Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a1361f9d-9fd0-413e-80ed-1194152eac1f.roa
File: a1361f9d-9fd0-413e-80ed-1194152eac1f.roa (raw, json)
Hash identifier: NAGmb2p5UhvD3AANngMyUj1HsoNCfo3f/R178t7P3Xo=
Subject key identifier: 49:26:00:C9:98:64:44:8D:68:DF:67:1D:CA:3E:46:A7:94:04:78:83
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 62EBA5B08876CC20704CE8A2F7479D2880485A42
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a1361f9d-9fd0-413e-80ed-1194152eac1f.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da1c::/36 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
62:eb:a5:b0:88:76:cc:20:70:4c:e8:a2:f7:47:9d:28:80:48:5a:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: serialNumber=d9421d1fbd72d5c6947276c1eb0b810860d1179b07599290e50bebd2ebb696c0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:62:0e:25:27:0c:80:46:d0:f2:b7:ff:51:44:
9b:2a:fb:af:76:cc:9b:b2:8a:60:f2:7a:1c:67:1d:
2e:9a:9e:00:e4:44:10:36:3f:38:05:7d:e8:81:9b:
b3:81:44:7b:13:e0:b5:cf:40:e1:0e:68:e9:21:03:
3c:cf:aa:9a:4a:c8:44:f3:32:2b:24:46:70:c9:34:
c6:5f:63:e8:e6:17:bb:1c:5a:4f:29:fd:9a:40:3a:
06:47:17:dd:4c:f4:8d:a6:10:29:2b:8c:93:0b:ef:
01:ad:60:1d:75:87:17:87:dc:c0:c1:de:69:e6:fc:
3b:1c:cd:ea:b5:d6:58:49:29:51:7b:47:ea:ec:b0:
53:2a:84:d2:2f:14:6d:68:ff:a5:8d:21:7d:03:e2:
12:7b:72:bf:8e:8e:e4:cf:82:67:ae:6e:18:3d:53:
33:c2:a7:0a:03:8c:d4:fa:4f:4e:4f:ad:fc:fb:a1:
b0:21:20:70:26:ee:d5:c7:8e:7e:ca:e9:22:6f:50:
c9:be:43:a9:6e:a3:38:8a:f5:9a:e9:59:af:3a:84:
e2:ee:d5:11:43:26:e7:e0:d2:fb:ea:90:27:26:01:
8a:6e:71:b8:2d:41:cd:c2:aa:b4:ea:4c:d4:c8:9c:
85:4e:df:97:8f:fe:a2:05:dd:1d:64:52:ba:04:fb:
be:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
49:26:00:C9:98:64:44:8D:68:DF:67:1D:CA:3E:46:A7:94:04:78:83
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a1361f9d-9fd0-413e-80ed-1194152eac1f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da1c::/36
Signature Algorithm: sha256WithRSAEncryption
b9:27:38:3d:00:18:0e:9b:46:6b:77:15:83:49:bb:96:04:7a:
4c:b1:10:34:69:d0:28:97:a9:0f:a9:88:7e:63:9d:f6:97:f4:
28:6b:4e:19:a2:ea:9b:d4:94:1a:24:ad:78:10:d0:60:f0:b8:
62:e3:16:10:84:44:e6:96:c1:c6:71:fa:ba:ff:d0:31:01:36:
cf:3f:02:5e:a1:61:69:1f:2a:37:37:5f:56:82:ce:21:ba:4a:
a5:a5:8e:87:66:9f:9d:a5:01:44:1e:7e:9f:c9:3a:8d:ac:84:
f6:f5:a4:16:65:f9:74:55:44:bc:ae:58:3e:b1:95:28:87:82:
b4:87:01:91:ba:54:da:21:ff:66:97:08:a4:ca:40:50:ff:8b:
c4:10:20:4d:cc:94:38:ff:36:57:19:64:77:e0:91:40:42:53:
43:b4:cc:67:1d:3d:c1:4c:48:11:62:0c:11:15:61:b1:dd:be:
fa:bd:14:9d:1e:1c:a6:a9:0b:c5:7b:13:f0:77:ed:22:fa:0b:
1e:12:11:fd:67:96:ca:82:76:79:ba:b6:de:90:d4:6d:27:bb:
0c:f8:b7:20:24:26:4c:3a:bb:57:2c:a3:c9:40:e1:5a:56:3f:
21:a9:d1:b4:13:a0:79:28:ad:93:57:a5:c2:ef:24:b1:f9:dd:
ca:c6:65:28
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUYuulsIh2zCBwTOii90edKIBIWkIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAZDk0MjFkMWZiZDcyZDVjNjk0NzI3
NmMxZWIwYjgxMDg2MGQxMTc5YjA3NTk5MjkwZTUwYmViZDJlYmI2OTZjMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt2IOJScMgEbQ8rf/UUSbKvuvdsyb
sopg8nocZx0ump4A5EQQNj84BX3ogZuzgUR7E+C1z0DhDmjpIQM8z6qaSshE8zIr
JEZwyTTGX2Po5he7HFpPKf2aQDoGRxfdTPSNphApK4yTC+8BrWAddYcXh9zAwd5p
5vw7HM3qtdZYSSlRe0fq7LBTKoTSLxRtaP+ljSF9A+ISe3K/jo7kz4Jnrm4YPVMz
wqcKA4zU+k9OT638+6GwISBwJu7Vx45+yukib1DJvkOpbqM4ivWa6VmvOoTi7tUR
Qybn4NL76pAnJgGKbnG4LUHNwqq06kzUyJyFTt+Xj/6iBd0dZFK6BPu+GQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEkmAMmYZESNaN9nHco+RqeUBHiDMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ExMzYxZjlkLTlmZDAtNDEzZS04MGVkLTExOTQxNTJlYWMxZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYEJAbaHAAwDQYJKoZIhvcNAQELBQADggEBALknOD0AGA6bRmt3FYNJ
u5YEekyxEDRp0CiXqQ+piH5jnfaX9ChrThmi6pvUlBokrXgQ0GDwuGLjFhCEROaW
wcZx+rr/0DEBNs8/Al6hYWkfKjc3X1aCziG6SqWljodmn52lAUQefp/JOo2shPb1
pBZl+XRVRLyuWD6xlSiHgrSHAZG6VNoh/2aXCKTKQFD/i8QQIE3MlDj/NlcZZHfg
kUBCU0O0zGcdPcFMSBFiDBEVYbHdvvq9FJ0eHKapC8V7E/B37SL6Cx4SEf1nlsqC
dnm6tt6Q1G0nuwz4tyAkJkw6u1cso8lA4VpWPyGp0bQToHkorZNXpcLvJLH53crG
ZSg=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:33:50 2025 by rpki-client