Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f60efe51-797b-4b40-95ef-52a2e036f36a.roa
File: f60efe51-797b-4b40-95ef-52a2e036f36a.roa (raw, json)
Hash identifier: TaSdO0BVer4e9NAKEFLC6aGtWGX+bNytTLSMj4IGRzk=
Subject key identifier: 26:4C:35:33:BD:21:AC:B7:C4:B5:CF:76:B1:F0:05:58:2C:85:01:09
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 4FD7D75439D707C8054EF45154B831B4C00E30C2
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f60efe51-797b-4b40-95ef-52a2e036f36a.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.248.240.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:d7:d7:54:39:d7:07:c8:05:4e:f4:51:54:b8:31:b4:c0:0e:30:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:e8:5c:1f:5d:c5:43:a7:fb:bb:d4:eb:04:0e:
23:af:cb:42:bd:65:aa:01:04:28:2b:60:c1:ad:a6:
15:e5:73:a4:ff:b1:c1:05:93:90:9d:11:51:47:94:
b7:d9:cf:72:22:ac:f9:d8:a5:ed:4a:85:32:cd:44:
b5:71:a8:d7:2b:27:ed:29:1e:63:04:a8:8d:df:38:
74:25:92:14:a6:22:0d:94:cd:9a:98:f4:79:6b:63:
56:36:43:14:01:54:c1:8b:89:7f:10:e2:04:24:2a:
e0:f8:10:e2:b2:50:32:9e:48:7b:ac:db:1c:d5:29:
9e:dc:70:65:e3:d0:bb:1f:5a:20:aa:6b:54:03:d3:
c2:40:5c:fc:f9:f4:e7:e8:54:23:4e:af:52:76:a5:
dd:16:f4:e5:d5:d0:fe:11:f1:74:a7:15:b8:ea:06:
03:39:eb:5f:66:21:5b:82:d4:4e:30:de:d3:29:8f:
4b:18:ee:9f:1e:86:cc:01:67:1d:23:3c:a1:fb:02:
7d:65:c3:fe:34:4b:19:63:e4:4d:31:b6:81:c8:55:
cc:f6:bc:4a:ee:f4:4c:5b:03:e0:bf:77:ce:a2:73:
1b:31:33:89:e9:ee:66:ac:9f:f2:ba:76:ce:ad:8e:
d3:37:53:ad:ec:81:1c:07:64:0d:b6:c4:04:96:e2:
87:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
26:4C:35:33:BD:21:AC:B7:C4:B5:CF:76:B1:F0:05:58:2C:85:01:09
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f60efe51-797b-4b40-95ef-52a2e036f36a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.240.0/21
Signature Algorithm: sha256WithRSAEncryption
74:8d:71:ab:5c:ed:79:9e:57:ae:e2:8e:58:8b:09:37:3a:d0:
a1:62:e7:fd:64:12:72:6f:3d:7b:c9:66:23:47:3e:24:95:17:
f6:dd:36:33:f3:1c:9f:e3:d8:45:8a:f2:bd:b8:1a:73:73:f6:
72:46:ef:62:a8:71:55:3f:73:f1:b8:a8:89:13:e8:8b:3e:c9:
e8:3e:80:68:86:e7:4b:a7:69:7b:90:2e:f2:08:a4:41:cd:11:
c0:3f:c4:f3:a4:03:60:ab:54:1e:0e:f2:d9:f8:3b:a8:d2:43:
58:fa:0b:47:e1:c3:6c:ea:7d:98:54:90:38:d3:98:e5:4a:06:
5b:b3:64:53:67:e4:ca:56:ea:45:6d:5c:cc:80:ae:1e:f7:41:
62:04:78:49:fc:fc:76:d4:c5:96:2c:7f:ac:2a:36:ea:67:77:
4e:1b:c8:71:fe:d0:55:f2:1e:84:68:33:da:8d:d5:49:7b:22:
f0:e3:06:06:e9:f8:39:01:da:b1:ea:ec:2b:10:5a:ef:3c:bd:
07:c4:f3:67:e2:19:38:17:47:4f:15:ca:05:b4:c1:bc:4c:09:
91:ee:4c:4f:38:f6:f5:37:0c:05:55:42:d7:8e:d5:71:e3:8d:
06:ea:e6:0b:fb:2c:fa:dd:32:0a:19:2b:dd:eb:8d:32:81:b4:
84:90:36:23
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUT9fXVDnXB8gFTvRRVLgxtMAOMMIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAYTdiMGMzM2Y3MmY2MTM1MDcyNDE4
NTlkMGE3NDQ3YjRjNjBlMmYwMGQ2MDE0NTZlYzhkZGY3YTBhOWVlM2YwZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOhcH13FQ6f7u9TrBA4jr8tCvWWq
AQQoK2DBraYV5XOk/7HBBZOQnRFRR5S32c9yIqz52KXtSoUyzUS1cajXKyftKR5j
BKiN3zh0JZIUpiINlM2amPR5a2NWNkMUAVTBi4l/EOIEJCrg+BDislAynkh7rNsc
1Sme3HBl49C7H1ogqmtUA9PCQFz8+fTn6FQjTq9SdqXdFvTl1dD+EfF0pxW46gYD
OetfZiFbgtROMN7TKY9LGO6fHobMAWcdIzyh+wJ9ZcP+NEsZY+RNMbaByFXM9rxK
7vRMWwPgv3fOonMbMTOJ6e5mrJ/yunbOrY7TN1Ot7IEcB2QNtsQEluKH0QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCZMNTO9Iay3xLXPdrHwBVgshQEJMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Y2MGVmZTUxLTc5N2ItNGI0MC05NWVmLTUyYTJlMDM2ZjM2YS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDn/jwMA0GCSqGSIb3DQEBCwUAA4IBAQB0jXGrXO15nleu4o5Yiwk3
OtChYuf9ZBJybz17yWYjRz4klRf23TYz8xyf49hFivK9uBpzc/ZyRu9iqHFVP3Px
uKiJE+iLPsnoPoBohudLp2l7kC7yCKRBzRHAP8TzpANgq1QeDvLZ+Duo0kNY+gtH
4cNs6n2YVJA405jlSgZbs2RTZ+TKVupFbVzMgK4e90FiBHhJ/Px21MWWLH+sKjbq
Z3dOG8hx/tBV8h6EaDPajdVJeyLw4wYG6fg5Adqx6uwrEFrvPL0HxPNn4hk4F0dP
FcoFtMG8TAmR7kxPOPb1NwwFVULXjtVx440G6uYL+yz63TIKGSvd640ygbSEkDYj
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:21:21 2025 by rpki-client