Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0f25f76-9916-4274-8e75-fa724a3b50b7.roa
File: e0f25f76-9916-4274-8e75-fa724a3b50b7.roa (raw, json)
Hash identifier: PXpI+n7elxK0WzSTleg788QQcwrl6yZ5KfUmEHBsYww=
Subject key identifier: 04:9D:9B:8C:27:60:64:17:08:C3:00:3B:24:A1:E7:2A:7B:38:19:08
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2EF58EB2D5169DC3B9CA75D89D93EAA6BC50DA82
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0f25f76-9916-4274-8e75-fa724a3b50b7.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 43.249.44.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:f5:8e:b2:d5:16:9d:c3:b9:ca:75:d8:9d:93:ea:a6:bc:50:da:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:01:cb:32:c7:98:fb:cb:b7:44:61:a7:d6:14:
b4:94:f2:d8:60:d2:40:fa:b0:db:59:7d:b4:a9:e8:
34:d0:28:f2:d4:c5:92:9d:29:98:89:d3:7b:52:4e:
b9:2a:2b:09:ba:e0:bb:a5:78:e2:00:6b:bc:e7:0d:
a5:47:72:30:a3:cc:35:04:8e:27:99:14:3d:4d:69:
10:6f:16:0c:c1:9b:99:a4:fd:c6:f4:aa:45:65:34:
20:ef:05:93:44:45:cb:d6:68:61:63:e7:a9:78:85:
76:9c:0c:70:6f:0d:b1:d2:74:b5:39:03:c8:7b:41:
50:a4:a5:e2:8e:61:29:fe:f2:09:90:f8:9b:76:12:
7b:f6:4f:77:ca:05:d7:34:1c:c3:f7:e7:c9:33:0e:
92:2e:e3:6a:7c:aa:fd:f2:ec:84:b2:a7:f1:0a:d1:
fd:50:e9:b5:f5:61:0d:e0:0d:0f:28:94:9c:e8:36:
83:c8:11:2b:2c:ad:04:5e:4c:5b:59:19:33:a5:9f:
ea:d5:e4:f0:49:82:90:18:f6:6a:ad:0f:a9:16:9f:
4c:07:18:10:b2:e5:d0:a4:41:22:76:5c:87:9a:04:
c7:a4:cf:ae:69:3f:2b:6a:a6:f1:ed:76:ec:11:e5:
47:1b:ce:ac:01:af:6d:6d:56:0c:10:36:9a:f6:67:
f0:87
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:9D:9B:8C:27:60:64:17:08:C3:00:3B:24:A1:E7:2A:7B:38:19:08
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e0f25f76-9916-4274-8e75-fa724a3b50b7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.249.44.0/22
Signature Algorithm: sha256WithRSAEncryption
13:77:05:04:d8:e2:35:49:a1:9f:d5:49:70:f3:05:0c:96:67:
a4:2c:e5:33:4d:3a:bb:7b:0f:59:94:2e:34:74:17:fe:f1:9b:
e9:f3:3d:0e:fa:79:17:83:63:2d:80:8d:ef:93:e9:29:05:0d:
f4:26:25:24:04:72:cc:32:79:46:b5:f4:15:a1:b8:2e:08:7c:
84:59:93:38:2d:2a:6b:a0:b5:90:3e:d1:e1:3d:d9:1f:68:21:
e9:87:06:81:96:59:7d:23:cb:b0:13:63:d6:9c:f6:2a:8d:6f:
b1:8c:00:3f:c6:ca:6e:31:22:7e:b1:3b:7f:18:65:1c:93:8d:
a3:fd:60:59:7b:26:56:0d:91:3a:17:aa:4a:dc:5a:06:98:55:
4d:20:b6:95:ba:f5:d6:4e:e2:0a:ea:32:f6:e4:e7:01:40:15:
69:67:13:bc:62:98:fb:5a:32:bb:7e:2d:29:9c:c6:88:33:18:
70:91:f7:32:3d:ee:30:65:b5:a8:2f:62:89:3a:c8:68:52:35:
79:5b:8e:18:79:0e:1a:7e:db:13:fb:c9:7c:0f:f2:cd:56:ac:
ef:1e:90:b7:bd:3e:f8:27:09:83:0a:41:9f:b8:b5:09:14:34:
9a:01:eb:d5:28:7f:fb:4f:d4:2c:38:c8:a5:6c:8d:b3:10:38:
86:75:14:f4
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIULvWOstUWncO5ynXYnZPqprxQ2oIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAYTZhNzZhY2E0NTk3M2YwZTc4MDQz
ZTBlNWFhMmQ2YWQ4YjdjODljYjAxZjlmNDQ3NjRlMzI0NjkyNzUwOGU4ZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwHLMseY+8u3RGGn1hS0lPLYYNJA
+rDbWX20qeg00Cjy1MWSnSmYidN7Uk65KisJuuC7pXjiAGu85w2lR3Iwo8w1BI4n
mRQ9TWkQbxYMwZuZpP3G9KpFZTQg7wWTREXL1mhhY+epeIV2nAxwbw2x0nS1OQPI
e0FQpKXijmEp/vIJkPibdhJ79k93ygXXNBzD9+fJMw6SLuNqfKr98uyEsqfxCtH9
UOm19WEN4A0PKJSc6DaDyBErLK0EXkxbWRkzpZ/q1eTwSYKQGPZqrQ+pFp9MBxgQ
suXQpEEidlyHmgTHpM+uaT8raqbx7XbsEeVHG86sAa9tbVYMEDaa9mfwhwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFASdm4wnYGQXCMMAOySh5yp7OBkIMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UwZjI1Zjc2LTk5MTYtNDI3NC04ZTc1LWZhNzI0YTNiNTBiNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK/ksMA0GCSqGSIb3DQEBCwUAA4IBAQATdwUE2OI1SaGf1Ulw8wUM
lmekLOUzTTq7ew9ZlC40dBf+8Zvp8z0O+nkXg2MtgI3vk+kpBQ30JiUkBHLMMnlG
tfQVobguCHyEWZM4LSproLWQPtHhPdkfaCHphwaBlll9I8uwE2PWnPYqjW+xjAA/
xspuMSJ+sTt/GGUck42j/WBZeyZWDZE6F6pK3FoGmFVNILaVuvXWTuIK6jL25OcB
QBVpZxO8Ypj7WjK7fi0pnMaIMxhwkfcyPe4wZbWoL2KJOshoUjV5W44YeQ4aftsT
+8l8D/LNVqzvHpC3vT74JwmDCkGfuLUJFDSaAevVKH/7T9QsOMilbI2zEDiGdRT0
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:33:47 2025 by rpki-client