Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa
File: b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa (raw, json)
Hash identifier: JZVVzedNc67Ph3E+baJxmxvO9g47Ls+Z4UIF/XSAS0g=
Subject key identifier: A1:08:B4:94:E7:5A:74:4D:0F:20:52:21:14:11:D2:28:D8:19:98:3A
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 50FD4AE7343E9CBB89E83F2F2153A0F400304E55
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa
Signing time: Fri 27 Dec 2024 00:00:00 +0000
ROA not before: Fri 27 Dec 2024 00:00:00 +0000
ROA not after: Fri 31 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 43.224.144.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
50:fd:4a:e7:34:3e:9c:bb:89:e8:3f:2f:21:53:a0:f4:00:30:4e:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Dec 27 00:00:00 2024 GMT
Not After : Jan 31 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:e0:7c:aa:d8:e8:30:52:b0:59:0f:8a:82:3a:
a4:9c:d8:62:c3:25:9d:26:d1:6a:99:64:ba:52:38:
05:b6:59:34:d8:f2:eb:4e:af:d0:93:77:c9:b6:62:
52:36:0a:96:99:96:87:49:1e:d5:28:ef:08:64:6f:
2b:70:3d:41:b0:a1:7e:dd:be:aa:25:b7:b0:48:16:
b8:a2:e6:cf:24:64:c7:08:cc:c1:28:46:75:ea:5b:
8c:c6:09:c3:cb:22:9e:ff:3e:fa:4a:b8:fe:e6:d5:
27:7e:24:43:35:fe:4e:b1:b2:ac:92:e7:01:c0:5f:
cb:66:43:e2:60:fa:8f:57:85:e4:b3:db:55:e0:73:
26:67:86:4b:2c:5e:3a:17:17:21:da:f7:aa:4a:29:
37:7b:c5:0c:a7:7d:ad:b0:0e:cc:d3:24:9e:37:14:
dc:af:06:aa:f9:63:54:6a:37:00:2e:e3:0b:56:fc:
8f:98:8b:d0:73:84:dd:cc:19:df:23:08:ea:b0:1b:
28:3b:a1:47:ef:56:84:0f:72:9f:a2:4c:c3:0a:94:
41:60:2e:63:ef:d8:2a:96:73:78:cb:6f:34:f7:ab:
66:a5:4d:e3:f5:f8:76:af:73:d8:24:69:38:a4:aa:
10:b6:ba:9a:7c:b2:be:38:57:b0:72:5a:a7:be:1d:
58:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:08:B4:94:E7:5A:74:4D:0F:20:52:21:14:11:D2:28:D8:19:98:3A
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/b57ae4d2-1a53-47c1-8b07-cfaa3aa964d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.224.144.0/22
Signature Algorithm: sha256WithRSAEncryption
a2:4d:cd:9d:4e:e9:0b:4d:3a:c3:d2:6b:51:36:2d:f0:0e:b7:
69:8e:14:a0:37:f6:e6:35:38:fc:de:07:cf:75:7e:5d:23:10:
07:ff:da:43:5a:b0:1c:3d:6c:6b:02:2c:3b:ce:19:1a:8d:68:
22:c4:57:15:1f:11:e6:7d:10:9f:3c:3f:02:81:d9:b8:10:5c:
3b:e7:62:58:c7:2e:ba:fb:30:f5:d9:f7:51:e5:f6:b5:a8:47:
de:66:ee:a2:53:01:fd:1c:2b:e0:44:bc:c8:b8:29:a6:2b:14:
b9:ce:75:83:c0:ae:35:d7:df:0c:31:9d:30:4b:8d:b4:d1:9d:
d8:3f:ed:e2:cd:7c:bd:a5:16:2a:73:f9:0d:8e:5a:63:b9:b9:
83:4d:97:12:8b:0c:88:70:5b:ff:38:c7:6d:0c:aa:f8:83:c8:
fb:1c:18:8e:35:6f:13:d5:84:1d:78:53:ba:a8:14:74:6b:2a:
52:49:2e:c0:32:98:18:59:14:de:98:f8:3b:47:59:3b:a3:74:
20:a1:25:c5:de:9c:27:5f:6d:76:03:7d:50:1a:02:db:da:8a:
f6:e3:d1:60:f5:a3:e9:3e:15:90:bd:6b:d2:b2:d1:59:b5:db:
a1:05:48:17:87:3d:0e:91:e7:0c:94:b1:3b:6e:39:c6:ab:07:
7d:b0:1f:21
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUUP1K5zQ+nLuJ6D8vIVOg9AAwTlUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTIyNzAwMDAwMFoX
DTI1MDEzMTIzNTk1OVowejFJMEcGA1UEBRNANTVkNGU5YjllNDBkMGE0YzUxZjI1
NWE0YjIwYTU0YmYyNjkzZTg5YWMyZjYwMGZlNjIyODk0NDE3NjA0MjRjODEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz+B8qtjoMFKwWQ+KgjqknNhiwyWd
JtFqmWS6UjgFtlk02PLrTq/Qk3fJtmJSNgqWmZaHSR7VKO8IZG8rcD1BsKF+3b6q
JbewSBa4oubPJGTHCMzBKEZ16luMxgnDyyKe/z76Srj+5tUnfiRDNf5OsbKskucB
wF/LZkPiYPqPV4Xks9tV4HMmZ4ZLLF46Fxch2veqSik3e8UMp32tsA7M0ySeNxTc
rwaq+WNUajcALuMLVvyPmIvQc4TdzBnfIwjqsBsoO6FH71aED3KfokzDCpRBYC5j
79gqlnN4y28096tmpU3j9fh2r3PYJGk4pKoQtrqafLK+OFewclqnvh1YQwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFKEItJTnWnRNDyBSIRQR0ijYGZg6MB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
L2I1N2FlNGQyLTFhNTMtNDdjMS04YjA3LWNmYWEzYWE5NjRkOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK+CQMA0GCSqGSIb3DQEBCwUAA4IBAQCiTc2dTukLTTrD0mtRNi3w
DrdpjhSgN/bmNTj83gfPdX5dIxAH/9pDWrAcPWxrAiw7zhkajWgixFcVHxHmfRCf
PD8Cgdm4EFw752JYxy66+zD12fdR5fa1qEfeZu6iUwH9HCvgRLzIuCmmKxS5znWD
wK41198MMZ0wS4200Z3YP+3izXy9pRYqc/kNjlpjubmDTZcSiwyIcFv/OMdtDKr4
g8j7HBiONW8T1YQdeFO6qBR0aypSSS7AMpgYWRTemPg7R1k7o3QgoSXF3pwnX212
A31QGgLb2or249Fg9aPpPhWQvWvSstFZtduhBUgXhz0OkecMlLE7bjnGqwd9sB8h
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:22:31 2025 by rpki-client