Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/f95587cf-7170-48b0-b508-4aa1770ec2e7.roa
File: f95587cf-7170-48b0-b508-4aa1770ec2e7.roa (raw, json)
Hash identifier: 5ICcRlfGOEVNOuz0J9AUXhbdmazTtIh5lyEIVvoiyig=
Subject key identifier: 71:AD:F4:A2:7C:5B:D7:22:FD:1B:F1:C4:82:CB:95:71:E7:61:D3:C5
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 4EEC93FB06AB5F9EE1C98660CFEA61DD0BB79468
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/f95587cf-7170-48b0-b508-4aa1770ec2e7.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 122.248.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:ec:93:fb:06:ab:5f:9e:e1:c9:86:60:cf:ea:61:dd:0b:b7:94:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:15:15:bd:db:78:4b:fd:cc:a9:85:f6:10:92:
e0:d3:e5:e8:ee:12:3a:c7:72:cf:ad:36:65:85:d9:
09:30:98:0a:13:f1:2b:aa:fc:97:5b:3e:d3:e6:c7:
c0:a6:f3:38:cf:ac:38:73:59:b3:d4:e3:74:f0:7d:
45:ed:cd:75:d4:3d:b0:11:6f:7e:5f:bf:60:8a:1f:
16:10:d9:40:4f:00:bb:33:f8:a4:47:70:e3:1d:77:
c9:93:34:f4:f4:93:9e:bd:17:07:45:ba:c7:d6:aa:
19:00:fe:ac:be:a5:07:45:1f:aa:1d:6e:a5:73:32:
46:b1:77:85:92:7e:15:3a:b2:97:1c:f6:f1:3f:eb:
8e:42:0e:d6:d9:2d:3c:98:26:8e:ce:64:61:41:1a:
3e:b4:8c:6b:6e:22:46:d5:67:f6:b8:2f:6b:52:b6:
38:bd:38:fb:99:bc:92:8b:43:24:3f:32:84:7a:1a:
92:42:42:8e:2b:6a:e2:58:08:5a:83:bf:90:3a:70:
5c:88:7b:be:cd:d0:39:c7:cd:4a:b4:87:60:7a:ee:
f1:49:da:57:3d:c3:d3:24:b3:4c:7a:35:21:9a:05:
3b:dd:38:8c:64:e4:77:d9:6e:80:94:8b:38:79:f0:
bf:c4:75:59:71:3b:e1:72:ae:8e:8c:28:b9:e4:5b:
48:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:AD:F4:A2:7C:5B:D7:22:FD:1B:F1:C4:82:CB:95:71:E7:61:D3:C5
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/f95587cf-7170-48b0-b508-4aa1770ec2e7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
122.248.192.0/18
Signature Algorithm: sha256WithRSAEncryption
0e:f2:51:d9:35:84:cb:80:93:36:4e:2e:5d:58:0e:7f:9c:54:
6c:12:bd:00:7d:fe:4d:5c:d7:cb:a4:7b:45:70:e3:85:2e:3a:
5e:48:b6:a7:71:91:02:58:f4:8d:55:59:ac:6a:27:24:9f:c7:
6e:b9:9d:fd:1f:ae:43:1e:ba:39:bf:70:fe:3c:d7:93:9a:4e:
c6:20:9d:76:07:d9:20:45:02:32:3f:9a:6e:1a:1a:18:81:17:
a2:65:a8:0a:cc:4c:73:f5:7d:94:19:32:3f:a8:2e:83:9d:a6:
e6:54:ab:70:25:91:1e:54:63:23:70:9d:f7:4d:58:91:4f:a1:
4a:ba:89:19:17:45:6b:6e:a6:f0:42:c8:d5:01:e1:17:c5:e6:
7d:d1:a2:dc:e0:8a:58:53:9a:14:c8:09:ec:b5:06:0a:33:14:
9e:81:27:6e:2c:f3:7a:a7:a8:fb:7e:ea:34:24:db:09:94:ad:
b4:be:77:c1:44:95:42:6e:2f:61:27:35:c3:f9:d0:af:b7:77:
73:c0:92:75:1f:19:67:48:bb:8e:cc:18:31:33:6a:18:1d:c6:
19:a9:7e:43:c0:9d:75:b5:29:74:13:00:b4:fe:77:ec:ac:d2:
f1:ad:a0:35:03:a6:f0:75:fb:a7:fd:db:60:c5:73:7f:b0:e8:
48:0a:b7:3e
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUTuyT+warX57hyYZgz+ph3Qu3lGgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTEyOTAwMDAwMFoX
DTI1MDEwMzIzNTk1OVowejFJMEcGA1UEBRNANzI5YTI0ZjJmYTI4MGNhMWVhMzQ0
YzdiYWZkMjRiMjVkZTczY2ZhZjBlMWEwZTI1M2NlYzc4YTNjZjBhZGIxNjEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBUVvdt4S/3MqYX2EJLg0+Xo7hI6
x3LPrTZlhdkJMJgKE/ErqvyXWz7T5sfApvM4z6w4c1mz1ON08H1F7c111D2wEW9+
X79gih8WENlATwC7M/ikR3DjHXfJkzT09JOevRcHRbrH1qoZAP6svqUHRR+qHW6l
czJGsXeFkn4VOrKXHPbxP+uOQg7W2S08mCaOzmRhQRo+tIxrbiJG1Wf2uC9rUrY4
vTj7mbySi0MkPzKEehqSQkKOK2riWAhag7+QOnBciHu+zdA5x81KtIdgeu7xSdpX
PcPTJLNMejUhmgU73TiMZOR32W6AlIs4efC/xHVZcTvhcq6OjCi55FtIzQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFHGt9KJ8W9ci/RvxxILLlXHnYdPFMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
L2Y5NTU4N2NmLTcxNzAtNDhiMC1iNTA4LTRhYTE3NzBlYzJlNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQGevjAMA0GCSqGSIb3DQEBCwUAA4IBAQAO8lHZNYTLgJM2Ti5dWA5/
nFRsEr0Aff5NXNfLpHtFcOOFLjpeSLancZECWPSNVVmsaickn8duuZ39H65DHro5
v3D+PNeTmk7GIJ12B9kgRQIyP5puGhoYgReiZagKzExz9X2UGTI/qC6DnabmVKtw
JZEeVGMjcJ33TViRT6FKuokZF0VrbqbwQsjVAeEXxeZ90aLc4IpYU5oUyAnstQYK
MxSegSduLPN6p6j7fuo0JNsJlK20vnfBRJVCbi9hJzXD+dCvt3dzwJJ1HxlnSLuO
zBgxM2oYHcYZqX5DwJ11tSl0EwC0/nfsrNLxraA1A6bwdfun/dtgxXN/sOhICrc+
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:10:34 2025 by rpki-client