Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa
File: e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa (raw, json)
Hash identifier: ngBY+LO8vrNjiIcqWEWaVOeq6uYg/g57jlLBnAkVeFw=
Subject key identifier: C6:BE:26:9A:01:35:EA:52:64:5C:4B:B8:AF:12:BA:57:89:47:7A:35
Certificate issuer: /CN=A91F635F0000/serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Certificate serial: 1B7BC91236B5A74F1ECE31C2A1C059FBE0720046
Authority key identifier: 53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
Authority info access: rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa
Signing time: Wed 18 Dec 2024 00:00:00 +0000
ROA not before: Wed 18 Dec 2024 00:00:00 +0000
ROA not after: Wed 22 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 159.248.200.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:7b:c9:12:36:b5:a7:4f:1e:ce:31:c2:a1:c0:59:fb:e0:72:00:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=53DC22125FA34F3986CBF12422E34F9B9C661BE7
Validity
Not Before: Dec 18 00:00:00 2024 GMT
Not After : Jan 22 23:59:59 2025 GMT
Subject: serialNumber=e828191cd9d02608707a990bb8e962919ad7160e02b75501925f0fcd4407764c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:bf:17:32:17:52:c7:8a:4e:e2:93:f9:3f:e0:
a7:01:67:33:30:ac:33:f5:fd:95:04:1c:3e:b8:29:
fb:69:18:ec:22:23:dd:30:ca:c8:e7:50:8a:5a:ec:
d7:52:8a:8c:bb:42:24:83:d3:4b:e4:99:f0:ae:75:
43:96:67:e8:de:79:c5:91:26:7e:29:01:ce:72:60:
3f:b5:0b:92:81:44:54:c7:9f:55:1a:b9:da:47:1f:
13:3e:99:8d:9b:30:4f:0f:27:89:b7:10:33:82:de:
e1:60:f8:35:68:79:17:26:68:b8:c9:13:7f:e5:c9:
16:cc:19:cc:2d:97:b2:eb:0b:9a:61:b1:94:80:8b:
53:a1:20:bc:db:0e:ea:82:0f:cf:28:76:03:39:03:
23:24:17:84:ef:91:de:71:1e:1e:78:d4:fc:6a:08:
60:de:0e:d6:c5:ac:06:82:d4:a8:f8:a3:63:3f:ff:
04:bb:79:e2:46:0f:e5:2e:35:2b:fc:12:01:54:9b:
c0:fa:e8:a2:d1:1f:58:a8:0a:28:72:72:9b:da:bf:
26:03:62:81:3d:b1:35:b5:32:19:c7:08:52:03:d4:
13:14:2a:d2:c9:88:70:dd:64:84:47:9c:d8:c2:4b:
3d:14:36:91:fe:7c:ef:f4:dd:bb:c6:30:b6:dc:45:
f4:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:BE:26:9A:01:35:EA:52:64:5C:4B:B8:AF:12:BA:57:89:47:7A:35
X509v3 Authority Key Identifier:
keyid:53:DC:22:12:5F:A3:4F:39:86:CB:F1:24:22:E3:4F:9B:9C:66:1B:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B3A24F201D6611E28AC8837C72FD1FF2/U9wiEl-jTzmGy_EkIuNPm5xmG-c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e05f4504-bb83-4b18-bbd9-8d82e42913d5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a5b01bdd-cdeb-4cfc-8c93-7e70c5e09306.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
159.248.200.0/21
