Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/04f7b09a-162c-4157-82a1-273946cdf1db.roa
File: 04f7b09a-162c-4157-82a1-273946cdf1db.roa (raw, json)
Hash identifier: qH5VT4XKnPkckx4zSUIAmIllynm5DYdLpb/8uRMS5X4=
Subject key identifier: 56:BC:15:B8:0C:CD:4D:EF:C1:40:92:92:42:D9:09:43:1A:B2:44:7F
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6DD5B4016DDD9C59721DA982B2355C92392812F9
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/04f7b09a-162c-4157-82a1-273946cdf1db.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 203.83.220.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:d5:b4:01:6d:dd:9c:59:72:1d:a9:82:b2:35:5c:92:39:28:12:f9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: serialNumber=b73e78ff9cb781e9e54eee02af3f73bffa8a35af7d416644ad7004ef716df515, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:bf:3e:ce:55:9b:ae:2b:ae:ea:84:61:88:00:
9b:e3:21:d3:f6:60:b5:79:af:14:8b:98:f7:05:f0:
79:9e:a1:b1:7c:f9:e2:ca:71:0e:13:55:e3:cc:f4:
cc:16:7b:53:c1:37:d4:2e:df:1d:23:e7:02:4b:53:
75:7b:b8:18:b8:e2:52:dc:01:60:7d:0b:1b:4b:e4:
8f:39:a4:4d:47:89:dd:f8:dd:d0:d3:50:c4:2e:8a:
21:6c:83:8d:b8:87:17:48:5b:bc:f8:93:2d:bc:f9:
05:ab:e3:83:4e:67:b7:25:85:4e:81:cc:2e:cb:04:
9f:71:9f:5f:8d:02:14:c1:0e:59:2f:7a:a0:7d:40:
a7:1f:38:c6:3e:a8:27:0d:52:4c:73:7e:29:5c:0c:
50:ef:8e:8b:fd:74:f0:03:2e:a7:05:29:9b:57:db:
93:c7:f9:ea:8a:47:51:49:8b:98:e5:df:c3:e6:65:
70:ad:21:bb:13:94:81:4f:38:f4:56:7c:eb:17:15:
22:51:65:98:32:5d:f1:a9:35:0b:12:40:34:10:ec:
b4:67:f4:d6:cc:c4:5c:62:ad:16:27:5d:0c:6c:a6:
b5:23:d8:92:07:4c:bc:8b:60:11:c3:76:09:7a:86:
14:58:37:e2:4e:2c:47:e1:11:9d:1c:76:89:3f:0d:
7c:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:BC:15:B8:0C:CD:4D:EF:C1:40:92:92:42:D9:09:43:1A:B2:44:7F
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/04f7b09a-162c-4157-82a1-273946cdf1db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.83.220.0/22
Signature Algorithm: sha256WithRSAEncryption
95:81:13:73:f9:4e:a9:ab:d4:f8:9c:02:46:51:84:ae:68:51:
3b:63:da:35:26:95:5f:51:39:5b:fe:02:28:0b:a7:3a:92:1f:
a0:e2:f3:56:68:11:53:c6:64:d1:6d:c2:b7:a5:00:66:62:b1:
a5:44:12:81:5b:59:4b:06:8b:25:fe:2c:fa:87:1e:e1:e0:3c:
a5:36:c7:3f:f6:93:75:e5:f2:90:e4:98:5e:9d:f8:2f:a7:68:
12:9e:ef:b5:f8:55:43:ce:5c:87:c0:6f:af:82:c8:4b:9c:f6:
e5:ef:3c:0d:7f:05:49:53:d9:71:71:b1:96:08:d8:98:80:7c:
93:69:21:a4:73:61:f8:9f:7a:ea:f2:e6:94:3c:54:91:32:b4:
09:df:27:82:6c:52:75:33:8b:cf:12:54:4e:28:96:fd:c1:26:
11:bb:81:08:d5:1c:3a:b2:43:c9:81:59:47:d0:dd:7d:2e:ea:
7a:46:4a:a4:16:94:db:ea:58:c6:7f:11:c7:cb:35:df:0c:1d:
4d:14:21:c7:03:a6:e6:57:8a:fe:ef:a2:c0:ee:0c:d5:7d:c3:
96:bf:16:38:98:ff:ec:64:52:34:e3:34:7f:25:ec:8a:ef:d8:
11:e8:fe:26:a9:58:1d:91:5e:be:31:39:07:78:9b:50:4d:57:
c3:77:b4:6f
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUbdW0AW3dnFlyHamCsjVckjkoEvkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMDAwMDAwMFoX
DTI1MDIxNDIzNTk1OVowejFJMEcGA1UEBRNAYjczZTc4ZmY5Y2I3ODFlOWU1NGVl
ZTAyYWYzZjczYmZmYThhMzVhZjdkNDE2NjQ0YWQ3MDA0ZWY3MTZkZjUxNTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+b8+zlWbriuu6oRhiACb4yHT9mC1
ea8Ui5j3BfB5nqGxfPniynEOE1XjzPTMFntTwTfULt8dI+cCS1N1e7gYuOJS3AFg
fQsbS+SPOaRNR4nd+N3Q01DELoohbIONuIcXSFu8+JMtvPkFq+ODTme3JYVOgcwu
ywSfcZ9fjQIUwQ5ZL3qgfUCnHzjGPqgnDVJMc34pXAxQ746L/XTwAy6nBSmbV9uT
x/nqikdRSYuY5d/D5mVwrSG7E5SBTzj0VnzrFxUiUWWYMl3xqTULEkA0EOy0Z/TW
zMRcYq0WJ10MbKa1I9iSB0y8i2ARw3YJeoYUWDfiTixH4RGdHHaJPw189QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFFa8FbgMzU3vwUCSkkLZCUMaskR/MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzA0ZjdiMDlhLTE2MmMtNDE1Ny04MmExLTI3Mzk0NmNkZjFkYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCy1PcMA0GCSqGSIb3DQEBCwUAA4IBAQCVgRNz+U6pq9T4nAJGUYSu
aFE7Y9o1JpVfUTlb/gIoC6c6kh+g4vNWaBFTxmTRbcK3pQBmYrGlRBKBW1lLBosl
/iz6hx7h4DylNsc/9pN15fKQ5Jhenfgvp2gSnu+1+FVDzlyHwG+vgshLnPbl7zwN
fwVJU9lxcbGWCNiYgHyTaSGkc2H4n3rq8uaUPFSRMrQJ3yeCbFJ1M4vPElROKJb9
wSYRu4EI1Rw6skPJgVlH0N19Lup6RkqkFpTb6ljGfxHHyzXfDB1NFCHHA6bmV4r+
76LA7gzVfcOWvxY4mP/sZFI04zR/JeyK79gR6P4mqVgdkV6+MTkHeJtQTVfDd7Rv
-----END CERTIFICATE-----
Generated at Thu Apr 17 17:43:41 2025 by rpki-client