Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ce35c6d4-7339-4288-8a0e-b63877fb2df7.roa
File: ce35c6d4-7339-4288-8a0e-b63877fb2df7.roa (raw, json)
Hash identifier: MNOoe78cbfG72h2ndGMeYn2kFNWtifu3UCa798LsPOQ=
Subject key identifier: E3:33:01:7D:99:98:E3:DC:B0:BC:C0:C8:66:5C:F0:ED:F8:29:9D:C5
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 3383719E8EC148E35D4B6D945461A14B40F94E31
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ce35c6d4-7339-4288-8a0e-b63877fb2df7.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.248.128.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:83:71:9e:8e:c1:48:e3:5d:4b:6d:94:54:61:a1:4b:40:f9:4e:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=360fac3fd54e96c167c916007e5a74b36c4acab41bfa1acaef97adb40b2ba8ba, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:91:61:43:e5:12:86:42:b3:00:c9:a1:c6:f5:
d5:6a:de:76:2b:0d:f0:fb:64:9c:1b:54:8a:9a:88:
72:38:ef:63:9b:94:0f:77:d0:26:8c:9e:a4:5c:95:
95:3d:d5:37:84:fb:e9:76:c8:78:c5:20:f5:dd:a5:
c5:01:fd:ed:4e:df:c1:54:53:2f:8c:29:fe:4f:89:
e4:10:05:dd:7f:d8:0a:3e:27:82:cd:3f:d1:4e:22:
48:08:d9:2f:67:3a:cd:15:b1:f4:1b:4c:20:bd:ba:
c6:32:10:5f:0a:a1:ae:46:58:46:0c:3a:11:22:cc:
bb:d9:6a:9a:ba:5f:0a:19:a2:ed:47:6d:5d:0c:b6:
3c:88:3e:b5:2d:56:5f:80:16:7f:55:1b:af:b2:87:
27:aa:06:59:20:15:89:f9:cb:c1:1b:00:ff:0d:87:
63:96:33:b1:34:c2:51:24:6f:93:9f:1e:d6:1c:6f:
48:c2:da:33:fc:c0:c3:cf:2e:35:b4:3c:3a:26:c1:
e0:42:74:dd:47:fc:85:b6:79:84:bb:f0:00:f2:e7:
33:54:f9:f3:e7:f3:30:0b:0b:0d:46:b2:f6:21:7d:
e7:3e:44:29:09:c5:c5:10:67:aa:db:08:5b:42:13:
09:04:3b:db:d4:9d:94:5d:33:3b:86:0b:c7:ae:3f:
7e:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:33:01:7D:99:98:E3:DC:B0:BC:C0:C8:66:5C:F0:ED:F8:29:9D:C5
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ce35c6d4-7339-4288-8a0e-b63877fb2df7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.128.0/22
Signature Algorithm: sha256WithRSAEncryption
18:9d:0e:3d:95:f2:ca:e4:f3:8f:fb:bc:cd:d0:a1:5d:92:a9:
aa:10:41:60:c3:ff:d2:dd:ee:c3:d7:2a:92:3f:e0:7e:19:e2:
4c:d6:41:42:eb:22:b5:20:95:ae:fb:d1:e2:25:3d:ac:48:57:
83:6e:ac:91:63:a3:ae:de:ec:91:58:24:b7:e8:11:21:37:46:
c1:07:7b:06:c2:57:c7:0f:32:e6:ab:40:d0:03:54:2d:95:63:
a1:67:20:f1:89:be:8d:c9:92:f8:8a:c4:7d:49:5c:20:9a:a0:
31:3c:0d:53:b1:3b:1b:03:4f:4a:9b:1e:3b:1f:8e:96:1b:72:
5f:09:f5:24:fe:f4:cb:20:64:a0:63:b9:da:66:a5:5e:ac:12:
45:d1:bf:ab:ec:ec:40:1a:87:47:3f:4b:81:72:76:1e:ab:c8:
4c:70:96:d6:ca:6e:7c:e7:ed:d4:3b:6f:c5:da:8c:09:a1:88:
43:96:b2:40:8c:7f:51:32:68:b3:a7:12:65:4b:c2:19:48:2f:
48:43:1d:d7:41:f9:32:93:ce:45:ae:89:cd:43:21:f0:bc:65:
12:06:ae:7a:ed:5e:93:d6:b7:75:b9:b5:4b:64:fb:ca:8f:e1:
23:9d:e3:5c:f2:f7:00:47:b1:0a:54:fb:f5:ff:42:10:7e:1f:
94:23:58:40
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUM4Nxno7BSONdS22UVGGhS0D5TjEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNAMzYwZmFjM2ZkNTRlOTZjMTY3Yzkx
NjAwN2U1YTc0YjM2YzRhY2FiNDFiZmExYWNhZWY5N2FkYjQwYjJiYThiYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5ZFhQ+UShkKzAMmhxvXVat52Kw3w
+2ScG1SKmohyOO9jm5QPd9AmjJ6kXJWVPdU3hPvpdsh4xSD13aXFAf3tTt/BVFMv
jCn+T4nkEAXdf9gKPieCzT/RTiJICNkvZzrNFbH0G0wgvbrGMhBfCqGuRlhGDDoR
Isy72Wqaul8KGaLtR21dDLY8iD61LVZfgBZ/VRuvsocnqgZZIBWJ+cvBGwD/DYdj
ljOxNMJRJG+Tnx7WHG9Iwtoz/MDDzy41tDw6JsHgQnTdR/yFtnmEu/AA8uczVPnz
5/MwCwsNRrL2IX3nPkQpCcXFEGeq2whbQhMJBDvb1J2UXTM7hgvHrj9+ewIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOMzAX2ZmOPcsLzAyGZc8O34KZ3FMB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2NlMzVjNmQ0LTczMzktNDI4OC04YTBlLWI2Mzg3N2ZiMmRmNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCn/iAMA0GCSqGSIb3DQEBCwUAA4IBAQAYnQ49lfLK5POP+7zN0KFd
kqmqEEFgw//S3e7D1yqSP+B+GeJM1kFC6yK1IJWu+9HiJT2sSFeDbqyRY6Ou3uyR
WCS36BEhN0bBB3sGwlfHDzLmq0DQA1QtlWOhZyDxib6NyZL4isR9SVwgmqAxPA1T
sTsbA09Kmx47H46WG3JfCfUk/vTLIGSgY7naZqVerBJF0b+r7OxAGodHP0uBcnYe
q8hMcJbWym585+3UO2/F2owJoYhDlrJAjH9RMmizpxJlS8IZSC9IQx3XQfkyk85F
ronNQyHwvGUSBq567V6T1rd1ubVLZPvKj+EjneNc8vcAR7EKVPv1/0IQfh+UI1hA
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:34:33 2025 by rpki-client