Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/16f57147-886c-4350-a247-eceffe69fb96.roa
File: 16f57147-886c-4350-a247-eceffe69fb96.roa (raw, json)
Hash identifier: uTKBV9ytifaeb626git5lzgV1D/H3UJNdURXVwz12zs=
Subject key identifier: 56:03:1A:93:8B:91:A0:92:D2:6F:EF:1A:82:A1:03:DB:FE:15:81:F1
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 2FE83F8ED311A2C0DFEC23184A54522F86F01D4D
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/16f57147-886c-4350-a247-eceffe69fb96.roa
Signing time: Sat 21 Dec 2024 00:00:00 +0000
ROA not before: Sat 21 Dec 2024 00:00:00 +0000
ROA not after: Sat 25 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 160.235.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:e8:3f:8e:d3:11:a2:c0:df:ec:23:18:4a:54:52:2f:86:f0:1d:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 21 00:00:00 2024 GMT
Not After : Jan 25 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:6b:a8:ff:a3:2a:69:42:8e:9e:70:ba:36:ba:
e4:9a:e1:bc:78:c3:a6:62:8e:8f:3f:b4:73:ce:2d:
39:98:9b:0b:8b:7b:ca:ac:9d:da:61:90:84:fc:32:
df:74:e3:b2:b2:b9:76:1f:69:76:6b:c6:9f:52:c3:
95:c6:ab:60:af:d7:fd:64:48:83:69:19:40:bc:c5:
7b:36:0c:8a:8b:46:ea:28:c0:1a:d1:81:62:ab:2c:
b0:7b:04:b7:83:45:2a:5c:bf:7c:69:e9:b5:74:cd:
1a:bd:de:34:1b:7b:71:c2:9b:ee:62:df:31:48:a4:
7d:36:d9:6b:bf:ef:2f:0e:86:68:5f:97:76:ec:0c:
50:36:4e:b5:13:1b:0b:00:62:f6:b5:1f:3b:ef:3b:
ad:c5:b6:bc:88:ec:b8:1b:eb:2b:b0:78:b6:d7:4d:
43:38:32:2e:70:61:9d:24:2c:93:82:87:11:33:ba:
fb:95:2d:a0:3e:e2:e9:52:46:ba:ed:46:ae:43:bf:
d0:b7:07:a8:d9:7d:cf:71:62:3e:fa:e4:a0:9a:fc:
35:eb:4b:9d:3a:93:f1:57:96:00:5e:d3:c9:02:8c:
1c:af:2f:cc:8d:23:71:b8:b6:32:b2:1d:16:4f:2d:
6d:a3:01:a1:6c:5f:80:cc:ca:b1:f6:4a:19:a3:fb:
8c:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:03:1A:93:8B:91:A0:92:D2:6F:EF:1A:82:A1:03:DB:FE:15:81:F1
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/16f57147-886c-4350-a247-eceffe69fb96.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
160.235.0.0/16
Signature Algorithm: sha256WithRSAEncryption
5d:00:6e:c9:e6:30:cb:3e:e5:17:99:6a:4b:ad:19:e4:b6:88:
5d:30:60:46:1b:e9:f8:01:9a:d0:7e:31:d5:ee:91:e5:00:c2:
91:ee:2f:79:03:71:55:c8:57:0b:03:5b:7c:22:87:97:e3:6a:
1d:c3:02:a4:d7:fa:c5:f2:63:40:71:03:ff:02:7f:49:61:71:
de:0f:c4:a1:2f:32:28:63:56:30:7f:6a:03:57:91:c0:49:1b:
9e:96:1d:76:ca:ba:27:ce:ef:d0:2a:57:6d:1d:63:1f:cb:be:
c3:59:5f:62:9f:6c:9c:53:db:93:0d:46:bb:89:26:28:cb:7f:
2c:b6:4c:23:02:07:25:d3:80:95:f5:f9:fc:6c:bf:a5:d5:eb:
6f:af:07:a8:92:80:d4:3d:b2:80:ae:f4:ec:5a:08:61:49:00:
3f:6a:35:de:bf:db:e0:4d:52:6a:88:3f:69:21:9f:a4:df:9e:
d9:ee:52:e1:eb:34:f8:6e:a0:92:38:f9:0d:dc:81:7d:da:e1:
00:22:d4:14:5f:db:38:71:39:31:45:94:6c:76:f1:d2:4e:16:
bc:ac:8b:26:f6:f7:30:d5:4f:36:20:c9:14:e9:06:39:35:ce:
86:67:5d:7f:a8:3d:d3:d5:2a:93:bf:8d:56:e3:40:ef:e5:31:
d6:8a:10:82
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUL+g/jtMRosDf7CMYSlRSL4bwHU0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MTIyMTAwMDAwMFoX
DTI1MDEyNTIzNTk1OVowejFJMEcGA1UEBRNAYzk1ZjUwYzZjNTQ3MDU0ZmIyNDMz
OGY0MjE2ZDBkNzhmY2VhYzQ2N2VlYTBjNjJmZTU2ZjEzOTdlZWJiMTQ3NTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlGuo/6MqaUKOnnC6NrrkmuG8eMOm
Yo6PP7Rzzi05mJsLi3vKrJ3aYZCE/DLfdOOysrl2H2l2a8afUsOVxqtgr9f9ZEiD
aRlAvMV7NgyKi0bqKMAa0YFiqyywewS3g0UqXL98aem1dM0avd40G3txwpvuYt8x
SKR9Ntlrv+8vDoZoX5d27AxQNk61ExsLAGL2tR877zutxba8iOy4G+srsHi2101D
ODIucGGdJCyTgocRM7r7lS2gPuLpUka67UauQ7/Qtweo2X3PcWI++uSgmvw160ud
OpPxV5YAXtPJAowcry/MjSNxuLYysh0WTy1towGhbF+AzMqx9koZo/uMWwIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFFYDGpOLkaCS0m/vGoKhA9v+FYHxMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzE2ZjU3MTQ3LTg4NmMtNDM1MC1hMjQ3LWVjZWZmZTY5ZmI5Ni5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMAoOswDQYJKoZIhvcNAQELBQADggEBAF0AbsnmMMs+5ReZakutGeS2
iF0wYEYb6fgBmtB+MdXukeUAwpHuL3kDcVXIVwsDW3wih5fjah3DAqTX+sXyY0Bx
A/8Cf0lhcd4PxKEvMihjVjB/agNXkcBJG56WHXbKuifO79AqV20dYx/LvsNZX2Kf
bJxT25MNRruJJijLfyy2TCMCByXTgJX1+fxsv6XV62+vB6iSgNQ9soCu9OxaCGFJ
AD9qNd6/2+BNUmqIP2khn6TfntnuUuHrNPhuoJI4+Q3cgX3a4QAi1BRf2zhxOTFF
lGx28dJOFrysiyb29zDVTzYgyRTpBjk1zoZnXX+oPdPVKpO/jVbjQO/lMdaKEII=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:52 2025 by rpki-client