Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c29c3a7e-a7ae-4418-af26-16585304f365.roa
File: c29c3a7e-a7ae-4418-af26-16585304f365.roa (raw, json)
Hash identifier: E2FFvICtUJfZKQvS6EFxJmBGzJbLf9Q6mxYLUvrvg74=
Subject key identifier: 4B:E2:9C:A7:47:FB:76:97:66:1C:92:96:DF:EA:F3:DB:AA:CA:C4:BE
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 020D7E35BC5EAC9472B436E4CD92DD7EB4713E88
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c29c3a7e-a7ae-4418-af26-16585304f365.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.248.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:0d:7e:35:bc:5e:ac:94:72:b4:36:e4:cd:92:dd:7e:b4:71:3e:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: serialNumber=dc9490ca52fb13a396644b2433a0376c77af07d19440dc3a8593ee9e05563e21, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:2c:5c:7c:ba:c0:08:fd:12:37:aa:ff:18:9c:
05:23:60:5e:d2:54:4f:96:a1:7c:bd:da:a1:94:d2:
f4:f0:ed:8f:e1:9c:b0:1d:34:d5:65:a8:7f:9d:cc:
b0:93:83:db:11:6d:04:6b:1a:2b:af:da:c7:96:05:
51:9c:4a:e8:f0:9e:5c:7c:69:2b:c1:63:56:28:08:
7f:8c:20:a6:5b:da:ea:ca:06:36:c9:70:a6:ce:f7:
1e:35:a8:5d:e1:56:11:bd:82:d7:b3:a2:85:e8:54:
c9:1f:c4:41:50:cb:e4:f2:74:d4:1f:c8:a1:d6:15:
bc:cf:58:35:61:bf:bc:49:40:8b:7f:45:bd:66:66:
e3:85:35:b9:80:fb:ff:49:05:b1:3f:9a:c3:a8:a5:
f3:96:2d:63:ca:90:1b:cf:6c:34:f6:42:f2:ae:18:
43:df:82:c9:db:b3:d6:3e:fa:a8:f8:03:1d:12:8d:
34:ca:a5:36:a5:c3:57:df:b9:f1:b3:fc:26:b6:cd:
ea:c5:18:80:d4:80:f9:fa:6a:0e:00:67:ea:68:3d:
f5:90:4b:f2:ee:16:54:c0:66:60:64:9a:d6:8a:4f:
46:00:c0:a1:da:af:54:89:8b:c1:6e:e9:c8:37:d6:
ac:4f:77:92:8f:7a:03:25:93:3c:ba:b0:fa:53:80:
28:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E2:9C:A7:47:FB:76:97:66:1C:92:96:DF:EA:F3:DB:AA:CA:C4:BE
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c29c3a7e-a7ae-4418-af26-16585304f365.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.0.0/16
Signature Algorithm: sha256WithRSAEncryption
3c:61:8b:15:71:8a:d5:4f:19:ff:4f:c5:aa:43:18:69:e7:4b:
a0:d0:d8:43:14:b5:7a:ce:e1:ce:9a:a6:e6:76:7a:33:b1:d3:
15:33:82:99:11:3c:20:0e:a0:c4:c1:84:b0:9e:f4:0b:7f:17:
a0:27:c5:60:d5:aa:30:41:6b:bb:14:e0:ad:ee:1d:b2:3f:45:
d3:9d:16:d6:96:75:a8:d3:da:26:46:27:47:29:44:a9:f8:62:
25:e2:d3:3c:64:42:51:51:12:a8:aa:7c:be:23:4d:47:d3:12:
59:bb:43:e3:3e:ca:de:ad:57:5f:24:93:cb:bd:12:ad:08:62:
fa:70:9d:83:7f:5e:c8:2c:b1:21:7c:5b:35:84:7f:f1:06:ea:
d7:b7:7a:74:ad:e2:22:4c:a1:c3:0c:6b:66:ee:ab:ad:a5:9c:
3c:8e:cf:3f:cd:a9:5d:69:bc:d9:d9:6d:ea:f7:59:77:c5:83:
17:71:1c:12:c4:b1:23:8f:d0:29:5c:51:f7:e1:5d:3f:d4:5e:
d1:9b:57:b4:df:cd:4f:ff:a8:94:29:d3:e5:00:71:0d:ee:0c:
28:61:ff:0b:c9:0f:f7:15:7c:ae:e7:e3:03:b0:65:44:89:d3:
79:2e:e7:7b:f1:90:10:64:65:93:31:e1:d6:cc:07:82:ba:04:
63:f0:f1:f0
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUAg1+NbxerJRytDbkzZLdfrRxPogwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAZGM5NDkwY2E1MmZiMTNhMzk2NjQ0
YjI0MzNhMDM3NmM3N2FmMDdkMTk0NDBkYzNhODU5M2VlOWUwNTU2M2UyMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCxcfLrACP0SN6r/GJwFI2Be0lRP
lqF8vdqhlNL08O2P4ZywHTTVZah/ncywk4PbEW0Eaxorr9rHlgVRnEro8J5cfGkr
wWNWKAh/jCCmW9rqygY2yXCmzvceNahd4VYRvYLXs6KF6FTJH8RBUMvk8nTUH8ih
1hW8z1g1Yb+8SUCLf0W9ZmbjhTW5gPv/SQWxP5rDqKXzli1jypAbz2w09kLyrhhD
34LJ27PWPvqo+AMdEo00yqU2pcNX37nxs/wmts3qxRiA1ID5+moOAGfqaD31kEvy
7hZUwGZgZJrWik9GAMCh2q9UiYvBbunIN9asT3eSj3oDJZM8urD6U4AoSQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFEvinKdH+3aXZhySlt/q89uqysS+MB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2MyOWMzYTdlLWE3YWUtNDQxOC1hZjI2LTE2NTg1MzA0ZjM2NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMAn/gwDQYJKoZIhvcNAQELBQADggEBADxhixVxitVPGf9PxapDGGnn
S6DQ2EMUtXrO4c6apuZ2ejOx0xUzgpkRPCAOoMTBhLCe9At/F6AnxWDVqjBBa7sU
4K3uHbI/RdOdFtaWdajT2iZGJ0cpRKn4YiXi0zxkQlFREqiqfL4jTUfTElm7Q+M+
yt6tV18kk8u9Eq0IYvpwnYN/XsgssSF8WzWEf/EG6te3enSt4iJMocMMa2buq62l
nDyOzz/NqV1pvNnZber3WXfFgxdxHBLEsSOP0ClcUffhXT/UXtGbV7TfzU//qJQp
0+UAcQ3uDChh/wvJD/cVfK7n4wOwZUSJ03ku53vxkBBkZZMx4dbMB4K6BGPw8fA=
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:50:43 2025 by rpki-client