Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/50a9a959-5bd1-4293-aafe-5c5f47d125bd.roa
File: 50a9a959-5bd1-4293-aafe-5c5f47d125bd.roa (raw, json)
Hash identifier: KDjgshlHuAcBv0G4eFwiJTstSTlQdtfDUpGK4svGFGQ=
Subject key identifier: 14:20:88:52:80:E2:75:34:96:11:D9:9B:90:6A:20:2A:75:EB:22:96
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2356BB96E613A9F2ACB2301762FCF376A34748CE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/50a9a959-5bd1-4293-aafe-5c5f47d125bd.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 43.208.0.0/13 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
23:56:bb:96:e6:13:a9:f2:ac:b2:30:17:62:fc:f3:76:a3:47:48:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:41:91:fb:88:71:40:6c:b7:19:fe:19:97:8a:
73:47:97:c3:c4:65:66:20:3d:06:5f:7c:34:4f:96:
24:cb:4f:44:41:ef:83:f4:34:3e:b4:ec:ae:06:e0:
5e:2d:71:a1:54:d6:6b:93:20:cc:1d:b2:52:d5:f2:
cf:15:3b:71:1a:55:ec:ce:aa:eb:ea:2a:d2:6c:6b:
cf:e0:43:c5:e7:c3:66:12:d5:56:45:99:eb:52:62:
fe:1f:af:ab:1b:65:4d:d6:f3:c1:60:0e:31:64:87:
ed:4a:d5:3d:05:f8:8c:2a:10:4a:92:ea:2f:c6:da:
4b:63:dc:aa:e8:2c:29:b1:9d:a6:4b:16:ec:fd:73:
4d:2b:6e:60:67:90:a9:46:f2:d3:a7:47:61:cc:f6:
79:ef:3e:c8:61:f6:64:05:3b:ce:20:58:50:23:b9:
7e:21:7d:d9:5f:17:b9:51:9d:ee:24:5d:18:d6:ca:
be:55:7f:de:69:f6:b0:1f:61:b6:0a:0a:14:57:9a:
f0:2f:2e:ce:8d:f0:e0:79:c2:e7:62:be:43:52:56:
e6:47:4a:fb:b8:d9:74:7b:a2:92:44:d5:ae:d3:04:
06:c3:37:0e:06:14:cf:47:ee:79:e1:ff:f1:50:bb:
7c:39:c1:8e:d0:21:4b:e6:7d:dd:56:ef:8a:95:7c:
ca:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:20:88:52:80:E2:75:34:96:11:D9:9B:90:6A:20:2A:75:EB:22:96
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/50a9a959-5bd1-4293-aafe-5c5f47d125bd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.208.0.0/13
Signature Algorithm: sha256WithRSAEncryption
28:f3:19:3a:cb:69:f2:41:ff:cd:44:b3:ca:ec:41:a6:5b:dc:
18:7b:86:c7:8a:70:b0:70:04:2c:a8:6e:3c:f3:8a:ee:35:44:
09:9d:aa:71:f9:1f:86:41:b4:23:8f:8b:d9:83:a6:4e:ea:4e:
00:17:e7:1b:e7:55:ba:bd:6b:84:33:8f:79:00:80:04:d7:91:
7d:23:1d:b1:8b:fc:7b:c5:ca:d6:e8:43:a3:e8:12:ad:0c:75:
f4:f8:e7:03:db:ea:f7:80:67:0f:cb:a5:91:85:e7:d6:45:16:
0f:d7:8f:2e:96:ee:2f:84:68:2a:0e:9f:0a:35:59:47:22:6d:
34:e2:59:f7:05:ef:0f:fd:b9:9c:9f:cd:ab:b0:ca:59:a1:32:
3f:2f:88:b9:f4:91:b4:0e:34:79:e2:7a:cd:39:4f:9f:22:3b:
b1:13:34:fc:f1:bf:f1:80:32:3c:b3:43:a7:35:b1:ae:04:b4:
b7:1f:e9:9f:1c:1e:15:20:f2:b5:bd:65:56:79:48:a3:6f:71:
18:7e:ec:6c:51:6a:1c:5b:fa:d3:8a:0d:ec:bc:fe:20:85:bd:
a4:62:24:b8:5a:34:d8:0e:a6:72:5b:ad:be:10:d1:b8:28:3b:
ca:d5:65:d1:55:a1:ee:5e:a4:5d:ba:1f:2c:73:6d:03:9d:8a:
b7:cd:00:de
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUI1a7luYTqfKssjAXYvzzdqNHSM4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAMTVjYjkyNGVjNTg4MGI4MWQxODAy
NDU2YzgyOThmMTk0MDg2YjM3YTQzNzFhNGRmOThlZjFlNzYzMGVhNTIxODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEGR+4hxQGy3Gf4Zl4pzR5fDxGVm
ID0GX3w0T5Yky09EQe+D9DQ+tOyuBuBeLXGhVNZrkyDMHbJS1fLPFTtxGlXszqrr
6irSbGvP4EPF58NmEtVWRZnrUmL+H6+rG2VN1vPBYA4xZIftStU9BfiMKhBKkuov
xtpLY9yq6CwpsZ2mSxbs/XNNK25gZ5CpRvLTp0dhzPZ57z7IYfZkBTvOIFhQI7l+
IX3ZXxe5UZ3uJF0Y1sq+VX/eafawH2G2CgoUV5rwLy7OjfDgecLnYr5DUlbmR0r7
uNl0e6KSRNWu0wQGwzcOBhTPR+554f/xULt8OcGO0CFL5n3dVu+KlXzKFQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFBQgiFKA4nU0lhHZm5BqICp16yKWMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzUwYTlhOTU5LTViZDEtNDI5My1hYWZlLTVjNWY0N2QxMjViZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMDK9AwDQYJKoZIhvcNAQELBQADggEBACjzGTrLafJB/81Es8rsQaZb
3Bh7hseKcLBwBCyobjzziu41RAmdqnH5H4ZBtCOPi9mDpk7qTgAX5xvnVbq9a4Qz
j3kAgATXkX0jHbGL/HvFytboQ6PoEq0MdfT45wPb6veAZw/LpZGF59ZFFg/Xjy6W
7i+EaCoOnwo1WUcibTTiWfcF7w/9uZyfzauwylmhMj8viLn0kbQONHnies05T58i
O7ETNPzxv/GAMjyzQ6c1sa4EtLcf6Z8cHhUg8rW9ZVZ5SKNvcRh+7GxRahxb+tOK
Dey8/iCFvaRiJLhaNNgOpnJbrb4Q0bgoO8rVZdFVoe5epF26HyxzbQOdirfNAN4=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:27:52 2025 by rpki-client