Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/297539b4-7a62-452c-952f-8f3d17400754.roa
File: 297539b4-7a62-452c-952f-8f3d17400754.roa (raw, json)
Hash identifier: Xs2DCVlCRRoEpB2yybPs4wq3bgLT2SB8fLWKiMs5nPM=
Subject key identifier: B0:65:58:A2:B0:6D:BB:D4:94:A2:AB:13:42:C4:96:5E:4B:4E:DE:EF
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3FAB302E82C83738B02D742E5F9BB3D8E2FEDE5B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/297539b4-7a62-452c-952f-8f3d17400754.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.212.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:ab:30:2e:82:c8:37:38:b0:2d:74:2e:5f:9b:b3:d8:e2:fe:de:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:92:63:67:bb:1e:c4:f5:f6:88:c4:58:66:bc:
a5:9a:96:a5:3c:ad:c5:89:52:eb:4f:13:97:82:d3:
20:b9:b2:ff:73:d1:5c:c4:e7:43:9d:a8:48:60:9d:
75:07:14:7b:57:f9:c1:ed:df:a3:68:e2:2b:bc:a5:
19:ac:47:d8:07:1f:fd:34:73:88:02:52:21:26:52:
34:03:70:5e:59:b9:77:64:96:e2:2e:69:6b:4d:b5:
d8:f0:01:d5:25:7b:ba:82:23:2d:77:63:50:a8:be:
06:41:41:4f:d9:30:b3:7c:83:99:48:bb:1f:89:76:
c6:7e:56:6d:28:18:b6:53:4d:f1:13:ee:2f:73:3e:
4a:00:45:d7:06:11:20:b9:ab:4a:31:04:b8:d6:b0:
8b:f4:85:d0:23:25:de:ad:bb:4b:6a:5e:8f:4c:6e:
c5:3d:9b:82:39:22:ea:2d:e8:5a:c2:49:09:31:ac:
68:9c:74:56:bd:de:c7:9f:4c:ea:2d:af:d7:eb:b0:
e2:01:23:46:ea:89:4b:10:83:ad:ce:b3:3c:1b:cb:
cb:76:53:32:c0:9d:72:e7:43:4f:89:d9:24:8a:2c:
8a:6d:2d:c6:bd:19:36:93:2b:a6:d4:15:99:29:6d:
38:95:d6:27:47:7f:a3:57:70:ac:d3:f1:1a:54:11:
3a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:65:58:A2:B0:6D:BB:D4:94:A2:AB:13:42:C4:96:5E:4B:4E:DE:EF
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/297539b4-7a62-452c-952f-8f3d17400754.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.212.0.0/15
Signature Algorithm: sha256WithRSAEncryption
61:c5:44:86:f6:db:c5:c8:5d:99:5b:3b:5f:9a:b1:19:00:ff:
a4:56:b0:3a:3b:33:51:36:54:a4:03:68:3f:af:c2:fd:6e:3c:
99:3c:0f:9e:46:7a:a9:4c:6e:44:64:4e:a6:a2:6c:0e:50:e2:
1c:50:2a:e6:b0:6f:6c:68:22:93:49:40:48:ce:48:e4:68:5a:
22:c2:53:6e:82:58:e8:4f:b2:c1:c2:29:1b:4a:a9:7c:23:49:
1e:39:fe:94:f8:4b:f4:cc:02:3d:58:80:46:22:1d:9e:7a:f7:
1c:6a:33:38:7f:6f:15:8d:b6:09:7e:7c:7a:9b:c0:18:8e:e0:
d1:40:c5:77:86:ff:30:ef:07:d6:4f:50:74:fc:76:49:90:fe:
be:82:de:80:ae:8f:d3:23:26:00:ad:07:bf:6d:ca:df:25:51:
c9:91:47:29:c1:8c:22:cc:37:91:5b:9b:21:10:67:bd:a2:cd:
49:94:ff:dd:5f:a6:e8:4f:5a:ef:1c:a8:01:5e:4c:33:62:32:
0a:15:de:26:9e:b1:43:9d:e4:5b:46:59:d5:e3:72:4b:bc:12:
b1:c6:89:25:67:22:5e:de:a1:bd:a6:76:08:26:a1:2e:b3:b5:
02:f1:2f:e2:2b:0a:ad:79:52:28:55:49:f7:be:41:80:52:32:
84:73:a6:00
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUP6swLoLINziwLXQuX5uz2OL+3lswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAZWY2YjIyZWUwNDEyNGFlM2IxYzA2
NmU5MDQ2OTU2NDNhYzIzY2M0MzdiOGRjNGRmNzEyNGEyYjJkMWQyZDE3ZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx5JjZ7sexPX2iMRYZrylmpalPK3F
iVLrTxOXgtMgubL/c9FcxOdDnahIYJ11BxR7V/nB7d+jaOIrvKUZrEfYBx/9NHOI
AlIhJlI0A3BeWbl3ZJbiLmlrTbXY8AHVJXu6giMtd2NQqL4GQUFP2TCzfIOZSLsf
iXbGflZtKBi2U03xE+4vcz5KAEXXBhEguatKMQS41rCL9IXQIyXerbtLal6PTG7F
PZuCOSLqLehawkkJMaxonHRWvd7Hn0zqLa/X67DiASNG6olLEIOtzrM8G8vLdlMy
wJ1y50NPidkkiiyKbS3GvRk2kyum1BWZKW04ldYnR3+jV3Cs0/EaVBE6AQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLBlWKKwbbvUlKKrE0LEll5LTt7vMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI5NzUzOWI0LTdhNjItNDUyYy05NTJmLThmM2QxNzQwMDc1NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMBK9QwDQYJKoZIhvcNAQELBQADggEBAGHFRIb228XIXZlbO1+asRkA
/6RWsDo7M1E2VKQDaD+vwv1uPJk8D55GeqlMbkRkTqaibA5Q4hxQKuawb2xoIpNJ
QEjOSORoWiLCU26CWOhPssHCKRtKqXwjSR45/pT4S/TMAj1YgEYiHZ569xxqMzh/
bxWNtgl+fHqbwBiO4NFAxXeG/zDvB9ZPUHT8dkmQ/r6C3oCuj9MjJgCtB79tyt8l
UcmRRynBjCLMN5FbmyEQZ72izUmU/91fpuhPWu8cqAFeTDNiMgoV3iaesUOd5FtG
WdXjcku8ErHGiSVnIl7eob2mdggmoS6ztQLxL+IrCq15UihVSfe+QYBSMoRzpgA=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:09:00 2025 by rpki-client