Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/719ca283-3642-49b6-998d-44526d9a59a7.roa
File: 719ca283-3642-49b6-998d-44526d9a59a7.roa (raw, json)
Hash identifier: gUL1lhVgtxKx53PU5JvOHlXaUeEj1o91Z/3sHhie0PU=
Subject key identifier: 72:B0:DC:36:BD:EA:DB:AB:20:7A:32:4C:CB:6C:3E:12:9C:AA:F0:D1
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 39D9CC614A5435E5849FD76C4DE9CED3D5BEA33E
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/719ca283-3642-49b6-998d-44526d9a59a7.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 103.21.240.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:d9:cc:61:4a:54:35:e5:84:9f:d7:6c:4d:e9:ce:d3:d5:be:a3:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:76:8e:3b:41:38:9a:00:b7:55:e5:c2:cb:b8:
c6:f2:c0:61:2a:27:df:ed:20:0b:10:29:c2:5a:dc:
e2:ba:f7:a6:88:b1:e3:62:23:cb:a2:0d:99:4e:02:
fe:f2:4b:7d:2f:28:65:d0:ee:32:16:2e:af:9d:d8:
6c:2d:10:83:d7:8d:0e:03:1a:7c:47:16:d0:af:ae:
3b:57:db:b1:a5:6b:26:75:5f:94:16:1a:f9:b2:74:
4c:18:1e:e5:1a:0f:20:c4:45:78:3c:5c:97:5f:ca:
7b:6d:fe:3e:75:49:c7:e1:0f:75:89:0d:55:cb:23:
c0:93:ca:40:93:c3:55:63:4b:03:0f:80:13:8c:90:
79:a1:99:e7:aa:b7:b4:2e:44:2b:61:ae:8b:97:36:
48:ce:71:da:11:c2:4f:e7:08:43:18:de:e1:ca:68:
d0:94:59:58:c0:bc:26:66:17:b0:55:01:7a:cd:74:
46:42:95:53:81:64:11:f7:bb:55:3f:a7:cd:75:57:
4d:af:91:c5:d4:38:fc:0a:62:fb:4f:83:a0:27:db:
e2:ba:61:50:55:ec:0b:a0:02:5b:3e:a7:81:2b:09:
90:1a:1a:f6:4e:97:16:b8:2b:2a:07:a3:a4:8a:84:
72:85:33:b2:16:83:f4:f2:ce:54:6a:8e:f1:4a:8a:
ab:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:B0:DC:36:BD:EA:DB:AB:20:7A:32:4C:CB:6C:3E:12:9C:AA:F0:D1
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/719ca283-3642-49b6-998d-44526d9a59a7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.21.240.0/22
Signature Algorithm: sha256WithRSAEncryption
35:ae:1b:54:78:fe:86:33:33:41:23:e1:2e:57:f5:b4:df:59:
98:d3:95:4d:63:99:34:3f:c0:65:2a:53:31:4d:e0:de:e5:1b:
35:1c:c9:72:bc:6e:0c:53:cd:7e:19:d7:f5:67:0a:9f:0d:26:
a3:eb:cd:f7:78:4a:f2:74:ff:e8:d4:3e:c7:f7:7a:c0:8c:97:
df:c1:78:ba:33:62:38:91:0f:fb:bb:4c:a9:6e:5b:71:5a:40:
2a:0a:d5:4e:e6:68:22:ff:d9:fb:96:93:fc:67:7c:8f:56:02:
2a:d5:53:56:d3:0d:27:5e:81:d6:f3:92:ea:36:74:ac:c4:b2:
58:e7:49:84:aa:b1:39:4d:e5:67:0f:b5:9f:eb:5b:d1:79:e6:
8b:62:9a:e5:ab:b5:b6:83:d9:76:4e:75:05:5b:91:5d:83:3c:
44:bb:7d:02:b7:ca:24:54:62:c5:d3:04:93:02:58:8c:23:ff:
0e:88:3e:65:6b:7b:ed:19:ff:c6:0a:51:6b:89:b2:8e:d2:7e:
2d:9d:33:95:ad:82:28:4a:1b:58:e3:ba:51:c0:e7:24:12:ea:
25:41:6f:cc:49:c7:48:21:8c:40:42:cb:2f:ba:8a:9e:75:b8:
d3:74:f2:86:00:05:9e:fc:0e:8f:90:b5:04:7d:9e:ae:b1:5d:
1d:1e:3b:3b
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUOdnMYUpUNeWEn9dsTenO09W+oz4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTIxNzAwMDAwMFoX
DTI1MDEyMTIzNTk1OVowejFJMEcGA1UEBRNAMDM1Nzg3YzQwZjA1MmE4ZWYwNmNh
NWM0OWI4OWVkOGEzZWZkYTM5NGFiMzNmNDUyNzllOWRkZTllNzc2YzA5MTEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6naOO0E4mgC3VeXCy7jG8sBhKiff
7SALECnCWtziuvemiLHjYiPLog2ZTgL+8kt9Lyhl0O4yFi6vndhsLRCD140OAxp8
RxbQr647V9uxpWsmdV+UFhr5snRMGB7lGg8gxEV4PFyXX8p7bf4+dUnH4Q91iQ1V
yyPAk8pAk8NVY0sDD4ATjJB5oZnnqre0LkQrYa6LlzZIznHaEcJP5whDGN7hymjQ
lFlYwLwmZhewVQF6zXRGQpVTgWQR97tVP6fNdVdNr5HF1Dj8CmL7T4OgJ9viumFQ
VewLoAJbPqeBKwmQGhr2TpcWuCsqB6OkioRyhTOyFoP08s5Uao7xSoqrSwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFHKw3Da96turIHoyTMtsPhKcqvDRMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzcxOWNhMjgzLTM2NDItNDliNi05OThkLTQ0NTI2ZDlhNTlhNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQA1rhtUeP6GMzNBI+EuV/W0
31mY05VNY5k0P8BlKlMxTeDe5Rs1HMlyvG4MU81+Gdf1ZwqfDSaj6833eErydP/o
1D7H93rAjJffwXi6M2I4kQ/7u0ypbltxWkAqCtVO5mgi/9n7lpP8Z3yPVgIq1VNW
0w0nXoHW85LqNnSsxLJY50mEqrE5TeVnD7Wf61vReeaLYprlq7W2g9l2TnUFW5Fd
gzxEu30Ct8okVGLF0wSTAliMI/8OiD5la3vtGf/GClFribKO0n4tnTOVrYIoShtY
47pRwOckEuolQW/MScdIIYxAQssvuoqedbjTdPKGAAWe/A6PkLUEfZ6usV0dHjs7
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:31:26 2025 by rpki-client