Signature Algorithm: sha256WithRSAEncryption
95:ec:ca:89:8d:cd:a3:3f:a5:93:9f:41:bd:09:ae:a0:83:94:
11:de:28:06:29:5f:9c:42:4f:06:40:1f:fe:66:66:c2:49:84:
f4:47:70:a4:d3:f1:97:e9:98:70:cd:15:cf:b3:a4:0f:bb:50:
95:da:1a:58:6d:4e:05:94:52:bc:5f:86:98:59:f4:3f:5f:8f:
12:80:90:13:42:0b:c0:0c:17:36:a7:76:35:82:bd:10:84:de:
64:eb:be:31:ca:67:4c:38:12:e3:49:98:10:ae:8b:9b:58:95:
0d:dd:3b:db:8a:6f:f7:bb:1a:74:22:52:79:2d:2e:6f:5c:d3:
73:9c:b1:5e:74:86:e9:d9:01:1f:fc:d6:bd:b5:15:e3:e4:8f:
51:7a:c2:2e:35:a0:65:99:90:93:b6:68:b8:b2:8c:57:8a:e5:
e1:e9:a9:25:e4:d0:2d:03:6a:fa:82:d1:97:1f:6e:6f:07:18:
1c:cb:23:7b:26:48:f0:8f:d8:c7:03:b7:7a:ab:12:6c:11:9a:
1d:33:67:cf:32:8d:3a:45:13:9b:d4:9d:f0:2a:87:7a:a7:d4:
81:c1:ae:f7:04:53:fb:47:db:75:cb:ec:fd:d4:9a:c8:f7:0d:
3d:73:85:23:3a:e5:7b:d0:b4:bc:e2:0a:92:03:e6:2e:4c:6f:
f8:8a:15:ef
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUG3vJEja1p08ezjHCocBZ++ByAEYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg1M0RDMjIxMjVG
QTM0RjM5ODZDQkYxMjQyMkUzNEY5QjlDNjYxQkU3MB4XDTI0MTIxODAwMDAwMFoX
DTI1MDEyMjIzNTk1OVowejFJMEcGA1UEBRNAZTgyODE5MWNkOWQwMjYwODcwN2E5
OTBiYjhlOTYyOTE5YWQ3MTYwZTAyYjc1NTAxOTI1ZjBmY2Q0NDA3NzY0YzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq78XMhdSx4pO4pP5P+CnAWczMKwz
9f2VBBw+uCn7aRjsIiPdMMrI51CKWuzXUoqMu0Ikg9NL5JnwrnVDlmfo3nnFkSZ+
KQHOcmA/tQuSgURUx59VGrnaRx8TPpmNmzBPDyeJtxAzgt7hYPg1aHkXJmi4yRN/
5ckWzBnMLZey6wuaYbGUgItToSC82w7qgg/PKHYDOQMjJBeE75HecR4eeNT8aghg
3g7WxawGgtSo+KNjP/8Eu3niRg/lLjUr/BIBVJvA+uii0R9YqAoocnKb2r8mA2KB
PbE1tTIZxwhSA9QTFCrSyYhw3WSER5zYwks9FDaR/nzv9N27xjC23EX0kwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFMa+JpoBNepSZFxLuK8SuleJR3o1MB8GA1UdIwQY
MBaAFFPcIhJfo085hsvxJCLjT5ucZhvnMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CM0EyNEYyMDFENjYxMUUyOEFDODgzN0M3MkZEMUZGMi9VOXdpRWwt
alR6bUd5X0VrSXVOUG01eG1HLWMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UwNWY0NTA0LWJiODMtNGIxOC1iYmQ5LThkODJlNDI5MTNkNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvYTViMDFiZGQtY2RlYi00Y2ZjLThjOTMtN2U3MGM1ZTA5MzA2LmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDn/jIMA0GCSqGSIb3DQEBCwUAA4IBAQCV7MqJjc2jP6WTn0G9Ca6g
g5QR3igGKV+cQk8GQB/+ZmbCSYT0R3Ck0/GX6ZhwzRXPs6QPu1CV2hpYbU4FlFK8
X4aYWfQ/X48SgJATQgvADBc2p3Y1gr0QhN5k674xymdMOBLjSZgQroubWJUN3Tvb
im/3uxp0IlJ5LS5vXNNznLFedIbp2QEf/Na9tRXj5I9ResIuNaBlmZCTtmi4soxX
iuXh6akl5NAtA2r6gtGXH25vBxgcyyN7Jkjwj9jHA7d6qxJsEZodM2fPMo06RROb
1J3wKod6p9SBwa73BFP7R9t1y+z91JrI9w09c4UjOuV70LS84gqSA+YuTG/4ihXv
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:33:48 2025 by rpki-client