Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7a46d818-cb1e-45ab-86c7-1a9a37c1a951.roa
File: 7a46d818-cb1e-45ab-86c7-1a9a37c1a951.roa (raw, json)
Hash identifier: BtsNATMibsxxxd7keXUK17vASi8pjycvlcMYUYwW48s=
Subject key identifier: 6B:1D:00:E3:5A:02:76:3C:31:56:34:31:B8:18:51:22:0E:4D:5F:15
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 1D92853C32A3763B74451CDC247B6151D4B5C53E
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7a46d818-cb1e-45ab-86c7-1a9a37c1a951.roa
Signing time: Sat 30 Nov 2024 00:00:00 +0000
ROA not before: Sat 30 Nov 2024 00:00:00 +0000
ROA not after: Sat 04 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2400:6500::/32 maxlen: 48
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:92:85:3c:32:a3:76:3b:74:45:1c:dc:24:7b:61:51:d4:b5:c5:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Nov 30 00:00:00 2024 GMT
Not After : Jan 4 23:59:59 2025 GMT
Subject: serialNumber=5be14107960d35d0930587d97c46622c983613c86d9f8ad40d62960bf8fe567a, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:34:87:c8:a5:6e:ef:af:51:36:2b:94:2e:8c:
09:c8:c8:af:b7:9f:db:d9:2a:6d:17:25:67:99:98:
41:39:a2:ce:88:75:19:9e:3f:0a:93:01:1d:e6:05:
d2:bf:a2:ad:49:be:72:d3:ca:f0:fe:01:34:c1:2e:
45:5b:25:77:fe:30:5c:27:83:d5:d5:e9:5b:42:51:
cc:29:bb:88:cb:57:00:b0:28:7d:7e:ce:20:16:03:
04:a5:72:93:07:68:8d:d9:d1:6f:bb:a0:9d:4e:59:
10:46:f8:a6:9d:39:64:a4:ee:f9:ee:c8:98:61:4b:
82:2b:46:cb:1c:cf:fd:c9:19:e9:e0:a0:cd:8b:0a:
7f:8f:03:39:04:a9:58:2b:0f:23:d4:14:c4:0e:f6:
f6:9c:71:9f:54:99:a5:16:67:85:63:ee:48:e3:45:
be:28:d8:5d:5c:7d:1c:1d:15:ef:8b:1e:91:ce:83:
68:53:5c:58:c4:bc:ab:30:1e:0b:d6:22:3e:5a:58:
99:ea:14:cd:7c:b5:f9:61:6e:05:f2:42:38:6b:cf:
96:7d:27:09:07:75:ff:7a:30:82:cc:5d:a1:45:73:
c6:10:91:af:3d:fc:ee:ee:ac:04:cb:ce:ff:ec:fc:
bd:d4:6b:e0:b9:f1:3d:83:ab:05:4a:c6:bf:62:1b:
48:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:1D:00:E3:5A:02:76:3C:31:56:34:31:B8:18:51:22:0E:4D:5F:15
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/7a46d818-cb1e-45ab-86c7-1a9a37c1a951.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2400:6500::/32
Signature Algorithm: sha256WithRSAEncryption
2a:80:2a:6d:9a:c3:2f:a0:c1:49:ae:04:e0:cd:a3:d9:a9:1a:
11:ab:80:45:1e:fe:96:5d:4f:de:a3:6f:d6:ca:9e:81:f8:5a:
66:58:80:69:c2:c4:77:8f:f8:de:be:5f:7a:2a:62:8d:e0:01:
39:20:17:f5:f1:a2:f1:a0:ca:34:bf:33:bd:d5:65:21:8c:d4:
66:a2:f3:49:87:f9:34:44:8b:b8:60:fa:34:d9:51:c8:c9:23:
b4:f6:ec:e4:a1:0b:e0:f0:7b:b3:c1:6a:0a:45:f1:e5:55:9e:
e7:eb:3c:25:df:da:3a:57:db:23:66:cb:02:4d:85:38:0e:5a:
cd:51:16:dc:63:56:cb:ca:d9:01:04:2c:3f:9d:35:0f:1b:d5:
14:49:48:eb:4c:f4:44:63:4e:b1:79:ea:02:14:ab:be:28:03:
90:a4:35:b4:7d:2e:d6:0a:3b:45:aa:60:bc:c0:2d:74:13:8c:
e8:4a:d8:67:06:07:52:38:8a:19:dd:a1:e7:d5:c3:15:6e:ba:
b8:c5:db:d0:f0:96:d1:4f:2c:d5:45:5f:c8:38:47:d3:9c:6d:
be:8a:8c:91:f6:7a:1f:70:d8:6e:8b:e9:7b:d6:c0:3b:67:2b:
bc:68:04:be:34:ed:73:00:31:30:d2:42:48:bd:bc:58:78:d8:
24:cb:3f:41
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUHZKFPDKjdjt0RRzcJHthUdS1xT4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTEzMDAwMDAwMFoX
DTI1MDEwNDIzNTk1OVowejFJMEcGA1UEBRNANWJlMTQxMDc5NjBkMzVkMDkzMDU4
N2Q5N2M0NjYyMmM5ODM2MTNjODZkOWY4YWQ0MGQ2Mjk2MGJmOGZlNTY3YTEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtzSHyKVu769RNiuULowJyMivt5/b
2SptFyVnmZhBOaLOiHUZnj8KkwEd5gXSv6KtSb5y08rw/gE0wS5FWyV3/jBcJ4PV
1elbQlHMKbuIy1cAsCh9fs4gFgMEpXKTB2iN2dFvu6CdTlkQRvimnTlkpO757siY
YUuCK0bLHM/9yRnp4KDNiwp/jwM5BKlYKw8j1BTEDvb2nHGfVJmlFmeFY+5I40W+
KNhdXH0cHRXvix6RzoNoU1xYxLyrMB4L1iI+WliZ6hTNfLX5YW4F8kI4a8+WfScJ
B3X/ejCCzF2hRXPGEJGvPfzu7qwEy87/7Py91GvgufE9g6sFSsa/YhtIiwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFGsdAONaAnY8MVY0MbgYUSIOTV8VMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzdhNDZkODE4LWNiMWUtNDVhYi04NmM3LTFhOWEzN2MxYTk1MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJABlADANBgkqhkiG9w0BAQsFAAOCAQEAKoAqbZrDL6DBSa4E4M2j
2akaEauARR7+ll1P3qNv1sqegfhaZliAacLEd4/43r5feipijeABOSAX9fGi8aDK
NL8zvdVlIYzUZqLzSYf5NESLuGD6NNlRyMkjtPbs5KEL4PB7s8FqCkXx5VWe5+s8
Jd/aOlfbI2bLAk2FOA5azVEW3GNWy8rZAQQsP501DxvVFElI60z0RGNOsXnqAhSr
vigDkKQ1tH0u1go7RapgvMAtdBOM6ErYZwYHUjiKGd2h59XDFW66uMXb0PCW0U8s
1UVfyDhH05xtvoqMkfZ6H3DYbovpe9bAO2crvGgEvjTtcwAxMNJCSL28WHjYJMs/
QQ==
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:37:15 2025 by rpki-client