Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c3a1f394-033b-41bc-adb3-c90a7239c909.roa
File: c3a1f394-033b-41bc-adb3-c90a7239c909.roa (raw, json)
Hash identifier: c1g6qGpOm3PvPih1EtBe2fC+sLUx7YbpK8ejuauLhCo=
Subject key identifier: 88:76:FD:19:98:BD:16:82:3E:D1:03:BC:F5:88:F9:F7:C3:54:1C:07
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 26D2515120EC98E7EADEE0FF4E0BBBB4C47DB942
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c3a1f394-033b-41bc-adb3-c90a7239c909.roa
Signing time: Sat 14 Dec 2024 00:00:00 +0000
ROA not before: Sat 14 Dec 2024 00:00:00 +0000
ROA not after: Sat 18 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da60:2000::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
26:d2:51:51:20:ec:98:e7:ea:de:e0:ff:4e:0b:bb:b4:c4:7d:b9:42
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 14 00:00:00 2024 GMT
Not After : Jan 18 23:59:59 2025 GMT
Subject: serialNumber=bed8e9bd2d91cb9287f543260d00fcac016bfd6402045b95266e4ce58d24ae1f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b7:70:4c:68:13:41:66:77:0e:1b:be:7f:f6:
ca:4e:ac:79:d8:47:8a:7d:32:c9:9f:f6:74:25:1d:
1f:4d:c1:97:ae:23:be:d0:b0:6d:ea:ce:86:49:34:
b3:db:48:8d:c9:cd:ac:92:42:2c:86:b6:5b:b4:fb:
67:6d:76:7e:02:65:04:37:7f:85:0c:a4:47:d8:7d:
86:c1:90:5a:18:30:15:c8:5d:ce:eb:6e:2f:d6:cb:
c6:7c:cb:9b:40:a2:d0:1f:ba:0c:fc:f3:37:77:a4:
77:a9:b5:e0:f8:eb:30:db:12:e7:ab:13:b8:9b:dd:
32:34:b7:4d:f3:4d:23:e8:eb:87:70:75:d0:78:1c:
9a:98:25:39:b8:6c:fa:b6:e1:8e:8d:1a:11:13:63:
da:c8:af:fd:3a:10:d7:dc:d1:f8:c5:f9:88:9b:6b:
6c:18:ed:85:e7:9a:bd:24:f9:32:3b:1c:a9:19:e4:
ea:4a:5b:3f:2e:59:ef:c3:df:84:0c:fc:82:9a:3e:
39:7e:d3:8d:1e:c8:2f:be:8c:16:78:ad:5b:a0:62:
35:dd:5b:08:4b:8d:ed:9a:9a:4a:fe:c2:4b:3a:1c:
3e:4a:ec:ab:ff:b6:d2:52:54:53:19:67:82:df:b1:
dc:b4:34:23:22:50:f6:32:07:c8:c2:78:7e:4a:93:
09:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:76:FD:19:98:BD:16:82:3E:D1:03:BC:F5:88:F9:F7:C3:54:1C:07
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c3a1f394-033b-41bc-adb3-c90a7239c909.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da60:2000::/40
Signature Algorithm: sha256WithRSAEncryption
8d:9e:d8:2c:e3:49:29:90:fe:aa:45:78:40:48:d3:fb:57:15:
0f:60:cd:22:10:2a:91:68:15:0a:16:93:39:c4:ab:9b:0c:19:
dd:77:a7:ac:a1:97:f2:67:48:6d:43:7e:9d:78:21:03:08:24:
85:c2:26:96:58:7d:04:eb:4e:7f:fd:ce:1e:89:d1:d4:35:e9:
7e:d1:06:ad:d0:20:cb:5f:78:98:ba:d3:76:80:50:54:fc:54:
4e:fb:47:cd:03:c1:fc:50:cf:32:81:e4:b9:df:29:d8:51:71:
ac:13:94:60:ae:64:74:f1:39:ac:e3:90:56:25:60:62:e9:84:
9e:eb:cb:68:2f:e1:2f:bb:12:56:a6:12:45:1a:e5:b2:f5:ed:
b3:4e:5d:8b:0b:60:0d:18:43:fb:b2:93:15:6a:bc:46:04:62:
8b:c1:bf:d2:05:75:95:7c:b1:90:98:8e:ae:31:83:bd:2d:74:
58:8b:99:10:53:1f:10:06:05:2a:be:e5:c4:84:cc:06:c7:21:
69:63:7b:9f:a5:0d:a2:8c:b8:6d:66:73:fc:cf:11:4a:96:77:
41:d0:ad:da:a3:20:23:10:2b:f0:02:24:32:f5:9f:b8:09:18:
9d:56:cf:ba:33:0f:fe:1a:90:0d:9f:d6:dc:ab:15:3b:cc:15:
59:ee:7a:37
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUJtJRUSDsmOfq3uD/Tgu7tMR9uUIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNDAwMDAwMFoX
DTI1MDExODIzNTk1OVowejFJMEcGA1UEBRNAYmVkOGU5YmQyZDkxY2I5Mjg3ZjU0
MzI2MGQwMGZjYWMwMTZiZmQ2NDAyMDQ1Yjk1MjY2ZTRjZTU4ZDI0YWUxZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rdwTGgTQWZ3Dhu+f/bKTqx52EeK
fTLJn/Z0JR0fTcGXriO+0LBt6s6GSTSz20iNyc2skkIshrZbtPtnbXZ+AmUEN3+F
DKRH2H2GwZBaGDAVyF3O624v1svGfMubQKLQH7oM/PM3d6R3qbXg+Osw2xLnqxO4
m90yNLdN800j6OuHcHXQeByamCU5uGz6tuGOjRoRE2PayK/9OhDX3NH4xfmIm2ts
GO2F55q9JPkyOxypGeTqSls/Llnvw9+EDPyCmj45ftONHsgvvowWeK1boGI13VsI
S43tmppK/sJLOhw+Suyr/7bSUlRTGWeC37HctDQjIlD2MgfIwnh+SpMJTwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIh2/RmYvRaCPtEDvPWI+ffDVBwHMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2MzYTFmMzk0LTAzM2ItNDFiYy1hZGIzLWM5MGE3MjM5YzkwOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYCAwDQYJKoZIhvcNAQELBQADggEBAI2e2CzjSSmQ/qpFeEBI
0/tXFQ9gzSIQKpFoFQoWkznEq5sMGd13p6yhl/JnSG1Dfp14IQMIJIXCJpZYfQTr
Tn/9zh6J0dQ16X7RBq3QIMtfeJi603aAUFT8VE77R80DwfxQzzKB5LnfKdhRcawT
lGCuZHTxOazjkFYlYGLphJ7ry2gv4S+7ElamEkUa5bL17bNOXYsLYA0YQ/uykxVq
vEYEYovBv9IFdZV8sZCYjq4xg70tdFiLmRBTHxAGBSq+5cSEzAbHIWlje5+lDaKM
uG1mc/zPEUqWd0HQrdqjICMQK/ACJDL1n7gJGJ1Wz7ozD/4akA2f1tyrFTvMFVnu
ejc=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:31:52 2025 by rpki-client