Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9787bdbe-f3f0-457d-8edc-d01a0d2e9001.roa
File: 9787bdbe-f3f0-457d-8edc-d01a0d2e9001.roa (raw, json)
Hash identifier: MBUP57gYGMoLRwb2oSxY/s77S62TA5c8gy7C7yrYaEk=
Subject key identifier: 20:07:82:D0:08:A3:DF:59:C6:92:01:51:92:C9:1D:16:17:1A:7F:EC
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5AE69513C189019C2017AB2BE52B3F6452DBD14E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9787bdbe-f3f0-457d-8edc-d01a0d2e9001.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.208.0.0/15 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:e6:95:13:c1:89:01:9c:20:17:ab:2b:e5:2b:3f:64:52:db:d1:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0c:e9:1e:8a:7e:e5:02:03:4a:da:58:53:11:
b3:d0:52:e8:5a:ee:95:27:84:7f:69:77:06:c7:2d:
1e:2b:29:65:4a:35:6c:0b:a9:f9:0d:6c:5e:0d:d4:
dd:f2:83:59:74:a9:28:ec:ab:6f:c9:9e:b0:12:f7:
d1:a9:82:47:f3:ca:35:f9:5f:4e:cc:6f:c8:91:a1:
78:63:5e:ca:49:7e:8e:2c:90:fd:a7:dd:1b:81:41:
06:76:56:e0:27:cd:04:28:46:12:7c:5c:ec:db:29:
b7:29:92:ff:4c:14:8a:db:76:e6:57:c8:c6:f8:43:
19:20:3e:21:05:fe:74:c0:07:e3:41:77:20:9c:f0:
ce:79:14:1d:23:d8:60:d1:e2:6e:8b:3e:a3:e6:ac:
eb:b2:66:cb:7d:5a:78:06:4c:ef:8e:eb:c1:b2:11:
38:42:5f:d6:a0:6f:34:96:bb:fc:bb:6f:71:fb:c8:
c4:11:71:d3:c0:eb:b1:93:fd:cb:3b:fe:39:63:fd:
5e:98:43:89:3c:73:ed:b6:29:8a:c8:a3:08:c9:a7:
e4:3c:47:5f:d8:6a:27:bb:37:47:fd:95:53:7e:bf:
6c:c2:e1:01:a2:24:92:de:6a:af:c9:80:95:61:9e:
34:a0:61:ab:28:c5:87:23:b1:63:13:81:60:7e:c2:
62:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:07:82:D0:08:A3:DF:59:C6:92:01:51:92:C9:1D:16:17:1A:7F:EC
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/9787bdbe-f3f0-457d-8edc-d01a0d2e9001.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.208.0.0/15
Signature Algorithm: sha256WithRSAEncryption
a0:b7:96:eb:ae:32:3e:e8:69:a0:78:92:b6:89:60:3a:c5:14:
14:6c:55:56:27:df:0d:72:d5:a7:c0:2e:da:70:af:dc:37:25:
da:a1:48:8f:af:4b:2f:77:7e:ad:b8:1f:2d:aa:ea:72:40:fc:
e9:94:c4:c5:d8:6c:55:61:a0:7a:7d:9f:81:89:5b:b8:11:c5:
02:07:6c:6e:3b:8d:4b:3b:3c:dc:af:cc:15:77:b1:8e:d0:72:
53:89:7e:e6:f9:ad:77:bc:1b:45:ca:93:62:a3:80:5d:5f:7d:
fa:9c:77:64:b3:8d:26:9f:8d:1d:9c:67:96:4f:33:09:3f:07:
d8:b2:d5:11:97:db:40:6b:2a:1e:d6:cb:e6:23:52:c5:5a:1f:
b6:bf:e5:d5:08:35:c0:c8:60:8f:23:56:0c:87:65:b8:66:08:
5b:a7:0d:ec:40:a2:2b:97:48:22:06:78:35:ab:12:6d:1e:6e:
f0:da:42:6d:34:50:ed:76:f8:96:5a:55:1b:1d:f4:57:76:39:
00:dc:21:ef:b8:68:2e:14:37:6d:8b:96:84:fa:8e:97:02:3a:
4d:12:a6:79:7d:62:48:3d:b6:66:d4:a1:8e:7b:69:12:27:22:
37:d3:a6:bf:64:02:62:40:47:5f:cc:ef:49:12:76:ed:ab:32:
99:f9:24:25
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUWuaVE8GJAZwgF6sr5Ss/ZFLb0U4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNAMmU4NTAyMTI1Y2M4NGY4NmJmZjZl
NGRlNjcxNTQ0YzcyZTAwZGQ4MTZhMzU2ZjZjMjJjNjM3OGFlZTc0MDkwNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gzpHop+5QIDStpYUxGz0FLoWu6V
J4R/aXcGxy0eKyllSjVsC6n5DWxeDdTd8oNZdKko7KtvyZ6wEvfRqYJH88o1+V9O
zG/IkaF4Y17KSX6OLJD9p90bgUEGdlbgJ80EKEYSfFzs2ym3KZL/TBSK23bmV8jG
+EMZID4hBf50wAfjQXcgnPDOeRQdI9hg0eJuiz6j5qzrsmbLfVp4BkzvjuvBshE4
Ql/WoG80lrv8u29x+8jEEXHTwOuxk/3LO/45Y/1emEOJPHPttimKyKMIyafkPEdf
2GonuzdH/ZVTfr9swuEBoiSS3mqvyYCVYZ40oGGrKMWHI7FjE4FgfsJihQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFCAHgtAIo99ZxpIBUZLJHRYXGn/sMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzk3ODdiZGJlLWYzZjAtNDU3ZC04ZWRjLWQwMWEwZDJlOTAwMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMBK9AwDQYJKoZIhvcNAQELBQADggEBAKC3luuuMj7oaaB4kraJYDrF
FBRsVVYn3w1y1afALtpwr9w3JdqhSI+vSy93fq24Hy2q6nJA/OmUxMXYbFVhoHp9
n4GJW7gRxQIHbG47jUs7PNyvzBV3sY7QclOJfub5rXe8G0XKk2KjgF1fffqcd2Sz
jSafjR2cZ5ZPMwk/B9iy1RGX20BrKh7Wy+YjUsVaH7a/5dUINcDIYI8jVgyHZbhm
CFunDexAoiuXSCIGeDWrEm0ebvDaQm00UO12+JZaVRsd9Fd2OQDcIe+4aC4UN22L
loT6jpcCOk0Spnl9Ykg9tmbUoY57aRInIjfTpr9kAmJAR1/M70kSdu2rMpn5JCU=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:30:30 2025 by rpki-client