Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa
File: 9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa (raw, json)
Hash identifier: PkNNg3AeleK8kiUzF/Y2d0g8Z2Z/qRonGLfYXUyL3uM=
Subject key identifier: 91:DE:EF:33:4B:90:53:4C:37:51:2E:D1:5A:27:D8:CA:80:78:F3:89
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 5D3271EC47188DDED1C2A811008B53B374E0DA0B
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 103.21.240.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:32:71:ec:47:18:8d:de:d1:c2:a8:11:00:8b:53:b3:74:e0:da:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9e:be:df:a3:1b:a9:6e:f8:1d:30:b7:a0:1d:
f0:63:f3:92:e9:bb:84:2a:92:54:3c:0a:c2:32:00:
9d:76:83:df:e5:12:b7:ec:09:89:38:cd:ed:74:4b:
1a:d1:7d:84:9c:ca:32:86:0c:55:9e:fe:df:87:33:
82:d7:0f:ad:5b:d0:e5:eb:ee:17:ae:26:b5:d2:94:
0c:8b:37:e0:a1:42:48:70:1f:03:02:c7:77:c1:1b:
c4:78:15:bb:1d:79:ea:60:01:90:22:5b:f6:c1:b0:
dc:d6:13:4f:5e:df:b4:f1:ab:bb:bf:d3:c7:cc:67:
c1:1e:30:aa:e7:0d:ff:9b:26:4e:84:b4:ab:c7:1b:
2b:0f:a1:78:89:4a:7e:0c:52:45:af:8a:e5:b5:38:
20:53:fa:8e:a1:68:11:48:94:6e:0b:2f:e2:3b:76:
14:f1:40:d0:50:c5:d9:3b:4f:ce:d0:03:29:c3:a0:
42:a9:2b:d9:90:4b:7e:da:e7:96:95:ac:df:4c:03:
d5:29:0e:77:48:81:f1:fd:68:f7:d9:7e:b1:db:25:
42:b7:32:71:f9:02:96:13:89:50:e7:cc:9e:06:22:
74:e3:c8:49:44:dc:8b:15:0d:6f:12:c9:00:50:6d:
42:f7:28:b0:fe:40:d1:cb:e4:1f:69:14:17:0a:9f:
22:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:DE:EF:33:4B:90:53:4C:37:51:2E:D1:5A:27:D8:CA:80:78:F3:89
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fb28a95-f5bb-4868-9ab3-7d83d5142538.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.21.240.0/22
Signature Algorithm: sha256WithRSAEncryption
81:d0:e7:c5:f7:92:63:00:bf:4c:48:12:95:ab:99:d8:f4:bf:
4b:d3:ea:11:44:bd:cb:e5:f9:50:a0:49:40:99:ff:b5:37:6b:
ba:6b:77:cc:ff:af:b3:c8:f4:8e:eb:76:cf:25:b3:c8:f1:4b:
32:97:2d:58:0c:ca:28:20:69:3f:e4:e8:06:df:f0:1b:9a:54:
c9:f4:46:0b:02:ef:52:3d:94:dd:9f:8d:b1:49:16:56:66:9f:
0e:20:f1:16:82:02:a2:cb:6d:9d:f7:7e:76:5c:0c:4a:57:e4:
d0:f6:5c:88:82:c9:d6:41:10:78:d4:c3:37:a1:1f:3c:bf:59:
6a:cc:b2:4b:be:49:ea:7c:96:40:2c:d3:1d:8b:78:98:ca:8f:
42:77:7a:9c:5e:d4:bd:bc:22:a8:3a:d0:4d:4b:c6:64:46:bb:
9c:65:66:fb:d3:84:b8:f9:a2:78:10:70:fd:98:92:2d:20:d0:
27:45:1a:a8:db:14:74:05:54:8a:c7:35:8b:cc:1a:08:37:7f:
67:d7:ff:5e:4c:83:cb:d5:48:7a:a8:dd:c4:39:a1:47:7c:47:
92:5e:2d:92:3b:06:07:76:5f:c8:61:74:0f:60:75:f6:7e:57:
05:c1:bf:9d:71:0e:0e:5b:25:8b:a5:78:50:28:20:8a:99:ef:
92:4f:6c:8c
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUXTJx7EcYjd7RwqgRAItTs3Tg2gswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTIxNzAwMDAwMFoX
DTI1MDEyMTIzNTk1OVowejFJMEcGA1UEBRNAOWNlMzQ3NjM5MzkzOWEwZGY3MTcw
MGJiZjNlNmQzODRmN2U2YzJjMWFjYzg0N2Y2ZjRiODdhMzVmYzE4ZDAwMTEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz56+36MbqW74HTC3oB3wY/OS6buE
KpJUPArCMgCddoPf5RK37AmJOM3tdEsa0X2EnMoyhgxVnv7fhzOC1w+tW9Dl6+4X
ria10pQMizfgoUJIcB8DAsd3wRvEeBW7HXnqYAGQIlv2wbDc1hNPXt+08au7v9PH
zGfBHjCq5w3/myZOhLSrxxsrD6F4iUp+DFJFr4rltTggU/qOoWgRSJRuCy/iO3YU
8UDQUMXZO0/O0AMpw6BCqSvZkEt+2ueWlazfTAPVKQ53SIHx/Wj32X6x2yVCtzJx
+QKWE4lQ58yeBiJ048hJRNyLFQ1vEskAUG1C9yiw/kDRy+QfaRQXCp8imQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJHe7zNLkFNMN1Eu0Von2MqAePOJMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzlmYjI4YTk1LWY1YmItNDg2OC05YWIzLTdkODNkNTE0MjUzOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQCB0OfF95JjAL9MSBKVq5nY
9L9L0+oRRL3L5flQoElAmf+1N2u6a3fM/6+zyPSO63bPJbPI8Usyly1YDMooIGk/
5OgG3/AbmlTJ9EYLAu9SPZTdn42xSRZWZp8OIPEWggKiy22d9352XAxKV+TQ9lyI
gsnWQRB41MM3oR88v1lqzLJLvknqfJZALNMdi3iYyo9Cd3qcXtS9vCKoOtBNS8Zk
RrucZWb704S4+aJ4EHD9mJItINAnRRqo2xR0BVSKxzWLzBoIN39n1/9eTIPL1Uh6
qN3EOaFHfEeSXi2SOwYHdl/IYXQPYHX2flcFwb+dcQ4OWyWLpXhQKCCKme+ST2yM
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:32:48 2025 by rpki-client