Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/417866c6-b48e-49e4-a19e-cfccea84fbb7.roa
File: 417866c6-b48e-49e4-a19e-cfccea84fbb7.roa (raw, json)
Hash identifier: I7/wHkkwyp79F7uI/PtHFuwFHgksms1I8XA/KG+VmOE=
Subject key identifier: 25:A8:07:2F:B9:CD:09:9B:23:7A:1B:AF:43:6F:29:6D:33:AF:85:EB
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 47EAD6877D965FA63C748FFB8FC6F77AD2D6E388
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/417866c6-b48e-49e4-a19e-cfccea84fbb7.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 175.41.128.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
47:ea:d6:87:7d:96:5f:a6:3c:74:8f:fb:8f:c6:f7:7a:d2:d6:e3:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:5e:4d:22:b0:5c:0a:83:fb:2b:08:b8:08:18:
ce:91:d4:f1:57:70:bd:20:41:57:e6:a0:57:b3:79:
04:c8:6d:8f:a5:2f:7b:4e:61:0a:80:67:8b:c4:33:
b2:4c:a7:ff:cc:fc:a5:7e:4d:33:84:bd:91:20:ff:
a8:27:d4:fa:01:bc:bb:52:e9:b2:44:2e:34:78:ef:
ee:16:bb:12:60:a2:2e:0c:fb:fc:2a:ba:e4:58:8b:
a6:15:c9:9d:4a:73:23:d9:1c:3c:32:88:13:86:6b:
62:c3:00:6c:5e:61:e4:23:dc:55:15:78:70:3c:4f:
d0:58:19:30:85:93:dc:a0:59:9c:8f:69:91:5d:30:
00:6c:2e:0d:3b:64:af:5b:46:3d:4c:8d:2e:6c:c6:
07:91:20:c3:d5:d9:94:cb:f1:8b:1d:e1:9b:44:09:
41:3e:56:39:74:f2:5a:3e:51:06:7e:78:5e:2c:9f:
cb:58:a5:31:87:26:ca:64:f7:fe:cf:ea:dc:94:13:
52:2c:d7:8f:d2:2a:cb:d3:75:bc:01:93:c0:2e:af:
a2:cb:7e:da:13:a4:6b:d1:e5:5e:e7:33:a6:e3:0b:
1a:39:17:29:08:09:34:ca:dc:d0:8e:6b:a9:c5:d5:
0f:57:cd:98:41:ee:76:39:ec:29:7e:67:6f:4c:f5:
60:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
25:A8:07:2F:B9:CD:09:9B:23:7A:1B:AF:43:6F:29:6D:33:AF:85:EB
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/417866c6-b48e-49e4-a19e-cfccea84fbb7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.128.0/18
Signature Algorithm: sha256WithRSAEncryption
15:69:5d:63:93:6e:2e:fd:3a:0c:61:a9:2e:54:8e:1c:08:45:
b4:95:dd:e3:20:46:a6:65:12:21:81:33:30:e4:dd:e2:ce:92:
ae:d7:0c:fc:ae:38:53:50:2b:21:5b:ed:38:b3:1d:5e:cb:5b:
7d:68:50:fd:35:ab:a7:15:20:2a:a7:ef:1f:7a:05:f0:5e:60:
51:5e:ad:7f:45:4d:63:11:c0:ca:45:e5:a2:9c:45:35:62:43:
1a:52:11:da:05:42:af:72:a5:e1:3c:a5:eb:c3:54:89:f5:68:
3b:a3:15:bc:51:47:07:08:04:a6:c6:34:f8:fc:8a:da:c7:b4:
52:2f:a5:cd:02:9a:35:ff:d3:d4:a9:11:46:50:7a:2f:fa:a9:
80:06:ff:3b:ab:42:1d:ef:74:4a:27:db:73:87:aa:45:9c:f6:
af:dc:65:7b:ea:20:3f:82:df:c4:ec:43:ad:ff:86:83:10:fc:
ee:f2:f4:66:9b:12:24:ce:3b:fb:81:5d:b7:6c:99:b2:ff:8b:
02:63:4b:e1:7c:a6:35:3b:70:f9:7f:11:d6:8d:b8:87:4e:6f:
73:7c:03:2d:a8:47:29:ee:86:a5:d0:1f:f0:74:34:59:07:db:
df:65:29:0d:55:23:7a:00:06:4a:3e:4b:52:49:ab:e2:3c:9e:
52:65:9a:88
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUR+rWh32WX6Y8dI/7j8b3etLW44gwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTEyOTAwMDAwMFoX
DTI1MDEwMzIzNTk1OVowejFJMEcGA1UEBRNAMTUzNjhmMTliZGFjOTc3ZWNkMjgw
YjZmNWY0MWY5N2ViMzk4MzgwN2EwMDI3MzE2YTBlZDgxZWRiNDkyNDkyNTEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiV5NIrBcCoP7Kwi4CBjOkdTxV3C9
IEFX5qBXs3kEyG2PpS97TmEKgGeLxDOyTKf/zPylfk0zhL2RIP+oJ9T6Aby7Uumy
RC40eO/uFrsSYKIuDPv8KrrkWIumFcmdSnMj2Rw8MogThmtiwwBsXmHkI9xVFXhw
PE/QWBkwhZPcoFmcj2mRXTAAbC4NO2SvW0Y9TI0ubMYHkSDD1dmUy/GLHeGbRAlB
PlY5dPJaPlEGfnheLJ/LWKUxhybKZPf+z+rclBNSLNeP0irL03W8AZPALq+iy37a
E6Rr0eVe5zOm4wsaORcpCAk0ytzQjmupxdUPV82YQe52OewpfmdvTPVgxwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFCWoBy+5zQmbI3obr0NvKW0zr4XrMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzQxNzg2NmM2LWI0OGUtNDllNC1hMTllLWNmY2NlYTg0ZmJiNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQGrymAMA0GCSqGSIb3DQEBCwUAA4IBAQAVaV1jk24u/ToMYakuVI4c
CEW0ld3jIEamZRIhgTMw5N3izpKu1wz8rjhTUCshW+04sx1ey1t9aFD9NaunFSAq
p+8fegXwXmBRXq1/RU1jEcDKReWinEU1YkMaUhHaBUKvcqXhPKXrw1SJ9Wg7oxW8
UUcHCASmxjT4/Irax7RSL6XNApo1/9PUqRFGUHov+qmABv87q0Id73RKJ9tzh6pF
nPav3GV76iA/gt/E7EOt/4aDEPzu8vRmmxIkzjv7gV23bJmy/4sCY0vhfKY1O3D5
fxHWjbiHTm9zfAMtqEcp7oal0B/wdDRZB9vfZSkNVSN6AAZKPktSSaviPJ5SZZqI
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:43:20 2025 by rpki-client