Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/19d8d605-09bf-4dfb-b2db-2001ae07c998.roa
File: 19d8d605-09bf-4dfb-b2db-2001ae07c998.roa (raw, json)
Hash identifier: lvcgYSnQJGqFWXZSF34UPH9EKm82bJvtkeaW25btmjQ=
Subject key identifier: 54:45:D9:D7:62:AD:82:D8:02:C7:DF:B4:04:4B:48:2E:05:C8:0C:DF
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 6161168EB96F5015A2D591078CC38BF74B8508BA
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/19d8d605-09bf-4dfb-b2db-2001ae07c998.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 43.250.192.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:61:16:8e:b9:6f:50:15:a2:d5:91:07:8c:c3:8b:f7:4b:85:08:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001, serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=231bedbae5fd28309c777fb4b0beb32baa62adcb2b9937b8104bddf98246567e, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:5d:b7:b4:26:ac:61:26:85:74:14:04:a9:43:
05:74:b1:bf:11:04:ee:69:e5:f8:ef:99:44:2d:94:
91:6f:cf:32:01:8f:e4:45:5e:78:20:9b:08:7c:d9:
a3:c8:39:70:53:3c:e9:12:f5:4e:74:a2:1d:93:c8:
2f:17:45:7d:5f:b0:18:fb:d1:78:d3:79:43:55:f8:
9b:05:87:65:ae:79:b5:e2:9b:95:d5:26:9e:66:2f:
89:dd:32:d6:6c:f3:dc:3f:b3:c2:cb:44:11:86:fa:
fa:4a:aa:32:fb:05:3e:4b:8a:3d:4d:27:48:9c:a0:
dc:ad:34:a3:2b:1d:7c:02:72:92:25:84:14:e6:26:
65:db:47:74:1f:68:85:b1:86:ef:12:89:fd:9e:ca:
d0:f1:c1:fb:2d:12:47:cd:9d:46:6c:1a:4a:47:e6:
a8:f0:24:84:05:f4:38:f6:e2:16:af:b7:a5:94:c2:
74:a1:ae:8c:d3:97:8a:8f:01:4d:dd:c4:9f:7d:80:
b3:a5:11:de:5d:51:63:46:6e:5c:c0:e2:5d:b9:6e:
fc:1d:28:b2:90:be:41:88:23:fd:8b:7b:1d:9b:b3:
e5:07:f9:02:b5:3a:08:ae:8a:fc:da:2a:06:0e:64:
cd:d2:e6:81:a9:04:f1:5a:35:ad:09:3f:54:cb:4a:
bd:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
54:45:D9:D7:62:AD:82:D8:02:C7:DF:B4:04:4B:48:2E:05:C8:0C:DF
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/19d8d605-09bf-4dfb-b2db-2001ae07c998.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.250.192.0/22
Signature Algorithm: sha256WithRSAEncryption
d8:96:a6:bf:a2:9a:7e:35:73:f0:47:59:aa:6a:fb:19:ee:6f:
11:ce:3c:aa:27:2b:02:48:1a:d8:0d:0d:61:e7:d4:6d:fc:f5:
85:5b:c9:24:b7:96:eb:9e:43:28:fb:85:89:d7:ff:18:69:75:
05:e4:ab:95:36:34:ab:83:d2:ab:8a:ea:60:af:20:7c:04:55:
e3:89:23:40:d1:6e:61:4d:8b:35:81:8a:e2:8c:bc:ac:a3:f6:
42:77:4a:12:e2:ea:a4:65:34:e7:c9:6e:30:98:a4:a8:c4:2a:
77:43:80:71:de:01:05:d9:cc:c3:36:49:ed:e3:27:f0:7d:38:
8a:40:b8:32:74:83:c8:ea:3b:c6:96:36:60:68:11:43:e9:db:
28:75:dc:cd:dc:e9:f1:94:ce:34:5c:bb:6b:06:06:52:20:9e:
1a:06:e0:d2:91:79:ba:d6:95:58:93:13:9a:0a:7f:c7:bd:29:
b5:b9:48:aa:50:e1:54:24:62:9d:c7:85:5d:82:47:82:fd:ac:
29:0d:60:6c:91:41:64:76:8c:da:69:80:fb:ed:6e:3c:1d:25:
fc:cf:36:3e:e5:13:b8:bd:27:61:0e:7b:80:7e:f4:9d:50:a3:
2d:50:28:43:a0:88:dc:c0:66:41:db:61:02:b7:bd:f1:67:37:
3d:f2:40:50
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUYWEWjrlvUBWi1ZEHjMOL90uFCLowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAMjMxYmVkYmFlNWZkMjgzMDljNzc3
ZmI0YjBiZWIzMmJhYTYyYWRjYjJiOTkzN2I4MTA0YmRkZjk4MjQ2NTY3ZTEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsF23tCasYSaFdBQEqUMFdLG/EQTu
aeX475lELZSRb88yAY/kRV54IJsIfNmjyDlwUzzpEvVOdKIdk8gvF0V9X7AY+9F4
03lDVfibBYdlrnm14puV1SaeZi+J3TLWbPPcP7PCy0QRhvr6Sqoy+wU+S4o9TSdI
nKDcrTSjKx18AnKSJYQU5iZl20d0H2iFsYbvEon9nsrQ8cH7LRJHzZ1GbBpKR+ao
8CSEBfQ49uIWr7ellMJ0oa6M05eKjwFN3cSffYCzpRHeXVFjRm5cwOJduW78HSiy
kL5BiCP9i3sdm7PlB/kCtToIror82ioGDmTN0uaBqQTxWjWtCT9Uy0q9vQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFFRF2ddirYLYAsfftARLSC4FyAzfMB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzE5ZDhkNjA1LTA5YmYtNGRmYi1iMmRiLTIwMDFhZTA3Yzk5OC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQDYlqa/opp+NXPwR1mqavsZ
7m8RzjyqJysCSBrYDQ1h59Rt/PWFW8kkt5brnkMo+4WJ1/8YaXUF5KuVNjSrg9Kr
iupgryB8BFXjiSNA0W5hTYs1gYrijLyso/ZCd0oS4uqkZTTnyW4wmKSoxCp3Q4Bx
3gEF2czDNknt4yfwfTiKQLgydIPI6jvGljZgaBFD6dsoddzN3OnxlM40XLtrBgZS
IJ4aBuDSkXm61pVYkxOaCn/HvSm1uUiqUOFUJGKdx4VdgkeC/awpDWBskUFkdoza
aYD77W48HSX8zzY+5RO4vSdhDnuAfvSdUKMtUChDoIjcwGZB22ECt73xZzc98kBQ
-----END CERTIFICATE-----
Generated at Thu Apr 17 21:19:37 2025 by rpki-client