Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b470748f-5988-4a4c-a004-6bf2c03dec55.roa
File: b470748f-5988-4a4c-a004-6bf2c03dec55.roa (raw, json)
Hash identifier: DjnjeI3KKldPQHzhNp8dtgMX79N5aRasklXMuMyRsTw=
Subject key identifier: B4:A8:3B:3A:E0:51:73:F8:2C:40:9D:2E:A4:AB:76:33:BF:D9:A7:6F
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7C15AE4DD801C9570B999FF45FF74E50372C72C4
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b470748f-5988-4a4c-a004-6bf2c03dec55.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafc:4800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7c:15:ae:4d:d8:01:c9:57:0b:99:9f:f4:5f:f7:4e:50:37:2c:72:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: serialNumber=622d86ae71146c052a61c10351ab21ac5383a816183dd47f4e1553f5723c9f84, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:db:82:a3:6f:44:e1:4d:a4:9a:3c:57:a3:d0:
6e:5d:8e:19:7f:f1:8d:45:65:10:82:3d:de:af:52:
3c:20:ee:6d:de:42:ff:09:1c:47:a6:3d:8a:2f:3f:
3d:1a:cd:59:fd:e5:3e:72:27:44:4c:c3:2f:e8:52:
5e:89:93:12:ee:05:aa:4e:24:87:c9:65:2d:c2:6d:
2c:37:cc:5e:58:a6:f9:1e:40:83:85:78:a5:45:fb:
a3:f9:03:1c:60:63:f8:23:cd:e4:2d:be:a6:b1:7a:
4e:3e:c0:7e:0d:b1:a1:de:41:d4:d2:55:75:2d:71:
5a:73:80:b2:6b:84:90:15:01:ad:d4:e9:2e:8c:cf:
7a:d9:4e:c1:31:fd:57:0d:42:57:fc:24:fc:b0:e6:
52:ef:b1:92:b0:cf:4f:a9:0a:c9:ed:4a:01:c9:20:
53:ff:f2:d8:f8:9d:1d:9e:1e:62:a1:21:0e:81:b6:
01:fb:3a:bd:49:dd:5e:ea:6b:7e:cd:c7:d7:dd:93:
02:11:15:1b:4b:16:1f:6c:dc:53:4b:43:2e:d8:63:
ec:e6:1b:91:2f:6f:50:54:04:4c:17:d6:00:82:12:
97:6a:fe:1c:58:fa:d3:1b:df:ad:24:72:52:28:90:
0a:36:e8:44:bd:59:0d:02:c0:f8:46:5f:9e:84:3d:
23:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:A8:3B:3A:E0:51:73:F8:2C:40:9D:2E:A4:AB:76:33:BF:D9:A7:6F
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b470748f-5988-4a4c-a004-6bf2c03dec55.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafc:4800::/40
Signature Algorithm: sha256WithRSAEncryption
0e:af:08:a5:06:85:0f:97:01:2f:ec:63:79:bb:72:e4:0e:b8:
0c:16:fb:2d:33:8c:0d:4f:ee:47:9c:c7:2c:9f:77:6c:bb:b7:
21:94:af:df:21:44:61:0a:55:ea:bb:00:bd:bd:bb:dc:ef:57:
24:c0:2f:6a:f3:ee:20:bf:d8:ca:6f:1c:0b:9d:0c:0f:26:d6:
f4:c2:11:c2:93:60:d4:f8:c5:87:30:36:af:23:07:c2:18:29:
42:6d:cc:84:77:c8:76:01:59:f7:6d:1b:7d:de:ef:91:9f:a3:
0a:f6:82:34:ce:4b:d5:50:a4:8c:13:9c:06:dd:bc:26:66:1f:
73:b4:21:fb:24:bd:a8:5d:46:6b:06:9d:5c:1f:3a:93:8a:86:
6e:99:92:1d:2b:de:a9:8e:51:9f:cc:ac:36:da:e6:df:cb:41:
e9:ac:a1:db:e9:e2:95:d0:d2:1f:c5:26:6f:3e:b3:82:cf:e6:
2a:be:ca:06:42:86:31:72:5a:88:66:aa:ef:94:4d:31:0c:1f:
74:45:cf:8b:b2:55:8b:d7:25:97:e6:69:03:05:cd:ba:74:54:
02:2a:e2:1c:85:24:42:76:33:2f:eb:bb:07:cb:d1:b4:a3:0f:
6f:d4:89:0e:32:48:8c:58:a2:21:0a:26:ce:b2:7d:4c:4c:fc:
ec:fc:96:b5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUfBWuTdgByVcLmZ/0X/dOUDcscsQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNANjIyZDg2YWU3MTE0NmMwNTJhNjFj
MTAzNTFhYjIxYWM1MzgzYTgxNjE4M2RkNDdmNGUxNTUzZjU3MjNjOWY4NDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApduCo29E4U2kmjxXo9BuXY4Zf/GN
RWUQgj3er1I8IO5t3kL/CRxHpj2KLz89Gs1Z/eU+cidETMMv6FJeiZMS7gWqTiSH
yWUtwm0sN8xeWKb5HkCDhXilRfuj+QMcYGP4I83kLb6msXpOPsB+DbGh3kHU0lV1
LXFac4Cya4SQFQGt1OkujM962U7BMf1XDUJX/CT8sOZS77GSsM9PqQrJ7UoBySBT
//LY+J0dnh5ioSEOgbYB+zq9Sd1e6mt+zcfX3ZMCERUbSxYfbNxTS0Mu2GPs5huR
L29QVARMF9YAghKXav4cWPrTG9+tJHJSKJAKNuhEvVkNAsD4Rl+ehD0jOQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLSoOzrgUXP4LECdLqSrdjO/2advMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2I0NzA3NDhmLTU5ODgtNGE0Yy1hMDA0LTZiZjJjMDNkZWM1NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/EgwDQYJKoZIhvcNAQELBQADggEBAA6vCKUGhQ+XAS/sY3m7
cuQOuAwW+y0zjA1P7kecxyyfd2y7tyGUr98hRGEKVeq7AL29u9zvVyTAL2rz7iC/
2MpvHAudDA8m1vTCEcKTYNT4xYcwNq8jB8IYKUJtzIR3yHYBWfdtG33e75Gfowr2
gjTOS9VQpIwTnAbdvCZmH3O0IfskvahdRmsGnVwfOpOKhm6Zkh0r3qmOUZ/MrDba
5t/LQemsodvp4pXQ0h/FJm8+s4LP5iq+ygZChjFyWohmqu+UTTEMH3RFz4uyVYvX
JZfmaQMFzbp0VAIq4hyFJEJ2My/ruwfL0bSjD2/UiQ4ySIxYoiEKJs6yfUxM/Oz8
lrU=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:36:53 2025 by rpki-client