Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa
File: b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa (raw, json)
Hash identifier: s5LM7f/sKeg5WtoZ99XskUdFnbasYioLBL0VEAx//sY=
Subject key identifier: AC:6D:4F:03:F0:84:B0:E8:BD:1A:42:38:30:A6:43:5C:91:D9:B9:E7
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 6DA99D8F9EB386000788B8777C427D7CD6473C97
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa
Signing time: Wed 12 Mar 2025 00:00:06 +0000
ROA not before: Wed 12 Mar 2025 00:00:06 +0000
ROA not after: Wed 16 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.224.144.0/22 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6d:a9:9d:8f:9e:b3:86:00:07:88:b8:77:7c:42:7d:7c:d6:47:3c:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Mar 12 00:00:06 2025 GMT
Not After : Apr 16 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:48:86:70:eb:0c:14:d3:f1:91:71:47:de:e8:
37:38:86:65:5a:2d:5c:bf:3f:8c:cc:c0:1f:6b:16:
d9:e0:45:ae:50:f8:bf:e5:23:8a:e2:60:a6:4f:a9:
d0:20:25:b8:c1:14:78:e1:0f:b5:a8:aa:41:2f:01:
bd:8c:24:02:81:f4:a6:a9:9e:3f:3a:52:6f:75:b9:
bc:bd:4e:03:36:7a:f4:75:ad:75:c1:fb:1f:c1:6e:
c7:78:b0:3e:61:80:93:af:da:ff:8a:43:c7:d3:f2:
d6:04:94:74:e9:23:89:79:56:a3:28:63:b2:27:95:
ea:55:ec:b4:e7:ae:90:c0:26:31:10:0c:82:50:32:
bb:bc:61:e4:da:c5:6c:3b:b2:f2:06:f0:02:f4:92:
da:ad:22:f8:00:13:5a:f8:0f:89:7c:fc:10:bb:12:
cf:42:7e:8a:1f:1d:f0:1e:85:25:05:a0:31:6d:90:
17:cc:de:ff:90:22:91:7d:c3:be:e7:f3:c2:81:45:
02:c8:76:95:0d:0c:58:8f:c7:c8:12:e6:96:93:69:
07:d2:06:e6:52:0c:75:0a:7c:54:66:b3:0a:af:7f:
f7:ce:40:24:e7:5f:ac:95:dd:65:1c:b1:b3:ee:09:
12:d9:97:d6:93:7c:ca:33:30:bf:76:7f:8f:01:cd:
a2:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:6D:4F:03:F0:84:B0:E8:BD:1A:42:38:30:A6:43:5C:91:D9:B9:E7
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b0c38f03-3ced-484e-aa5b-7b06f125ad74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.224.144.0/22
Signature Algorithm: sha256WithRSAEncryption
92:cd:4d:08:09:ed:c0:ac:15:ba:13:b1:57:6c:8b:a7:b2:b2:
53:2a:54:a5:6b:32:48:3b:a8:2b:31:27:04:69:c9:6d:92:00:
5b:a0:29:83:55:a6:94:b3:2e:60:78:93:1d:36:37:6c:61:60:
8f:90:96:c4:9a:e6:ca:9a:76:79:de:af:be:27:d8:91:f4:a0:
fd:ea:53:ed:dc:e9:fe:98:28:a2:a5:9f:22:41:85:9c:91:8f:
b2:8a:d9:3f:57:56:df:5e:83:c4:dc:1f:70:b2:bf:d3:25:5c:
31:63:41:27:73:51:03:e4:9c:f8:d4:92:e2:ba:86:3e:91:d6:
f5:69:32:7c:d2:ea:00:02:72:a3:05:f3:e2:74:85:cd:82:5c:
c4:a0:ab:32:85:df:1f:b5:20:0e:20:ba:4c:64:b9:c0:44:22:
43:a8:79:f3:b0:08:df:bf:42:ed:d4:9a:25:52:c6:80:f5:0b:
c5:dc:47:c1:3c:89:b5:a3:fe:89:c9:bd:59:a3:a6:c4:a6:b9:
ed:42:f1:8b:33:a7:6a:d3:74:54:1d:60:b5:aa:a8:88:43:5c:
ae:e1:61:db:2d:86:83:d3:11:43:21:0d:86:98:5f:dd:c8:4a:
eb:6d:53:cf:4f:49:fb:6b:6b:f1:03:1f:ed:90:32:02:86:84:
f2:a3:e0:f8
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUbamdj56zhgAHiLh3fEJ9fNZHPJcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI1MDMxMjAwMDAwNloX
DTI1MDQxNjIzNTk1OVowejFJMEcGA1UEBRNAN2U1YTcxZjBhNTE5NjE4ZjQzMGY2
YmU5MzVjMDk5ODY3ZTllNmU1ZjcyYTI5Mjg3NGNlMTkwZGE2ODk1MGMwNzEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkUiGcOsMFNPxkXFH3ug3OIZlWi1c
vz+MzMAfaxbZ4EWuUPi/5SOK4mCmT6nQICW4wRR44Q+1qKpBLwG9jCQCgfSmqZ4/
OlJvdbm8vU4DNnr0da11wfsfwW7HeLA+YYCTr9r/ikPH0/LWBJR06SOJeVajKGOy
J5XqVey0566QwCYxEAyCUDK7vGHk2sVsO7LyBvAC9JLarSL4ABNa+A+JfPwQuxLP
Qn6KHx3wHoUlBaAxbZAXzN7/kCKRfcO+5/PCgUUCyHaVDQxYj8fIEuaWk2kH0gbm
Ugx1CnxUZrMKr3/3zkAk51+sld1lHLGz7gkS2ZfWk3zKMzC/dn+PAc2iHwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKxtTwPwhLDovRpCODCmQ1yR2bnnMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2IwYzM4ZjAzLTNjZWQtNDg0ZS1hYTViLTdiMDZmMTI1YWQ3NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQCSzU0ICe3ArBW6E7FXbIun
srJTKlSlazJIO6grMScEacltkgBboCmDVaaUsy5geJMdNjdsYWCPkJbEmubKmnZ5
3q++J9iR9KD96lPt3On+mCiipZ8iQYWckY+yitk/V1bfXoPE3B9wsr/TJVwxY0En
c1ED5Jz41JLiuoY+kdb1aTJ80uoAAnKjBfPidIXNglzEoKsyhd8ftSAOILpMZLnA
RCJDqHnzsAjfv0Lt1JolUsaA9QvF3EfBPIm1o/6Jyb1Zo6bEprntQvGLM6dq03RU
HWC1qqiIQ1yu4WHbLYaD0xFDIQ2GmF/dyErrbVPPT0n7a2vxAx/tkDIChoTyo+D4
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:25:47 2025 by rpki-client