Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a27a6eed-8d4e-4ed8-a0e5-18566991ae5c.roa
File: a27a6eed-8d4e-4ed8-a0e5-18566991ae5c.roa (raw, json)
Hash identifier: +SyVOl809vNP5i/xI8ArYrguWh2xTFvP0p/qormDHAw=
Subject key identifier: 1A:00:E9:F6:65:FE:BF:A3:FE:7F:BB:EB:CB:F0:DE:7F:24:EC:6E:64
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 450C2F8454F71974BD36B1780528169604C25420
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a27a6eed-8d4e-4ed8-a0e5-18566991ae5c.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafc:ff60::/46 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
45:0c:2f:84:54:f7:19:74:bd:36:b1:78:05:28:16:96:04:c2:54:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: serialNumber=3ffb71b93d558b0631198a7f97c3de6866b0305e83bfec56149801395bfc77d8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:69:12:5a:b4:cc:65:8d:f0:44:d3:95:6c:01:
f6:78:d6:bc:2b:cf:1b:00:85:47:07:0c:8a:32:40:
a1:42:7d:93:05:31:45:c4:8d:d8:6b:ad:53:8c:93:
f2:a1:ed:7d:1f:3b:c9:22:91:f7:da:9a:5e:ef:e9:
e1:b2:28:dc:f9:ca:60:34:bd:fb:05:fc:65:3e:98:
d4:91:f3:50:16:c4:dc:57:bb:d4:2b:ab:b9:08:91:
e5:dd:40:b0:fa:e0:28:ba:58:cc:7a:78:3c:60:50:
22:47:f1:8e:a6:02:2d:03:7d:c1:92:9e:39:e9:6f:
c8:72:0b:ad:d1:a9:d2:b1:d0:70:be:55:2a:21:3b:
e7:59:74:dd:84:bb:8f:62:64:48:92:92:5a:5f:7b:
3a:7e:8c:e2:72:a7:b9:43:57:f2:2c:4e:eb:f7:29:
f3:4f:eb:67:13:b8:fa:a0:ee:b8:dd:0e:75:9f:8f:
d8:aa:c7:18:76:bb:ed:bc:8d:42:56:7a:9b:88:f4:
c6:ec:56:76:d9:97:f9:71:e8:8a:02:37:c9:c0:fd:
a3:63:76:54:4d:59:28:f0:10:88:3f:cb:49:ab:53:
e4:70:40:e1:01:ee:9a:d8:e7:a5:62:88:6e:cf:85:
c7:9f:22:6b:0c:74:85:6a:aa:56:b1:ff:05:d6:cc:
13:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:00:E9:F6:65:FE:BF:A3:FE:7F:BB:EB:CB:F0:DE:7F:24:EC:6E:64
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a27a6eed-8d4e-4ed8-a0e5-18566991ae5c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafc:ff60::/46
Signature Algorithm: sha256WithRSAEncryption
12:ad:2a:68:f9:42:56:35:cb:b9:45:4c:db:02:73:55:a1:66:
1e:83:da:b7:3e:22:cc:7c:93:6f:37:a7:1f:ad:fb:f4:d3:71:
57:c2:48:73:ba:ca:24:da:00:22:5b:af:0c:36:04:13:79:d5:
6c:d8:76:96:43:47:8e:7a:b6:68:e4:dc:bd:3e:6b:17:bf:2f:
4f:f1:23:f6:9e:ff:b9:1d:bf:79:a5:3f:3b:39:19:95:db:31:
85:39:ad:df:87:96:8c:12:36:64:5c:d8:ea:ba:09:27:cb:16:
c3:83:10:e4:e7:22:34:71:66:a9:83:b3:cc:20:c1:20:2e:9f:
55:80:e5:dc:b4:d7:12:03:b1:87:14:b0:f4:c8:a5:1b:32:e3:
38:b9:d4:43:bf:df:9b:c2:82:37:e2:48:57:45:b9:78:4a:e1:
67:84:63:71:5f:74:10:5e:9e:56:57:61:4f:ba:74:c2:26:c5:
5f:3c:c0:3e:21:92:11:2b:95:59:c3:ee:8b:ce:05:05:bc:37:
e3:26:57:e4:72:77:d2:46:1b:3e:4e:f8:cc:e0:61:a1:60:e8:
71:cf:54:0d:3d:d9:3a:a3:3b:5e:ff:58:9c:42:b6:e6:97:ee:
af:e1:be:d7:6b:74:6b:3d:ff:e6:da:51:19:19:70:96:f7:72:
5f:27:38:10
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIURQwvhFT3GXS9NrF4BSgWlgTCVCAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAM2ZmYjcxYjkzZDU1OGIwNjMxMTk4
YTdmOTdjM2RlNjg2NmIwMzA1ZTgzYmZlYzU2MTQ5ODAxMzk1YmZjNzdkODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGkSWrTMZY3wRNOVbAH2eNa8K88b
AIVHBwyKMkChQn2TBTFFxI3Ya61TjJPyoe19HzvJIpH32ppe7+nhsijc+cpgNL37
BfxlPpjUkfNQFsTcV7vUK6u5CJHl3UCw+uAouljMeng8YFAiR/GOpgItA33Bkp45
6W/Icgut0anSsdBwvlUqITvnWXTdhLuPYmRIkpJaX3s6fozicqe5Q1fyLE7r9ynz
T+tnE7j6oO643Q51n4/YqscYdrvtvI1CVnqbiPTG7FZ22Zf5ceiKAjfJwP2jY3ZU
TVko8BCIP8tJq1PkcEDhAe6a2OelYohuz4XHnyJrDHSFaqpWsf8F1swTeQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFBoA6fZl/r+j/n+768vw3n8k7G5kMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2EyN2E2ZWVkLThkNGUtNGVkOC1hMGU1LTE4NTY2OTkxYWU1Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba/P9gMA0GCSqGSIb3DQEBCwUAA4IBAQASrSpo+UJWNcu5RUzb
AnNVoWYeg9q3PiLMfJNvN6cfrfv003FXwkhzusok2gAiW68MNgQTedVs2HaWQ0eO
erZo5Ny9PmsXvy9P8SP2nv+5Hb95pT87ORmV2zGFOa3fh5aMEjZkXNjqugknyxbD
gxDk5yI0cWapg7PMIMEgLp9VgOXctNcSA7GHFLD0yKUbMuM4udRDv9+bwoI34khX
Rbl4SuFnhGNxX3QQXp5WV2FPunTCJsVfPMA+IZIRK5VZw+6LzgUFvDfjJlfkcnfS
Rhs+TvjM4GGhYOhxz1QNPdk6ozte/1icQrbml+6v4b7Xa3RrPf/m2lEZGXCW93Jf
JzgQ
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:30:56 2025 by rpki-client