Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9cb246f9-1e8a-4a94-a021-2e5403a01093.roa
File: 9cb246f9-1e8a-4a94-a021-2e5403a01093.roa (raw, json)
Hash identifier: VIB59VxDU+GW+cil4lyPWqEoHOW1qfl2XeKuqyMN+rE=
Subject key identifier: 2F:CE:7B:90:7E:82:51:6A:3C:FD:92:0A:C0:24:C2:60:82:C4:C8:FD
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 02B0967C4BE83B1E49B1FCD4A05A4363383C707D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9cb246f9-1e8a-4a94-a021-2e5403a01093.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:e000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:b0:96:7c:4b:e8:3b:1e:49:b1:fc:d4:a0:5a:43:63:38:3c:70:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: serialNumber=7f53c32b5a00c97877cb869c285aa536133af1f192446b3c96141956d386d71e, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:4b:0b:95:bb:a3:6a:3b:78:59:3c:c1:58:17:
0f:3e:6f:47:b2:ba:c5:74:50:98:35:cb:7a:5f:6d:
7c:58:ed:be:60:1e:62:fb:a6:5c:f2:a0:32:f1:b0:
5e:6b:51:a9:1c:a3:4a:cd:2b:95:84:f8:da:c4:70:
aa:e9:13:9d:40:c6:03:9d:31:34:9c:df:02:8d:57:
6d:84:d4:ca:9b:0c:e2:56:49:44:c8:d1:38:1d:ea:
6c:c4:a2:0d:f9:46:90:b4:7b:bd:0e:42:95:51:01:
fb:f1:bc:57:12:de:54:c9:20:ab:2e:69:a8:92:8d:
32:4e:54:d6:e8:af:43:92:ec:f9:d8:86:64:d6:e5:
ca:4d:18:fb:a6:40:eb:0b:a1:fc:b6:54:7f:f7:58:
be:59:43:b3:e3:7b:a5:11:27:7e:48:be:2c:70:66:
3d:8b:3e:e3:30:b1:7a:66:af:de:b9:98:ce:4a:2f:
78:9d:61:40:4a:ea:89:dc:74:3c:8f:c7:0d:b2:c0:
37:14:d8:2a:2c:24:6e:29:a0:6f:d7:c4:d5:f6:cf:
b5:21:5a:c2:38:62:c2:9d:d8:c5:ef:f1:6f:e2:94:
e2:c1:ff:37:24:2c:ea:5d:63:78:2c:94:6e:81:ae:
40:35:1d:f8:cc:8e:34:5e:26:64:54:1f:5e:83:fd:
6c:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:CE:7B:90:7E:82:51:6A:3C:FD:92:0A:C0:24:C2:60:82:C4:C8:FD
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9cb246f9-1e8a-4a94-a021-2e5403a01093.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:e000::/40
Signature Algorithm: sha256WithRSAEncryption
5a:6b:fa:b0:e8:4a:f1:d7:46:5f:52:52:05:3b:a7:fe:84:49:
ce:33:72:11:37:1d:e9:f8:85:c3:6a:10:53:9f:95:de:24:53:
d9:7a:b5:27:af:c3:8e:b1:9f:84:8f:9b:95:70:24:f6:69:15:
0c:45:e7:4d:2d:28:06:7b:da:e9:f7:4b:12:08:f8:98:78:5c:
9a:e7:c1:97:25:71:44:06:e0:05:9e:e1:f0:89:61:f2:14:95:
27:76:56:9e:80:b3:6e:09:94:e0:21:10:a3:2b:e8:a1:0c:95:
2e:84:54:59:9f:21:a8:24:3b:50:ec:3d:41:ed:96:90:2d:22:
99:a2:84:bf:25:09:48:6f:c3:92:37:aa:a2:a5:10:34:98:a7:
b0:74:1a:2d:34:e5:4e:da:db:83:4f:d9:f4:38:ce:71:f2:3c:
28:51:61:ba:14:0e:e9:5e:ac:af:64:5c:bd:10:ef:ed:70:c7:
72:15:b0:98:56:d9:0f:09:24:49:e1:18:4c:9e:39:45:42:7d:
c2:03:35:cc:f8:16:a1:95:73:04:a9:83:48:e9:b5:23:a2:61:
be:fb:2c:d5:80:6d:94:ed:37:57:10:e3:52:f8:b2:d0:96:08:
2c:1e:ae:cc:ff:31:a6:ad:ec:38:e5:41:32:04:20:09:c8:09:
fb:75:c0:54
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUArCWfEvoOx5JsfzUoFpDYzg8cH0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAN2Y1M2MzMmI1YTAwYzk3ODc3Y2I4
NjljMjg1YWE1MzYxMzNhZjFmMTkyNDQ2YjNjOTYxNDE5NTZkMzg2ZDcxZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2ksLlbujajt4WTzBWBcPPm9HsrrF
dFCYNct6X218WO2+YB5i+6Zc8qAy8bBea1GpHKNKzSuVhPjaxHCq6ROdQMYDnTE0
nN8CjVdthNTKmwziVklEyNE4HepsxKIN+UaQtHu9DkKVUQH78bxXEt5UySCrLmmo
ko0yTlTW6K9Dkuz52IZk1uXKTRj7pkDrC6H8tlR/91i+WUOz43ulESd+SL4scGY9
iz7jMLF6Zq/euZjOSi94nWFASuqJ3HQ8j8cNssA3FNgqLCRuKaBv18TV9s+1IVrC
OGLCndjF7/Fv4pTiwf83JCzqXWN4LJRuga5ANR34zI40XiZkVB9eg/1sVQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFC/Oe5B+glFqPP2SCsAkwmCCxMj9MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzljYjI0NmY5LTFlOGEtNGE5NC1hMDIxLTJlNTQwM2EwMTA5My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/+AwDQYJKoZIhvcNAQELBQADggEBAFpr+rDoSvHXRl9SUgU7
p/6ESc4zchE3Hen4hcNqEFOfld4kU9l6tSevw46xn4SPm5VwJPZpFQxF500tKAZ7
2un3SxII+Jh4XJrnwZclcUQG4AWe4fCJYfIUlSd2Vp6As24JlOAhEKMr6KEMlS6E
VFmfIagkO1DsPUHtlpAtIpmihL8lCUhvw5I3qqKlEDSYp7B0Gi005U7a24NP2fQ4
znHyPChRYboUDulerK9kXL0Q7+1wx3IVsJhW2Q8JJEnhGEyeOUVCfcIDNcz4FqGV
cwSpg0jptSOiYb77LNWAbZTtN1cQ41L4stCWCCwersz/Maat7DjlQTIEIAnICft1
wFQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:33:13 2025 by rpki-client