BVVvXoqMGmQXUQXuDWDjUCi3GTUfcHkTwf9ljGZgHHLfhKQVn4KERc0+bkhk0
x5Qpg7im/+8Zwp5bWtQXlsqQ3Va8QcRHHpa4kOMaaKXtSjbKVY37RX+BBvqXW9LI
AAEdNqI4Jifbfjtc1LB33ITfuApAIdDWs2AfCcVw48KdpmSH3F+FrBfLUT1F1d0y
KTxB/X6Sn6P2+nGS70UI2aYpV2x/V4AsT5VkX8TP+4hWty4+YtVaoTw0oji7DmQ1
FA9xdtn1GjJjUOEBjomru8BoEDx4fNAZFuXRiwy5pDGoUWGuX3lEmOHaQwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBkTE03GV3Z3+ANx8kg6mOB7TgnlMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzhhZmNiOTllLTY2ZjctNDEyMi1iMWY5LTAwNDViYThkMWRlZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaYMBAMA0GCSqGSIb3DQEBCwUAA4IBAQCVYOOBpLyBfBPQxg9R
M8wJsySUQUW9F1+XbX2PFEWkMV9pjshzLiCqidR8jZYEJ5bTOvs+vrA7Z2kIU+hN
zQ1NgDQ/RtorKTqHrWmaYbml68L3I9WzT8xLBwEM+pYiR9W4Y8KJPDRPsBginRKF
RIgHfNm3OHXcMyukpZbIIu8E329m+D4bvWAgeIt2JPsnPRwlXnrPwDpXBlTofvAK
vLxPUo0dlkGmFPvpbL8nJ9J0XVEFiLHlQmwJGiwjnESBcI46EYkBJQ93NFuDS15b
QgRi76Xl1Kv++R7V6tC7GGJCG3PJFpd3S8OZ0EUKtPnxZ82k4ZAqveU3N9cRdmA9
KBaW
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:31:54 2025 by rpki-client