Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/5defafc1-b226-4bbc-87e7-556b8bee16db.roa
File: 5defafc1-b226-4bbc-87e7-556b8bee16db.roa (raw, json)
Hash identifier: w9WZXVdRvg2OrbSTzPYWNpVXFhqKWIPywD8yFx6/k7Y=
Subject key identifier: F5:D7:10:07:13:66:FC:53:10:C4:A7:F3:7E:E2:3D:D1:39:BE:6A:EC
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 3F3F76917CE85B6D40D4616FABC85DD272BD108C
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/5defafc1-b226-4bbc-87e7-556b8bee16db.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 43.250.196.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3f:3f:76:91:7c:e8:5b:6d:40:d4:61:6f:ab:c8:5d:d2:72:bd:10:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:9a:f7:aa:03:6e:23:64:9a:a3:2e:41:cc:9a:
75:34:5d:2b:b1:fc:ab:43:60:ba:55:2d:0d:d0:6d:
3c:f5:5b:a8:91:68:53:d1:89:5b:63:3f:7d:d2:50:
69:43:b3:53:2b:c8:7b:fe:e9:20:79:c9:3f:2d:9a:
32:0f:7b:2e:5f:b8:a0:84:78:ed:3c:b4:89:10:21:
e0:bd:ee:79:85:62:52:88:43:e1:71:47:d6:aa:15:
e5:f2:ae:9e:62:80:b0:05:aa:42:9e:7f:85:de:e7:
11:e4:d9:24:90:af:19:dc:e1:ca:4c:13:07:54:c5:
06:e1:7a:a9:32:c5:80:22:14:af:5e:36:de:31:65:
02:98:18:78:0e:37:a0:55:9c:9d:c0:43:56:50:60:
71:58:7b:42:23:7e:ed:5a:ca:8b:9e:09:58:2d:44:
c8:9a:f3:1d:d5:7a:d6:9a:d7:e0:c2:f8:b3:c7:5d:
2b:5a:08:21:52:6b:77:c8:36:1f:a0:c6:67:04:a7:
9c:fd:bb:29:17:68:df:f9:23:22:d4:d2:5e:54:a0:
f3:9a:aa:1e:2c:cf:fb:fa:27:eb:85:45:c1:ef:ec:
58:59:b2:b8:76:8c:6d:c2:e4:a2:34:78:fc:b4:7d:
75:03:08:31:0b:f9:d7:06:85:07:37:48:c9:3c:ce:
00:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:D7:10:07:13:66:FC:53:10:C4:A7:F3:7E:E2:3D:D1:39:BE:6A:EC
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/5defafc1-b226-4bbc-87e7-556b8bee16db.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.250.196.0/22
Signature Algorithm: sha256WithRSAEncryption
7a:16:e0:b2:dd:18:6b:da:e5:d0:0a:ed:3d:50:3a:d6:fb:99:
fa:de:8a:aa:86:95:36:8e:50:4c:4d:21:ba:ee:d0:e7:c7:f7:
ce:b9:cd:16:1b:51:b6:ab:2e:20:fc:a7:68:9c:e2:cc:31:2d:
3f:e9:ad:9d:10:9c:55:5d:78:8d:90:6c:c9:59:db:5b:39:b1:
d5:01:e6:c5:0c:5b:36:eb:6a:fb:3a:09:3a:34:98:07:52:66:
e6:02:50:c1:34:97:c3:1e:6e:38:4e:f0:65:bc:41:a0:44:f4:
d7:19:b6:a4:0f:76:66:65:ad:29:b3:62:e6:db:da:09:e2:1b:
dc:6f:43:55:70:33:03:cc:83:6a:df:63:c5:1b:07:83:45:49:
0a:05:0a:73:58:9b:bd:11:d4:fb:ac:35:d0:1f:b8:c8:a9:61:
c7:53:98:9e:65:7d:47:5f:e8:c4:1d:0c:96:49:71:54:62:c9:
65:cb:61:e4:c8:46:1a:53:98:dd:d4:73:58:62:30:93:a1:11:
b1:47:fd:70:b1:23:8e:e3:40:b6:c6:92:39:4c:16:39:fb:e3:
bc:56:b3:70:71:c4:11:39:cb:f5:4e:19:ad:76:48:ff:77:bd:
c1:0f:f4:c6:99:f0:8d:c9:e9:8f:6e:29:da:73:a7:5f:95:4e:
e6:e2:50:b4
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUPz92kXzoW21A1GFvq8hd0nK9EIwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTIyNTAwMDAwMFoX
DTI1MDEyOTIzNTk1OVowejFJMEcGA1UEBRNAMDAwMmE4MTVkZTI3M2EzOWIxOTM2
ZDljNjEzYTlmZDkzNzEwMjRkNjI3YWY5YWU4ODBkZTg0YmI0OWIzOTRjMDEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAppr3qgNuI2Saoy5BzJp1NF0rsfyr
Q2C6VS0N0G089VuokWhT0YlbYz990lBpQ7NTK8h7/ukgeck/LZoyD3suX7ighHjt
PLSJECHgve55hWJSiEPhcUfWqhXl8q6eYoCwBapCnn+F3ucR5NkkkK8Z3OHKTBMH
VMUG4XqpMsWAIhSvXjbeMWUCmBh4DjegVZydwENWUGBxWHtCI37tWsqLnglYLUTI
mvMd1XrWmtfgwvizx10rWgghUmt3yDYfoMZnBKec/bspF2jf+SMi1NJeVKDzmqoe
LM/7+ifrhUXB7+xYWbK4doxtwuSiNHj8tH11AwgxC/nXBoUHN0jJPM4AmQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFPXXEAcTZvxTEMSn837iPdE5vmrsMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzVkZWZhZmMxLWIyMjYtNGJiYy04N2U3LTU1NmI4YmVlMTZkYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQB6FuCy3Rhr2uXQCu09UDrW
+5n63oqqhpU2jlBMTSG67tDnx/fOuc0WG1G2qy4g/KdonOLMMS0/6a2dEJxVXXiN
kGzJWdtbObHVAebFDFs262r7Ogk6NJgHUmbmAlDBNJfDHm44TvBlvEGgRPTXGbak
D3ZmZa0ps2Lm29oJ4hvcb0NVcDMDzINq32PFGweDRUkKBQpzWJu9EdT7rDXQH7jI
qWHHU5ieZX1HX+jEHQyWSXFUYslly2HkyEYaU5jd1HNYYjCToRGxR/1wsSOO40C2
xpI5TBY5++O8VrNwccQROcv1Thmtdkj/d73BD/TGmfCNyemPbinac6dflU7m4lC0
-----END CERTIFICATE-----
Generated at Sat Apr 5 18:17:32 2025 by rpki-client