Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fdea3492-45a8-4925-b3dd-cc14f0279c75.roa
File: fdea3492-45a8-4925-b3dd-cc14f0279c75.roa (raw, json)
Hash identifier: Njbu9qTrRkaqQ2k0BQoj9fteu9m1hE89cUgaO6ve4OU=
Subject key identifier: 7B:FA:FD:66:88:59:30:08:70:A8:05:C2:58:C6:A7:8D:12:55:C5:AA
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7BE28596D8A4E71683813BB544BA682502043E81
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fdea3492-45a8-4925-b3dd-cc14f0279c75.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:8800::/40 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7b:e2:85:96:d8:a4:e7:16:83:81:3b:b5:44:ba:68:25:02:04:3e:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: serialNumber=8b4295302e1e32b50f8aade60eb8bba800a10023e7a4bfd807f8bab77bff4d73, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:81:ba:84:0b:10:c9:4d:47:68:1c:c7:89:38:
61:24:b2:e0:da:eb:3b:ab:27:5c:5a:f0:3d:60:93:
6a:ff:68:cb:ee:46:02:88:9e:06:29:25:32:0b:bd:
62:7c:3e:4a:a4:5f:17:a4:e6:88:6e:b3:46:17:29:
b5:d5:f1:fa:5e:e9:35:ec:6c:39:2d:f7:a2:e5:a0:
b6:02:76:dc:e8:59:3c:0f:30:13:3e:fe:f1:6d:58:
ee:bb:31:bd:3f:80:87:a2:cc:a7:e6:0d:a1:18:cc:
90:c3:6f:48:ac:2e:46:12:3a:be:cf:af:ca:c3:c3:
48:10:bb:fd:a3:41:68:be:1a:cd:98:55:88:34:56:
6c:f9:d5:15:fc:0c:10:5b:e5:39:19:e7:0a:a6:7e:
d4:2e:c2:6c:39:c7:d3:d6:aa:0a:fe:e5:b5:80:80:
6f:3e:f5:e7:db:3a:9f:73:14:8a:fc:f5:67:7f:8f:
b3:7d:f7:f6:e0:eb:fe:da:95:30:b3:80:c1:ae:cd:
a1:a0:d4:e5:3a:c1:68:88:85:bf:b5:23:ca:c8:39:
60:38:a7:37:c7:d9:1d:18:50:c2:6e:2a:c2:10:d0:
36:36:cc:01:71:fd:c3:e8:95:58:6e:4a:24:73:42:
01:6b:8b:96:da:93:65:d5:4a:d3:28:c4:21:5e:e2:
16:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:FA:FD:66:88:59:30:08:70:A8:05:C2:58:C6:A7:8D:12:55:C5:AA
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/fdea3492-45a8-4925-b3dd-cc14f0279c75.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:8800::/40
Signature Algorithm: sha256WithRSAEncryption
1d:d3:89:ff:77:a9:1d:16:fb:50:0c:60:64:a7:07:76:e2:62:
ab:2e:c7:aa:09:a0:54:38:c3:a8:77:ce:1c:06:c6:95:7b:3d:
0f:90:bd:c8:f6:2b:08:b4:fa:0c:ba:5d:dc:53:49:05:e3:f8:
5c:27:55:d8:71:da:4a:d3:f6:8c:31:e2:67:85:83:ed:4b:94:
d4:93:90:ad:20:28:bb:23:5b:b3:4d:1f:9c:2b:52:32:d8:6d:
41:60:66:d6:77:2d:aa:74:c1:01:b6:7f:d3:9a:58:18:96:b5:
42:67:62:40:46:09:f5:84:b4:32:bb:a2:80:e6:a9:ea:44:71:
a7:06:e0:66:6d:28:01:08:d5:45:bd:4b:ee:03:1a:9d:8b:ab:
1a:5a:60:1e:2a:03:e6:1b:6f:36:c6:f4:df:9a:b6:fd:dd:a9:
48:6b:24:c4:bd:ac:cb:7b:dc:d0:e6:cb:18:6e:e2:1a:9c:f8:
3e:a8:57:19:cb:b2:d8:30:d7:8e:b3:b7:6d:94:05:82:25:b5:
bd:26:71:08:ba:ac:f5:67:db:c1:1a:12:26:03:db:0c:87:e7:
fa:4b:84:e8:7d:12:3c:2b:29:51:15:ee:17:89:01:02:fe:5e:
84:10:41:3a:28:27:ea:1a:e8:d4:98:41:31:42:29:18:14:08:
7d:31:b5:73
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUe+KFltik5xaDgTu1RLpoJQIEPoEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIyNTAwMDAwMFoX
DTI1MDEyOTIzNTk1OVowejFJMEcGA1UEBRNAOGI0Mjk1MzAyZTFlMzJiNTBmOGFh
ZGU2MGViOGJiYTgwMGExMDAyM2U3YTRiZmQ4MDdmOGJhYjc3YmZmNGQ3MzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0oG6hAsQyU1HaBzHiThhJLLg2us7
qydcWvA9YJNq/2jL7kYCiJ4GKSUyC71ifD5KpF8XpOaIbrNGFym11fH6Xuk17Gw5
Lfei5aC2Anbc6Fk8DzATPv7xbVjuuzG9P4CHosyn5g2hGMyQw29IrC5GEjq+z6/K
w8NIELv9o0FovhrNmFWINFZs+dUV/AwQW+U5GecKpn7ULsJsOcfT1qoK/uW1gIBv
PvXn2zqfcxSK/PVnf4+zfff24Ov+2pUws4DBrs2hoNTlOsFoiIW/tSPKyDlgOKc3
x9kdGFDCbirCENA2NswBcf3D6JVYbkokc0IBa4uW2pNl1UrTKMQhXuIWqwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHv6/WaIWTAIcKgFwljGp40SVcWqMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2ZkZWEzNDkyLTQ1YTgtNDkyNS1iM2RkLWNjMTRmMDI3OWM3NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+4gwDQYJKoZIhvcNAQELBQADggEBAB3Tif93qR0W+1AMYGSn
B3biYqsux6oJoFQ4w6h3zhwGxpV7PQ+Qvcj2Kwi0+gy6XdxTSQXj+FwnVdhx2krT
9owx4meFg+1LlNSTkK0gKLsjW7NNH5wrUjLYbUFgZtZ3Lap0wQG2f9OaWBiWtUJn
YkBGCfWEtDK7ooDmqepEcacG4GZtKAEI1UW9S+4DGp2LqxpaYB4qA+YbbzbG9N+a
tv3dqUhrJMS9rMt73NDmyxhu4hqc+D6oVxnLstgw146zt22UBYIltb0mcQi6rPVn
28EaEiYD2wyH5/pLhOh9EjwrKVEV7heJAQL+XoQQQTooJ+oa6NSYQTFCKRgUCH0x
tXM=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:34:27 2025 by rpki-client