Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/f9ff7c3b-311a-406b-8de4-c655cfdeea7e.roa
File: f9ff7c3b-311a-406b-8de4-c655cfdeea7e.roa (raw, json)
Hash identifier: 2s6iDSn7XsB9fEj5r4RjM3ly5nQrTD3PXJmCKixXVZ0=
Subject key identifier: 61:6D:38:21:23:EE:DA:8E:C9:F1:F8:21:E9:3F:DE:0C:2C:4D:A8:84
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 3FB900AF46D9B730E47E2E5CCA943B068847DE2B
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/f9ff7c3b-311a-406b-8de4-c655cfdeea7e.roa
Signing time: Sat 30 Nov 2024 00:00:00 +0000
ROA not before: Sat 30 Nov 2024 00:00:00 +0000
ROA not after: Sat 04 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 175.41.192.0/18 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:b9:00:af:46:d9:b7:30:e4:7e:2e:5c:ca:94:3b:06:88:47:de:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Nov 30 00:00:00 2024 GMT
Not After : Jan 4 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:35:8c:aa:28:96:ec:0d:23:ac:47:58:4a:85:
bd:f5:b4:dc:ee:cc:e7:f6:21:a9:14:cd:ac:df:86:
74:cf:12:e3:32:09:3c:6a:f9:47:21:0b:69:27:58:
dd:11:0d:31:c0:98:96:d5:2f:29:c0:03:8b:1f:71:
23:57:e2:da:05:b0:64:0d:90:e3:2f:8e:60:9a:7a:
76:90:bb:63:0a:40:ea:3f:31:58:00:06:30:16:14:
7d:2b:71:c6:c0:a5:a4:49:0d:ab:54:4a:fe:ac:60:
98:29:e8:3c:2d:ae:c7:a1:15:3a:92:3e:ad:75:c6:
f3:1e:0b:b9:d3:24:f1:1d:c5:a8:f6:e1:17:cb:31:
50:e4:f3:f4:15:16:6a:44:74:ad:62:0f:9b:f9:7e:
ea:b7:4b:4d:e3:97:99:08:a7:73:eb:b8:82:43:37:
0d:3c:61:7b:3b:63:b0:a5:60:dc:79:07:e4:58:2d:
4d:5f:c4:9f:8e:aa:42:33:75:51:69:1a:01:3d:77:
f5:07:a4:e9:2a:84:bc:60:e2:a2:cf:24:ab:58:cc:
fe:e1:40:49:e1:3f:51:cc:60:15:cd:46:89:d0:71:
f7:01:6f:fa:4a:a9:88:3e:d0:92:c0:b4:f7:95:0b:
fc:81:3e:0b:70:89:41:ad:74:3f:25:b2:67:ae:06:
b9:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
61:6D:38:21:23:EE:DA:8E:C9:F1:F8:21:E9:3F:DE:0C:2C:4D:A8:84
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/f9ff7c3b-311a-406b-8de4-c655cfdeea7e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
175.41.192.0/18
Signature Algorithm: sha256WithRSAEncryption
32:06:7a:5e:cc:dd:2d:13:cd:78:d7:79:83:77:39:be:7e:c6:
3c:6d:15:5a:7d:c1:a7:13:48:2e:ca:56:2d:a3:5f:d1:74:2f:
7d:c8:74:1e:4a:cc:69:59:c3:f7:5c:c6:10:a3:03:53:a0:cf:
3b:dc:81:a8:e5:87:c4:eb:ad:fa:63:a4:f4:0a:99:45:ee:d4:
b5:98:ba:21:c1:ae:8e:c3:c4:2b:d8:98:59:02:07:26:7f:84:
f9:06:ba:59:bd:1f:46:a9:bb:0d:8b:b3:d6:4f:bd:1a:5c:e8:
7e:9c:41:67:b6:01:54:88:5b:53:30:92:38:58:91:a6:9d:f4:
c9:82:a3:14:a0:36:64:5a:4d:45:5b:cd:ed:f0:4f:39:41:be:
9c:0d:5b:ac:21:47:22:4e:cd:db:1b:d3:d4:0a:12:e0:4d:77:
ab:12:d2:ca:ac:2d:18:41:5d:1a:d7:25:05:b7:38:59:8f:f4:
a7:20:75:83:72:13:59:eb:2d:f7:52:cf:63:84:8a:6e:b8:ea:
2a:9c:e9:c6:a1:de:fd:2a:c7:37:50:3d:4f:e0:fa:77:2a:1f:
b0:03:5b:a9:6f:9b:54:1c:58:ec:43:9d:96:39:35:30:e8:28:
bd:fe:d4:50:96:4e:cd:f5:83:18:e2:31:7a:3d:1e:4f:3f:29:
4e:41:bc:ed
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUP7kAr0bZtzDkfi5cypQ7BohH3iswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTEzMDAwMDAwMFoX
DTI1MDEwNDIzNTk1OVowejFJMEcGA1UEBRNAZTdmZjFmMTEwNTA5NGI0OTNhMDE1
NGFlYWI3MzZlZDYyYTNhZjI2YjY3NTkzZGU4MGQxZWZmMTRkZWEyM2ZhZTEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAojWMqiiW7A0jrEdYSoW99bTc7szn
9iGpFM2s34Z0zxLjMgk8avlHIQtpJ1jdEQ0xwJiW1S8pwAOLH3EjV+LaBbBkDZDj
L45gmnp2kLtjCkDqPzFYAAYwFhR9K3HGwKWkSQ2rVEr+rGCYKeg8La7HoRU6kj6t
dcbzHgu50yTxHcWo9uEXyzFQ5PP0FRZqRHStYg+b+X7qt0tN45eZCKdz67iCQzcN
PGF7O2OwpWDceQfkWC1NX8SfjqpCM3VRaRoBPXf1B6TpKoS8YOKizySrWMz+4UBJ
4T9RzGAVzUaJ0HH3AW/6SqmIPtCSwLT3lQv8gT4LcIlBrXQ/JbJnrga5RQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGFtOCEj7tqOyfH4Iek/3gwsTaiEMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
L2Y5ZmY3YzNiLTMxMWEtNDA2Yi04ZGU0LWM2NTVjZmRlZWE3ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQGrynAMA0GCSqGSIb3DQEBCwUAA4IBAQAyBnpezN0tE81413mDdzm+
fsY8bRVafcGnE0guylYto1/RdC99yHQeSsxpWcP3XMYQowNToM873IGo5YfE6636
Y6T0CplF7tS1mLohwa6Ow8Qr2JhZAgcmf4T5BrpZvR9GqbsNi7PWT70aXOh+nEFn
tgFUiFtTMJI4WJGmnfTJgqMUoDZkWk1FW83t8E85Qb6cDVusIUciTs3bG9PUChLg
TXerEtLKrC0YQV0a1yUFtzhZj/SnIHWDchNZ6y33Us9jhIpuuOoqnOnGod79Ksc3
UD1P4Pp3Kh+wA1upb5tUHFjsQ52WOTUw6Ci9/tRQlk7N9YMY4jF6PR5PPylOQbzt
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:37:57 2025 by rpki-client