Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ead4ddb0-c257-495f-afa7-48a907cd2857.roa
File: ead4ddb0-c257-495f-afa7-48a907cd2857.roa (raw, json)
Hash identifier: PNjRovKcfOrkoe9lmG6f36jwVAGqc/pllhIpvC++1hg=
Subject key identifier: 27:25:39:CF:76:83:A7:FF:36:41:6E:76:64:1C:18:18:60:EB:C6:BB
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 440F46D8270DD8023C0F764BB8F46C88D1F1A1AF
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ead4ddb0-c257-495f-afa7-48a907cd2857.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.249.46.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:0f:46:d8:27:0d:d8:02:3c:0f:76:4b:b8:f4:6c:88:d1:f1:a1:af
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:b2:e4:fa:cb:37:62:fe:4d:48:60:3f:04:c8:
69:0a:bf:8a:cb:66:75:0c:58:f5:88:98:7c:95:95:
bc:5f:b9:ea:65:9e:b9:1e:ce:58:d2:d8:6f:26:ed:
c3:44:20:e2:35:39:4d:85:17:41:a0:6b:81:e9:3a:
c1:69:dd:a8:2e:ec:8d:5a:d6:6f:8f:ed:0f:45:80:
76:5e:74:87:94:8c:31:e8:52:33:73:53:d1:3c:bd:
99:88:71:7f:6b:80:f8:f6:b6:a1:2b:f7:47:4c:ec:
80:f7:c0:74:50:58:cb:93:9d:58:e9:ef:0f:83:eb:
05:90:6f:74:fb:76:12:71:6f:e3:ac:32:2c:ff:bd:
d7:26:0f:c9:90:0f:49:14:a2:08:8c:d5:78:1b:3c:
0e:f1:23:21:8e:fb:26:c1:1c:75:38:18:38:4d:2f:
61:e7:73:a5:c2:32:fa:d7:32:39:ab:aa:18:0b:9a:
70:84:b8:31:d2:2b:ee:1b:c9:a4:af:01:8c:f2:5e:
69:6e:23:22:4f:6d:05:0a:e8:8b:e5:34:ef:99:f8:
d0:28:11:6c:41:db:aa:a0:ab:e8:c4:6e:30:ec:91:
4f:94:c8:d0:5b:d1:05:ad:94:9d:37:c4:ab:f0:a8:
bd:50:b4:1a:d5:ef:04:c9:29:da:19:f6:29:5b:0f:
85:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:25:39:CF:76:83:A7:FF:36:41:6E:76:64:1C:18:18:60:EB:C6:BB
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ead4ddb0-c257-495f-afa7-48a907cd2857.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.249.46.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:e5:6a:b1:11:01:9f:e1:ee:0f:b2:0b:96:6b:9e:39:67:5d:
90:c4:73:21:04:fb:c4:48:03:0b:8a:0f:c8:6c:ba:86:0d:10:
c7:a8:04:f6:1d:40:14:04:dd:58:fb:f2:88:70:54:bc:b7:f1:
aa:53:eb:ce:c5:c5:5b:06:35:3d:b2:92:36:05:c6:82:de:6b:
9d:4a:74:0c:6d:18:c3:ab:ad:58:d0:c2:32:c6:f6:32:97:92:
21:7d:c1:23:0b:d7:bd:80:6a:e6:9b:ad:11:02:a9:db:90:4b:
a0:90:f7:40:b5:66:f1:49:4c:8d:5e:f3:2a:18:63:92:ac:c5:
07:7d:52:d6:8f:57:9c:7a:0d:d9:b4:f3:8a:f6:9d:84:60:65:
66:ca:f1:94:a4:a1:a4:41:87:22:26:64:57:67:22:af:93:26:
dc:61:5a:84:82:f0:f1:2d:b3:bb:0a:1a:f3:8f:bf:66:97:7d:
98:ee:e3:3d:ee:07:2c:59:68:d3:87:69:d6:78:bd:67:cf:ff:
41:c6:b5:c4:e3:6b:81:6e:2e:9b:2e:9e:3e:3a:6c:68:b7:aa:
96:b9:de:65:d5:98:04:ed:25:e0:ff:bc:3e:02:f3:3b:5b:7c:
0c:87:76:3b:ac:88:ce:e5:50:d4:67:cc:fc:2f:c6:c8:2e:d7:
a5:4a:c4:5f
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIURA9G2CcN2AI8D3ZLuPRsiNHxoa8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNANDg0OWYyZWMzYWFhNzQ1MTNkODdh
NDM3NDQ4MmIxNWYyMTY2ZGNjNThmZmYzZjMyMGNiZDZkNmUzZThhYjVjNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsrLk+ss3Yv5NSGA/BMhpCr+Ky2Z1
DFj1iJh8lZW8X7nqZZ65Hs5Y0thvJu3DRCDiNTlNhRdBoGuB6TrBad2oLuyNWtZv
j+0PRYB2XnSHlIwx6FIzc1PRPL2ZiHF/a4D49rahK/dHTOyA98B0UFjLk51Y6e8P
g+sFkG90+3YScW/jrDIs/73XJg/JkA9JFKIIjNV4GzwO8SMhjvsmwRx1OBg4TS9h
53OlwjL61zI5q6oYC5pwhLgx0ivuG8mkrwGM8l5pbiMiT20FCuiL5TTvmfjQKBFs
QduqoKvoxG4w7JFPlMjQW9EFrZSdN8Sr8Ki9ULQa1e8EySnaGfYpWw+FtwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCclOc92g6f/NkFudmQcGBhg68a7MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VhZDRkZGIwLWMyNTctNDk1Zi1hZmE3LTQ4YTkwN2NkMjg1Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAK/kuMA0GCSqGSIb3DQEBCwUAA4IBAQCO5WqxEQGf4e4PsguWa545
Z12QxHMhBPvESAMLig/IbLqGDRDHqAT2HUAUBN1Y+/KIcFS8t/GqU+vOxcVbBjU9
spI2BcaC3mudSnQMbRjDq61Y0MIyxvYyl5IhfcEjC9e9gGrmm60RAqnbkEugkPdA
tWbxSUyNXvMqGGOSrMUHfVLWj1eceg3ZtPOK9p2EYGVmyvGUpKGkQYciJmRXZyKv
kybcYVqEgvDxLbO7Chrzj79ml32Y7uM97gcsWWjTh2nWeL1nz/9BxrXE42uBbi6b
Lp4+Omxot6qWud5l1ZgE7SXg/7w+AvM7W3wMh3Y7rIjO5VDUZ8z8L8bILtelSsRf
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:42:13 2025 by rpki-client