Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dafa80e-23c0-4310-ae76-0199a9aafc6f.roa
File: 8dafa80e-23c0-4310-ae76-0199a9aafc6f.roa (raw, json)
Hash identifier: EPyzy867Nx3G9x7hj3Uj/5JVUv0hOBCWhpBifZaTztI=
Subject key identifier: 9C:10:5E:D8:C4:5D:30:4B:93:E6:C3:10:07:25:83:21:09:45:0B:37
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 465CB72008922C48FDCFB1E994D0E9F4F021790D
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dafa80e-23c0-4310-ae76-0199a9aafc6f.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 159.248.128.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
46:5c:b7:20:08:92:2c:48:fd:cf:b1:e9:94:d0:e9:f4:f0:21:79:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=57e18c6e3ef972c1ec26d4ed5fdd9b89d16f623b4dc2daf65979fece1036e1bd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:31:dd:f3:75:98:34:84:03:c6:fb:6c:12:b8:
a3:40:eb:43:df:b6:69:22:27:4e:aa:aa:67:d1:13:
34:5e:68:8e:c8:5c:d5:dc:b2:08:dd:51:51:34:18:
b2:54:a2:28:82:e1:fa:5e:8c:e6:47:79:d4:03:b0:
28:27:5e:dc:97:7c:4d:df:38:97:9c:67:f6:58:cb:
f8:61:78:8d:44:1d:e7:83:dc:67:8a:fc:2e:ff:d6:
ca:a4:c6:b7:21:e9:8f:3b:56:08:bc:18:ab:90:da:
b0:0e:fc:43:76:2b:ab:ff:9e:36:8a:a1:28:84:af:
a1:96:cc:57:65:e3:ac:14:cf:75:9f:b2:3e:3e:89:
d3:01:67:a3:12:37:54:6a:7c:8d:ff:dc:7c:64:ec:
fa:16:e1:aa:60:28:38:64:aa:dc:33:c9:ce:5c:fd:
c6:16:a4:dc:09:2f:d8:3c:f8:05:42:93:4b:ba:34:
16:f3:74:66:a0:53:b1:cd:a2:98:04:7c:2c:40:cf:
bd:0e:e0:13:5d:bd:a6:dd:cc:16:c9:e4:5b:66:37:
28:c0:51:e1:d2:f3:0f:75:a1:86:12:87:04:e3:27:
0c:f3:09:11:24:75:c8:ee:50:93:76:79:70:98:d5:
6f:8c:b1:2c:c2:ea:cc:a4:61:9f:f7:11:73:30:0d:
ab:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9C:10:5E:D8:C4:5D:30:4B:93:E6:C3:10:07:25:83:21:09:45:0B:37
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8dafa80e-23c0-4310-ae76-0199a9aafc6f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.128.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:6a:ad:91:f5:78:9a:fb:00:35:4d:41:a6:dc:87:47:da:e7:
f3:1b:39:fe:b1:b0:6d:08:af:9a:2c:f5:c1:fd:fb:cb:43:bb:
81:b6:f0:6f:e1:8c:48:c5:98:ba:ac:3f:50:13:de:8a:01:b3:
19:87:1a:d4:e1:9f:81:d0:21:73:06:52:3e:21:b2:27:d1:48:
a5:37:77:28:9d:c8:84:e2:53:29:36:52:0f:f5:c8:c4:e1:11:
ff:19:cb:1e:7a:cb:c5:2b:af:50:ea:a2:b0:7b:e3:35:32:d0:
c0:48:e7:66:31:b7:3b:07:5f:6a:87:8d:2c:24:07:8e:f2:32:
18:a2:0d:18:d7:8c:aa:81:a0:4b:5a:ab:bf:62:3c:28:05:93:
82:d6:16:9d:f4:02:76:c5:55:e0:91:56:70:f6:c3:a0:c2:cd:
0a:0e:0e:af:3d:70:a9:fd:7f:a7:9a:16:d4:5b:c3:6d:ba:19:
ff:08:01:ab:26:89:59:ea:f8:3e:24:63:38:96:0f:79:b1:88:
4e:bc:72:c3:83:6c:7b:1c:9d:b4:d7:77:46:42:57:5c:2d:c4:
53:14:dc:1d:a4:a4:a1:42:89:9f:97:cd:5f:31:96:3e:f9:5d:
68:05:9a:77:e8:1a:f2:8e:94:0e:44:d1:38:33:00:17:1d:e6:
1b:e1:12:0b
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIURly3IAiSLEj9z7HplNDp9PAheQ0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNANTdlMThjNmUzZWY5NzJjMWVjMjZk
NGVkNWZkZDliODlkMTZmNjIzYjRkYzJkYWY2NTk3OWZlY2UxMDM2ZTFiZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqzHd83WYNIQDxvtsErijQOtD37Zp
IidOqqpn0RM0XmiOyFzV3LII3VFRNBiyVKIoguH6XozmR3nUA7AoJ17cl3xN3ziX
nGf2WMv4YXiNRB3ng9xnivwu/9bKpMa3IemPO1YIvBirkNqwDvxDdiur/542iqEo
hK+hlsxXZeOsFM91n7I+PonTAWejEjdUanyN/9x8ZOz6FuGqYCg4ZKrcM8nOXP3G
FqTcCS/YPPgFQpNLujQW83RmoFOxzaKYBHwsQM+9DuATXb2m3cwWyeRbZjcowFHh
0vMPdaGGEocE4ycM8wkRJHXI7lCTdnlwmNVvjLEswurMpGGf9xFzMA2rWwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJwQXtjEXTBLk+bDEAclgyEJRQs3MB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzhkYWZhODBlLTIzYzAtNDMxMC1hZTc2LTAxOTlhOWFhZmM2Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQBaaq2R9Xia+wA1TUGm3IdH
2ufzGzn+sbBtCK+aLPXB/fvLQ7uBtvBv4YxIxZi6rD9QE96KAbMZhxrU4Z+B0CFz
BlI+IbIn0UilN3conciE4lMpNlIP9cjE4RH/GcseesvFK69Q6qKwe+M1MtDASOdm
Mbc7B19qh40sJAeO8jIYog0Y14yqgaBLWqu/YjwoBZOC1had9AJ2xVXgkVZw9sOg
ws0KDg6vPXCp/X+nmhbUW8Ntuhn/CAGrJolZ6vg+JGM4lg95sYhOvHLDg2x7HJ20
13dGQldcLcRTFNwdpKShQomfl81fMZY++V1oBZp36BryjpQORNE4MwAXHeYb4RIL
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:30:02 2025 by rpki-client