Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d0a4f32b-00e7-45df-ac57-af8812e2ea60.roa
File: d0a4f32b-00e7-45df-ac57-af8812e2ea60.roa (raw, json)
Hash identifier: 7u9O336WD72UodsPWOWHKD74PiH3Gmp7ApCMjpEB8hs=
Subject key identifier: 6D:A2:B2:B2:FE:FA:6E:D3:39:52:AA:69:CE:A4:7D:1E:79:80:8F:54
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 5A708203D1A7225421EA923A5ECE612DBAC2264A
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d0a4f32b-00e7-45df-ac57-af8812e2ea60.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 122.248.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:70:82:03:d1:a7:22:54:21:ea:92:3a:5e:ce:61:2d:ba:c2:26:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: serialNumber=655c11935275a1638f93303343a84eaf3a387260114c9e8c993f30c0b60734c7, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:d8:5d:61:1f:9e:c8:69:eb:f5:e7:38:95:65:
59:c9:e6:5f:fe:69:58:67:48:81:bb:b9:67:38:e9:
7d:d2:fb:4f:c9:31:1b:7c:e6:5a:55:5e:29:18:b4:
5d:6a:ce:f7:0b:33:37:89:b5:5c:c1:a1:b1:39:23:
dd:6d:42:d5:2e:59:02:37:66:aa:39:05:99:68:18:
1e:e0:2d:c6:38:6b:87:b2:74:48:4b:0b:67:8e:47:
aa:67:3e:b6:5c:f6:74:b6:26:eb:90:94:80:a9:43:
ec:27:cd:07:f6:47:20:a4:ad:13:c8:13:60:bc:fa:
40:7c:f2:a0:14:91:3c:71:29:9a:a6:c1:07:05:be:
7c:f9:95:3a:f4:9d:4d:5a:3e:47:f4:1f:0d:b8:21:
76:c7:27:b8:62:95:25:03:9c:0f:b2:a6:20:c1:b4:
a5:6a:e8:23:9c:34:8a:2d:ea:f5:7b:e2:09:5e:0c:
72:d7:3b:19:a2:3d:01:69:23:d7:7d:73:6e:3f:3d:
5f:e9:83:f9:29:66:02:55:0f:90:2a:a3:e8:ed:ea:
f4:aa:1b:de:f9:a7:a2:c0:de:93:55:05:f8:5c:29:
d2:b4:0d:83:b0:44:42:b6:48:c5:52:6b:d0:83:e9:
b8:f8:6e:ea:cd:94:ad:a1:83:c7:74:5a:cd:dc:ea:
51:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6D:A2:B2:B2:FE:FA:6E:D3:39:52:AA:69:CE:A4:7D:1E:79:80:8F:54
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/d0a4f32b-00e7-45df-ac57-af8812e2ea60.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
122.248.192.0/18
Signature Algorithm: sha256WithRSAEncryption
f7:c1:e6:eb:b1:8c:b7:d2:3c:a2:ac:19:90:64:66:9f:5a:c1:
59:ed:89:4b:ad:77:93:ce:53:d5:35:9d:a9:f4:17:83:57:1f:
55:ff:31:43:cb:59:44:43:f2:08:29:d9:34:9f:7e:0f:37:ae:
f6:5c:b0:ce:32:2c:18:6e:87:6d:20:09:70:0e:f7:c0:4a:3f:
55:70:32:de:69:54:42:32:cc:7c:16:72:17:6e:ee:35:8e:01:
0a:94:62:79:1e:56:cc:4b:9b:24:55:75:b7:58:b3:bc:9f:2e:
74:66:c9:8c:48:a2:af:53:93:a4:bc:07:47:c6:59:d5:21:ed:
5e:b2:52:85:b4:0f:73:cc:3d:97:b2:d9:a8:b4:7d:53:82:98:
c2:bb:ac:12:2b:5b:31:b7:92:b6:be:ea:fb:ee:ac:dc:97:e0:
ab:4c:f9:4b:71:62:95:07:29:9a:e9:01:bb:43:4b:0d:b6:78:
42:5a:ec:c9:e6:32:4f:a2:64:d2:4c:3b:5d:b7:80:fc:a1:85:
82:b1:b1:49:d8:71:31:7b:3c:29:7e:88:92:9f:11:46:f7:4f:
e8:e0:d9:db:fb:4a:1b:4e:4f:96:0d:f2:93:0f:62:01:14:91:
f8:d4:0e:66:7e:23:4d:78:0f:09:b9:69:30:d3:3d:e4:ec:54:
63:78:53:19
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUWnCCA9GnIlQh6pI6Xs5hLbrCJkowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTEyOTAwMDAwMFoX
DTI1MDEwMzIzNTk1OVowejFJMEcGA1UEBRNANjU1YzExOTM1Mjc1YTE2MzhmOTMz
MDMzNDNhODRlYWYzYTM4NzI2MDExNGM5ZThjOTkzZjMwYzBiNjA3MzRjNzEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvdhdYR+eyGnr9ec4lWVZyeZf/mlY
Z0iBu7lnOOl90vtPyTEbfOZaVV4pGLRdas73CzM3ibVcwaGxOSPdbULVLlkCN2aq
OQWZaBge4C3GOGuHsnRISwtnjkeqZz62XPZ0tibrkJSAqUPsJ80H9kcgpK0TyBNg
vPpAfPKgFJE8cSmapsEHBb58+ZU69J1NWj5H9B8NuCF2xye4YpUlA5wPsqYgwbSl
augjnDSKLer1e+IJXgxy1zsZoj0BaSPXfXNuPz1f6YP5KWYCVQ+QKqPo7er0qhve
+aeiwN6TVQX4XCnStA2DsERCtkjFUmvQg+m4+G7qzZStoYPHdFrN3OpRxwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFG2isrL++m7TOVKqac6kfR55gI9UMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
L2QwYTRmMzJiLTAwZTctNDVkZi1hYzU3LWFmODgxMmUyZWE2MC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQGevjAMA0GCSqGSIb3DQEBCwUAA4IBAQD3webrsYy30jyirBmQZGaf
WsFZ7YlLrXeTzlPVNZ2p9BeDVx9V/zFDy1lEQ/IIKdk0n34PN672XLDOMiwYbodt
IAlwDvfASj9VcDLeaVRCMsx8FnIXbu41jgEKlGJ5HlbMS5skVXW3WLO8ny50ZsmM
SKKvU5OkvAdHxlnVIe1eslKFtA9zzD2XstmotH1TgpjCu6wSK1sxt5K2vur77qzc
l+CrTPlLcWKVByma6QG7Q0sNtnhCWuzJ5jJPomTSTDtdt4D8oYWCsbFJ2HExezwp
foiSnxFG90/o4Nnb+0obTk+WDfKTD2IBFJH41A5mfiNNeA8JuWkw0z3k7FRjeFMZ
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:19:37 2025 by rpki-client