Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/41d48512-3b44-4b3e-ba21-6171938cc43c.roa
File: 41d48512-3b44-4b3e-ba21-6171938cc43c.roa (raw, json)
Hash identifier: 6M6f7VTdv2nH19DBryv602A95554zHsMAGZybh4nmF0=
Subject key identifier: F3:CE:53:DF:B7:CA:8E:E4:F0:F6:50:9C:55:FA:9D:D4:FC:75:01:E3
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 12C2C8F5130995AE1D0115D74C24E67B6B61E3B5
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/41d48512-3b44-4b3e-ba21-6171938cc43c.roa
Signing time: Sat 30 Nov 2024 00:00:00 +0000
ROA not before: Sat 30 Nov 2024 00:00:00 +0000
ROA not after: Sat 04 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 2400:6500::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
12:c2:c8:f5:13:09:95:ae:1d:01:15:d7:4c:24:e6:7b:6b:61:e3:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Nov 30 00:00:00 2024 GMT
Not After : Jan 4 23:59:59 2025 GMT
Subject: serialNumber=a12b0482a5eb7515a208ea1ba9b38ad7de0f5e0347ede9bae2ef56e694325bb1, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:bb:d2:37:2b:e4:de:21:dc:11:db:e3:00:11:
66:c2:58:b2:f5:ae:7a:3b:51:4d:4a:bc:93:64:9f:
3e:21:68:7b:51:7b:21:10:b0:52:7e:69:6e:dd:99:
47:21:c4:c9:d3:97:c5:a0:62:bb:86:6c:69:d6:97:
30:b5:9d:6e:0e:8d:21:2c:12:da:e6:e9:9c:eb:02:
c8:54:7b:d3:f8:82:28:64:5e:76:be:7c:8e:5b:70:
e9:d5:30:e6:cd:09:bc:b5:24:6c:9d:2b:ce:f2:1f:
c8:ac:5f:9d:cf:c0:f5:f8:ae:15:ad:b6:6b:7c:19:
0c:9f:41:5d:50:d9:bf:e3:cc:c4:9a:c1:39:97:8a:
ce:e5:51:65:0a:d6:04:e7:99:c4:8d:71:f1:41:70:
10:06:09:2f:26:5e:0c:d8:a5:c8:2b:ff:55:4a:0c:
8d:d8:d3:42:bd:14:51:02:d4:58:e0:43:7f:13:02:
e6:d5:f1:7c:10:d6:80:01:50:2c:7c:69:8e:2d:e8:
cb:ac:0a:7c:88:19:69:1f:31:bc:95:15:45:9a:92:
21:91:5b:5f:17:0f:30:61:24:b0:7d:04:7e:35:ad:
9c:98:48:16:e0:9a:e2:24:fe:f2:48:f9:4f:db:e4:
f9:19:a6:97:87:41:74:67:9d:cf:8a:f0:3b:d6:4b:
1f:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:CE:53:DF:B7:CA:8E:E4:F0:F6:50:9C:55:FA:9D:D4:FC:75:01:E3
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/41d48512-3b44-4b3e-ba21-6171938cc43c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6500::/32
Signature Algorithm: sha256WithRSAEncryption
a9:39:0e:76:fc:33:93:99:e6:5a:e5:54:c8:b2:cc:33:7d:65:
1d:3a:74:88:3f:8f:09:5a:cb:52:7f:f9:55:d9:2b:a3:fb:7d:
de:cb:63:f7:13:1b:9b:46:d2:35:a0:16:75:3b:06:e2:26:de:
b2:2e:85:22:05:a3:59:39:11:24:a0:4d:2b:18:a5:35:96:96:
76:79:42:89:f7:aa:e2:7e:1c:f7:b7:c6:a3:9b:ce:55:e1:65:
f7:ae:8a:2c:90:1e:4e:af:e9:b5:50:c2:e4:e6:f8:9d:da:40:
f7:8f:c6:02:7b:71:6a:90:1c:7e:57:fa:c3:9c:57:9c:cf:6f:
09:8d:34:27:f1:90:c6:8a:9e:df:54:62:23:c1:01:0c:9d:79:
a7:73:ab:e4:ff:4e:4b:68:f5:b4:5f:e5:18:6f:97:fd:50:d8:
02:66:ec:89:1c:3d:51:0d:15:78:73:65:e6:3d:a3:57:bd:26:
98:d0:c8:6c:bd:a8:7f:41:ab:b0:bb:47:25:88:85:74:26:ec:
9a:9b:f1:c9:87:24:19:bd:8e:e2:ff:b4:e0:a0:01:2e:56:ef:
41:1e:1b:64:7d:de:4f:7f:e3:d2:a8:92:f5:ed:31:47:11:d5:
f6:b3:ed:2f:ed:3b:73:0b:78:8e:95:da:fa:46:06:e5:e1:39:
90:72:05:38
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUEsLI9RMJla4dARXXTCTme2th47UwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTEzMDAwMDAwMFoX
DTI1MDEwNDIzNTk1OVowejFJMEcGA1UEBRNAYTEyYjA0ODJhNWViNzUxNWEyMDhl
YTFiYTliMzhhZDdkZTBmNWUwMzQ3ZWRlOWJhZTJlZjU2ZTY5NDMyNWJiMTEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2LvSNyvk3iHcEdvjABFmwliy9a56
O1FNSryTZJ8+IWh7UXshELBSfmlu3ZlHIcTJ05fFoGK7hmxp1pcwtZ1uDo0hLBLa
5umc6wLIVHvT+IIoZF52vnyOW3Dp1TDmzQm8tSRsnSvO8h/IrF+dz8D1+K4VrbZr
fBkMn0FdUNm/48zEmsE5l4rO5VFlCtYE55nEjXHxQXAQBgkvJl4M2KXIK/9VSgyN
2NNCvRRRAtRY4EN/EwLm1fF8ENaAAVAsfGmOLejLrAp8iBlpHzG8lRVFmpIhkVtf
Fw8wYSSwfQR+Na2cmEgW4JriJP7ySPlP2+T5GaaXh0F0Z53PivA71ksfDwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFPPOU9+3yo7k8PZQnFX6ndT8dQHjMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzQxZDQ4NTEyLTNiNDQtNGIzZS1iYTIxLTYxNzE5MzhjYzQzYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEAqTkOdvwzk5nmWuVUyLLM
M31lHTp0iD+PCVrLUn/5Vdkro/t93stj9xMbm0bSNaAWdTsG4ibesi6FIgWjWTkR
JKBNKxilNZaWdnlCifeq4n4c97fGo5vOVeFl966KLJAeTq/ptVDC5Ob4ndpA94/G
AntxapAcflf6w5xXnM9vCY00J/GQxoqe31RiI8EBDJ15p3Or5P9OS2j1tF/lGG+X
/VDYAmbsiRw9UQ0VeHNl5j2jV70mmNDIbL2of0GrsLtHJYiFdCbsmpvxyYckGb2O
4v+04KABLlbvQR4bZH3eT3/j0qiS9e0xRxHV9rPtL+07cwt4jpXa+kYG5eE5kHIF
OA==
-----END CERTIFICATE-----
Generated at Sat Apr 26 14:56:07 2025 by rpki-client