Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa
File: fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa (raw, json)
Hash identifier: R4X1ZU8JdY4FWX50LY4jGevF9LKIZGvb4PeGjijROHc=
Subject key identifier: 09:92:CA:26:12:0C:E8:C1:AB:13:A3:03:C8:63:F9:A3:B3:EF:D3:81
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 733ACB18B5671C5511E91465DCE827E7E53C1205
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.224.76.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
73:3a:cb:18:b5:67:1c:55:11:e9:14:65:dc:e8:27:e7:e5:3c:12:05
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000, serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: serialNumber=34516cdd45991a64265ec4909a5c146d254454af656dca5347398b81ebe6e3a2, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ab:57:dc:e9:7c:85:79:a3:31:a0:d3:df:9b:
10:60:00:9b:f6:75:e0:3c:62:f2:1d:d2:0a:67:96:
08:d9:24:a5:eb:c7:25:e9:94:96:3a:af:2e:82:02:
28:52:fc:84:5b:6d:20:b9:2b:08:aa:1c:0b:a8:0c:
30:fd:9c:0b:38:fc:f2:8e:ad:9a:8f:a8:4c:1f:b1:
3a:0b:89:cf:e2:98:be:f3:6b:55:dd:ac:01:13:69:
bb:9e:2d:9f:88:82:bf:47:e1:ab:06:93:39:3e:f9:
8a:3d:37:f9:c3:58:7a:2c:c8:ed:b6:4e:bd:6d:07:
6e:0e:f4:f0:8d:76:a0:81:5f:27:a5:9a:c9:1a:67:
20:88:23:9c:37:74:a0:32:04:1b:06:f3:60:97:30:
9d:dc:22:b6:a4:56:fd:47:ff:5b:e5:68:fc:68:60:
c4:14:1d:e2:da:e5:bf:0b:4c:a5:80:f2:75:74:a4:
30:83:2f:0d:32:4e:6a:bc:c3:02:b7:00:ca:69:ff:
df:6b:6d:e6:5e:53:46:01:65:16:20:87:3d:53:4d:
86:09:65:a9:eb:d5:f9:b0:28:61:ba:1a:f8:50:2e:
df:04:90:5f:d3:82:b4:da:ee:3e:ad:fa:c1:51:71:
95:0c:c3:33:73:b4:9b:f2:40:92:ff:6b:a2:71:52:
c5:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:92:CA:26:12:0C:E8:C1:AB:13:A3:03:C8:63:F9:A3:B3:EF:D3:81
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/fda62ac0-bc2c-4d57-a69e-8a7c469cd2d8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.224.76.0/22
Signature Algorithm: sha256WithRSAEncryption
18:34:80:4b:77:91:24:25:a9:2b:e6:f7:dc:40:25:5d:1a:e6:
f6:29:0e:bf:40:b1:b3:25:80:d2:3d:c4:b1:16:1f:d1:88:f3:
81:cb:99:c3:f9:51:2f:cc:0d:74:65:0c:6d:b3:81:63:89:45:
fe:07:86:22:2f:a8:b9:21:55:f4:fe:28:04:8d:5c:2d:46:35:
f6:e6:e1:31:d5:fe:2a:25:dd:9d:9f:a6:2b:53:9a:65:c4:28:
77:5c:77:b9:97:b4:04:ff:ff:6e:16:c7:99:2a:f7:60:8e:1a:
65:a1:b5:2d:7f:d7:5f:da:3b:df:65:5f:19:2f:4f:f8:b3:08:
39:89:df:0e:69:49:80:5b:c9:1f:bd:94:82:ed:17:73:66:b3:
2f:02:50:e0:04:41:9a:c4:91:65:0f:e5:7c:86:47:b3:75:0b:
cd:92:10:82:d5:29:9c:84:4d:66:81:04:e2:85:6d:20:30:73:
a5:71:f4:4d:ed:06:05:b1:99:c4:ca:c9:30:58:3f:55:ad:5a:
2a:7d:04:ed:68:08:99:4c:79:96:b6:ac:ea:65:8e:8e:11:f4:
7c:56:b7:37:76:96:62:7e:bd:c6:7a:2a:44:58:39:99:a2:db:
3f:f4:53:f9:48:61:a0:ab:71:8e:88:29:30:37:e7:02:88:f6:
6a:1d:b1:64
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUczrLGLVnHFUR6RRl3Ogn5+U8EgUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIyNTAwMDAwMFoX
DTI1MDEyOTIzNTk1OVowejFJMEcGA1UEBRNAMzQ1MTZjZGQ0NTk5MWE2NDI2NWVj
NDkwOWE1YzE0NmQyNTQ0NTRhZjY1NmRjYTUzNDczOThiODFlYmU2ZTNhMjEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzatX3Ol8hXmjMaDT35sQYACb9nXg
PGLyHdIKZ5YI2SSl68cl6ZSWOq8uggIoUvyEW20guSsIqhwLqAww/ZwLOPzyjq2a
j6hMH7E6C4nP4pi+82tV3awBE2m7ni2fiIK/R+GrBpM5PvmKPTf5w1h6LMjttk69
bQduDvTwjXaggV8npZrJGmcgiCOcN3SgMgQbBvNglzCd3CK2pFb9R/9b5Wj8aGDE
FB3i2uW/C0ylgPJ1dKQwgy8NMk5qvMMCtwDKaf/fa23mXlNGAWUWIIc9U02GCWWp
69X5sChhuhr4UC7fBJBf04K02u4+rfrBUXGVDMMzc7Sb8kCS/2uicVLFkQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFAmSyiYSDOjBqxOjA8hj+aOz79OBMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
L2ZkYTYyYWMwLWJjMmMtNGQ1Ny1hNjllLThhN2M0NjljZDJkOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQAYNIBLd5EkJakr5vfcQCVd
Gub2KQ6/QLGzJYDSPcSxFh/RiPOBy5nD+VEvzA10ZQxts4FjiUX+B4YiL6i5IVX0
/igEjVwtRjX25uEx1f4qJd2dn6YrU5plxCh3XHe5l7QE//9uFseZKvdgjhplobUt
f9df2jvfZV8ZL0/4swg5id8OaUmAW8kfvZSC7RdzZrMvAlDgBEGaxJFlD+V8hkez
dQvNkhCC1SmchE1mgQTihW0gMHOlcfRN7QYFsZnEyskwWD9VrVoqfQTtaAiZTHmW
tqzqZY6OEfR8Vrc3dpZifr3GeipEWDmZots/9FP5SGGgq3GOiCkwN+cCiPZqHbFk
-----END CERTIFICATE-----
Generated at Thu Apr 17 07:57:56 2025 by rpki-client