Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/4708e5f0-c14b-44f3-b781-2e7bad510965.roa
File: 4708e5f0-c14b-44f3-b781-2e7bad510965.roa (raw, json)
Hash identifier: EhJ3tTW7+E5yH5mDmx4f/moJM44ZtbrUC69goW9xTKw=
Subject key identifier: FF:87:DA:BD:A7:A2:70:81:D5:1C:05:B0:B4:91:BB:23:15:DA:3D:B4
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 66F4D075B513F4D6C984FC6902A7D60522205B0B
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/4708e5f0-c14b-44f3-b781-2e7bad510965.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 43.250.196.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:f4:d0:75:b5:13:f4:d6:c9:84:fc:69:02:a7:d6:05:22:20:5b:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:23:26:62:19:17:2b:b1:1b:ac:ea:4b:e2:72:
f6:d0:7c:29:a5:d2:76:90:b1:e8:ba:50:f9:e0:dd:
38:71:d7:6d:6d:d0:95:d2:40:9f:b5:cd:90:6c:c6:
05:03:f0:f4:e0:71:d4:42:3f:8f:2b:e4:9a:3d:1a:
ab:d0:22:69:f7:e1:05:d4:9d:d8:e3:fb:67:3b:4d:
7c:6d:5e:e0:c0:e3:cb:5e:e4:8c:55:14:98:98:fd:
49:b2:b0:ec:bd:3e:b3:12:af:71:57:76:0b:f0:7f:
4e:2b:22:6c:cf:be:a3:c5:62:5e:04:b4:03:3c:72:
ab:9d:68:6b:bb:c5:7c:36:52:3b:e8:cc:7b:a8:8e:
f9:2b:3e:62:f1:c9:3e:ef:1e:3a:62:e1:21:07:b4:
c3:3f:4d:97:ba:f4:be:96:a0:4b:e9:78:5b:9d:51:
3c:5c:0e:08:1d:10:d4:34:8b:6a:28:ed:26:fa:5b:
5a:57:16:78:7c:07:63:29:4a:9c:56:fd:14:9f:46:
bb:a8:c9:06:ba:40:df:7c:0b:81:0b:cd:59:4f:d0:
61:7f:d7:6c:34:1f:90:ca:9f:73:0e:df:5e:aa:57:
80:0d:79:0c:5a:46:72:96:a3:55:a7:cd:78:f3:de:
f7:fb:ac:31:49:97:59:13:cd:9d:7a:c2:64:9b:b7:
bd:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:87:DA:BD:A7:A2:70:81:D5:1C:05:B0:B4:91:BB:23:15:DA:3D:B4
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/4708e5f0-c14b-44f3-b781-2e7bad510965.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.250.196.0/22
Signature Algorithm: sha256WithRSAEncryption
5a:d6:e6:b1:24:a3:4f:00:2d:ef:9e:88:d4:c9:52:54:d0:68:
b0:a6:4e:6a:bc:1b:6b:81:78:57:e8:66:8b:39:8e:bb:94:ca:
39:14:f0:fd:38:76:74:4a:37:d6:53:69:a3:95:27:75:08:c9:
a0:39:43:93:b6:05:c0:2e:a4:f9:48:bf:6e:c2:1b:80:6b:a4:
93:d8:e8:f4:48:9c:bb:31:eb:43:bb:74:93:df:53:ae:fc:d6:
7b:6c:d3:0b:f9:46:28:45:f2:14:90:3a:38:5c:66:0b:5c:aa:
6e:c0:fc:78:c0:dc:4e:c1:2b:fb:4c:5b:50:07:d4:dc:ae:56:
5d:6b:60:a8:67:0b:63:dc:52:08:99:7a:0c:3a:ae:47:d7:27:
d4:91:7c:eb:81:e0:34:3a:ee:c3:78:b1:5c:d5:ff:c5:a0:ca:
74:c7:a1:e6:ef:ff:23:3f:a6:31:4a:e2:dd:8c:13:6a:ee:b2:
40:e7:93:8d:0e:73:3f:74:1a:6e:41:ee:3d:c6:87:22:da:81:
cd:10:b2:3e:55:04:02:dc:ae:47:ec:e4:28:91:41:a7:64:37:
76:77:cc:2f:fd:dd:c8:27:a6:8b:39:ae:42:ee:4b:be:27:91:
0a:44:e4:0e:1d:f5:28:87:24:8d:2c:1d:19:a9:f6:72:58:8e:
4b:46:c2:9a
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUZvTQdbUT9NbJhPxpAqfWBSIgWwswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTIyNTAwMDAwMFoX
DTI1MDEyOTIzNTk1OVowejFJMEcGA1UEBRNANTcyNmQ2ZDQ0ZTM4ODJiMDE4Y2I0
NmE4ZGZhNzI3MzRjNGU0NjgwNzYxODFiOGVhZTJlOGZmMDFkMDhiNmQwODEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiMmYhkXK7EbrOpL4nL20HwppdJ2
kLHoulD54N04cddtbdCV0kCftc2QbMYFA/D04HHUQj+PK+SaPRqr0CJp9+EF1J3Y
4/tnO018bV7gwOPLXuSMVRSYmP1JsrDsvT6zEq9xV3YL8H9OKyJsz76jxWJeBLQD
PHKrnWhru8V8NlI76Mx7qI75Kz5i8ck+7x46YuEhB7TDP02XuvS+lqBL6XhbnVE8
XA4IHRDUNItqKO0m+ltaVxZ4fAdjKUqcVv0Un0a7qMkGukDffAuBC81ZT9Bhf9ds
NB+Qyp9zDt9eqleADXkMWkZylqNVp8148973+6wxSZdZE82desJkm7e9SwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFP+H2r2nonCB1RwFsLSRuyMV2j20MB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzQ3MDhlNWYwLWMxNGItNDRmMy1iNzgxLTJlN2JhZDUxMDk2NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQBa1uaxJKNPAC3vnojUyVJU
0Giwpk5qvBtrgXhX6GaLOY67lMo5FPD9OHZ0SjfWU2mjlSd1CMmgOUOTtgXALqT5
SL9uwhuAa6ST2Oj0SJy7MetDu3ST31Ou/NZ7bNML+UYoRfIUkDo4XGYLXKpuwPx4
wNxOwSv7TFtQB9TcrlZda2CoZwtj3FIImXoMOq5H1yfUkXzrgeA0Ou7DeLFc1f/F
oMp0x6Hm7/8jP6YxSuLdjBNq7rJA55ONDnM/dBpuQe49xoci2oHNELI+VQQC3K5H
7OQokUGnZDd2d8wv/d3IJ6aLOa5C7ku+J5EKROQOHfUohySNLB0ZqfZyWI5LRsKa
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:12:10 2025 by rpki-client