Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906a6ed0-3318-443d-9e2d-1940710be595.roa
File: 906a6ed0-3318-443d-9e2d-1940710be595.roa (raw, json)
Hash identifier: EOih8gBO75iZZUKbpESJuoEh3E6DdMlhKL87W4rtl+s=
Subject key identifier: 2F:3A:DF:1B:F3:C0:65:00:7F:9B:75:20:97:36:A3:A4:57:24:6A:E1
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 35A835E3491DB194A9731790E12D72A1321D0B14
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906a6ed0-3318-443d-9e2d-1940710be595.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.248.232.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:a8:35:e3:49:1d:b1:94:a9:73:17:90:e1:2d:72:a1:32:1d:0b:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:56:25:fa:0a:cf:f6:70:27:04:9a:2d:7e:84:
e2:e4:f8:5c:03:9f:d9:cb:4b:45:66:64:60:2c:ff:
e3:16:cb:c2:5e:9e:7d:bc:37:80:ec:e2:a8:91:75:
5c:c2:bc:49:d9:b7:25:4d:a0:cf:84:bc:b2:19:5e:
07:90:e6:21:4d:87:a5:96:22:19:a2:eb:3a:a4:92:
0d:70:62:cc:88:7a:49:cd:0c:2f:45:45:a0:b4:4d:
32:1b:76:00:c1:85:5a:59:2e:13:7d:ab:d9:d1:57:
21:82:76:26:72:da:84:63:54:c8:75:e3:c9:43:37:
d7:a7:11:c8:6d:22:be:97:83:f2:6e:30:53:85:76:
3a:4a:d6:33:ac:bb:9f:e5:5c:7c:cc:06:00:41:80:
2a:44:5f:7c:e0:c5:06:f1:85:d5:68:d9:dc:ab:ba:
1e:7c:70:80:3b:1c:0f:c3:96:55:21:d5:1b:c1:e8:
72:c6:e3:62:7c:dd:86:b7:ae:6a:f6:50:63:17:8e:
be:45:58:c5:9d:9f:dd:39:86:21:47:c9:a5:45:9a:
3f:fd:04:93:9b:36:99:0d:b0:73:0b:6c:bd:34:10:
6b:dd:db:41:ad:5e:00:3f:0a:0f:c8:31:14:f2:7d:
a3:3a:1a:4a:35:48:57:16:a3:b9:d5:49:84:4d:06:
7f:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:3A:DF:1B:F3:C0:65:00:7F:9B:75:20:97:36:A3:A4:57:24:6A:E1
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/906a6ed0-3318-443d-9e2d-1940710be595.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.232.0/21
Signature Algorithm: sha256WithRSAEncryption
34:1c:a0:13:83:28:8a:b0:0d:16:c4:ca:c8:da:62:32:5f:40:
4b:1f:6e:d9:b2:48:eb:74:2d:cd:c0:86:64:dd:31:03:39:2c:
c4:16:a8:8e:ae:98:4d:7e:42:17:8f:b4:f5:b0:0b:7b:9a:a0:
86:99:61:5b:30:38:0f:79:88:e5:76:f0:0c:c0:c9:26:69:da:
00:10:6a:f3:c1:1f:f2:f5:13:7b:e6:da:01:cb:22:f4:93:1c:
b7:70:39:01:d4:e4:c7:61:8f:31:a0:29:ae:f6:ab:22:b7:7d:
7f:d1:cb:27:10:e9:5f:26:0d:9f:48:14:3a:9b:bd:3e:d4:64:
40:5a:c9:a9:5f:bf:f8:62:6f:19:f6:b0:65:ae:a4:2c:fe:27:
b1:a2:7d:46:b8:39:a0:71:a6:70:47:0d:72:c9:58:20:5d:03:
c8:f3:3e:98:70:55:4d:c5:8f:dd:fd:8d:5a:09:51:7a:3b:c8:
02:1c:81:00:eb:e1:6d:f4:5c:7e:e4:a7:c3:0d:7c:f7:61:79:
67:63:83:e5:e5:c0:16:a9:df:e1:31:1a:3e:0b:44:ea:e8:c9:
66:fd:8e:2a:a5:b2:ed:6a:87:d4:f5:cd:94:e4:45:db:84:f4:
57:42:d9:51:86:ac:af:83:7c:ce:a1:9f:93:dc:9b:c7:33:f4:
c9:0a:4a:fc
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUNag140kdsZSpcxeQ4S1yoTIdCxQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAYjgyZGM3NDY2Y2ZkM2JjZDNlOThj
OWU5ZTBiMGYyYzIxYTI3NTNmNzhiMDY1NTE5MjlhMmI4NWMxNzdmZDhmYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwVYl+grP9nAnBJotfoTi5PhcA5/Z
y0tFZmRgLP/jFsvCXp59vDeA7OKokXVcwrxJ2bclTaDPhLyyGV4HkOYhTYelliIZ
ous6pJINcGLMiHpJzQwvRUWgtE0yG3YAwYVaWS4TfavZ0VchgnYmctqEY1TIdePJ
QzfXpxHIbSK+l4PybjBThXY6StYzrLuf5Vx8zAYAQYAqRF984MUG8YXVaNncq7oe
fHCAOxwPw5ZVIdUbwehyxuNifN2Gt65q9lBjF46+RVjFnZ/dOYYhR8mlRZo//QST
mzaZDbBzC2y9NBBr3dtBrV4APwoPyDEU8n2jOhpKNUhXFqO51UmETQZ/KwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFC863xvzwGUAf5t1IJc2o6RXJGrhMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzkwNmE2ZWQwLTMzMTgtNDQzZC05ZTJkLTE5NDA3MTBiZTU5NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDn/joMA0GCSqGSIb3DQEBCwUAA4IBAQA0HKATgyiKsA0WxMrI2mIy
X0BLH27ZskjrdC3NwIZk3TEDOSzEFqiOrphNfkIXj7T1sAt7mqCGmWFbMDgPeYjl
dvAMwMkmadoAEGrzwR/y9RN75toByyL0kxy3cDkB1OTHYY8xoCmu9qsit31/0csn
EOlfJg2fSBQ6m70+1GRAWsmpX7/4Ym8Z9rBlrqQs/iexon1GuDmgcaZwRw1yyVgg
XQPI8z6YcFVNxY/d/Y1aCVF6O8gCHIEA6+Ft9Fx+5KfDDXz3YXlnY4Pl5cAWqd/h
MRo+C0Tq6Mlm/Y4qpbLtaofU9c2U5EXbhPRXQtlRhqyvg3zOoZ+T3JvHM/TJCkr8
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:27:20 2025 by rpki-client