Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00971cda-f8a5-49a0-a1dc-2285c68a8e9f.roa
File: 00971cda-f8a5-49a0-a1dc-2285c68a8e9f.roa (raw, json)
Hash identifier: M7J94+Bkgj8Vqy4o61S0qMCbB7GQOXNbgvu/ARRWA9Y=
Subject key identifier: 33:0E:88:78:5F:A9:82:68:F8:7D:EF:43:25:1C:69:F5:F2:58:DD:17
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 48EB255D9FAF3059CF710CE128343DD8D0733F4B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00971cda-f8a5-49a0-a1dc-2285c68a8e9f.roa
Signing time: Wed 26 Mar 2025 00:10:13 +0000
ROA not before: Wed 26 Mar 2025 00:10:13 +0000
ROA not after: Wed 30 Apr 2025 23:59:59 +0000
asID: 14618
IP address blocks: 43.200.0.0/13 maxlen: 24
Validation: Failed, CRL has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:eb:25:5d:9f:af:30:59:cf:71:0c:e1:28:34:3d:d8:d0:73:3f:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Mar 26 00:10:13 2025 GMT
Not After : Apr 30 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:41:e5:5b:42:f0:f3:ad:b8:4b:77:94:12:e8:
e7:a4:6d:73:ec:00:48:7f:3d:1d:6e:79:ed:20:73:
99:fd:2d:80:7c:e1:3e:d9:ad:8d:c8:2d:f1:c7:d5:
9a:d9:9a:00:f6:6d:08:4e:03:19:3f:4f:47:1f:bb:
17:d9:eb:9b:a8:3d:8d:7f:44:df:fe:25:a1:a6:b7:
c5:19:28:f6:ed:4c:e6:10:4d:81:7a:9e:2b:47:75:
c7:6d:59:db:ee:d7:cd:b6:fb:95:a8:61:94:47:ad:
74:1d:12:53:62:76:16:2f:ac:e2:37:41:55:d7:94:
78:31:cd:cc:d9:a9:97:5f:61:6f:78:12:e8:82:95:
61:d7:2e:88:d3:08:d9:73:eb:10:77:22:68:1e:38:
ce:96:05:f4:41:54:a6:14:59:e7:85:03:4f:b3:fc:
2c:20:96:fc:fa:62:2d:cb:cc:f2:5d:75:37:19:dc:
8b:c8:40:a2:cc:9e:15:18:4e:45:61:1e:c3:4d:39:
8a:2f:c6:74:04:bd:50:04:df:d5:c0:aa:57:b6:69:
d5:dc:cd:37:e0:90:33:0e:73:7f:e3:7c:7b:ea:28:
56:48:9a:8d:09:59:57:d7:c9:5c:6d:ec:f7:be:d7:
98:22:41:99:28:40:a2:d5:ce:47:53:df:ad:2e:1d:
85:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:0E:88:78:5F:A9:82:68:F8:7D:EF:43:25:1C:69:F5:F2:58:DD:17
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/00971cda-f8a5-49a0-a1dc-2285c68a8e9f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.200.0.0/13
Signature Algorithm: sha256WithRSAEncryption
c6:32:a4:22:d2:a6:71:9a:68:ad:27:36:2c:fe:79:93:5d:4c:
dd:a5:56:84:ab:69:f8:2f:83:30:3d:2b:b5:78:9a:52:fb:52:
13:c5:38:e5:b0:5e:8a:82:fb:a0:82:94:74:05:95:35:91:cf:
90:9c:2b:ac:26:6a:1f:0b:d6:10:da:9e:2c:c8:21:3e:88:cc:
12:53:16:5d:1b:2c:61:ed:90:2e:32:f8:12:0d:1a:7a:1b:40:
3d:0d:2f:e4:51:71:9c:c9:84:2d:77:25:63:32:ad:8e:e5:30:
b0:99:b0:f7:f4:c4:3e:b6:f9:d1:79:79:aa:dc:72:e7:d0:49:
12:10:a0:d3:65:89:ff:3d:9b:99:53:55:04:2f:ea:db:da:f4:
19:c2:e2:4a:65:00:fb:dc:0f:02:79:58:24:b2:be:22:fa:4c:
e7:ce:2d:15:4e:8d:fa:98:63:a4:9d:24:49:b5:0f:4b:7d:b1:
a1:2e:e9:5e:a7:f1:0c:95:fa:fd:90:6b:eb:af:00:4a:67:d5:
ab:a5:5d:b4:ac:b4:59:df:99:78:5f:23:3a:17:5c:ca:58:2b:
c8:f2:93:96:3f:c2:06:bb:bb:bf:52:c1:88:7e:83:a7:5b:26:
6e:15:b4:24:32:01:ed:83:f4:a7:bc:73:7a:f9:1b:98:c0:10:
0a:2c:aa:fa
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUSOslXZ+vMFnPcQzhKDQ92NBzP0swDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNjAwMTAxM1oX
DTI1MDQzMDIzNTk1OVowejFJMEcGA1UEBRNANzA1ZGFmYTM5MWYzNTJmMzFhOWJk
NGYwYzI2OGM5MDVlOTBhNjZmNzdmOTBkNTJmYjQwNDU2NmEzYzA0ZjRjYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsEHlW0Lw8624S3eUEujnpG1z7ABI
fz0dbnntIHOZ/S2AfOE+2a2NyC3xx9Wa2ZoA9m0ITgMZP09HH7sX2eubqD2Nf0Tf
/iWhprfFGSj27UzmEE2Bep4rR3XHbVnb7tfNtvuVqGGUR610HRJTYnYWL6ziN0FV
15R4Mc3M2amXX2FveBLogpVh1y6I0wjZc+sQdyJoHjjOlgX0QVSmFFnnhQNPs/ws
IJb8+mIty8zyXXU3GdyLyECizJ4VGE5FYR7DTTmKL8Z0BL1QBN/VwKpXtmnV3M03
4JAzDnN/43x76ihWSJqNCVlX18lcbez3vteYIkGZKECi1c5HU9+tLh2FwQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFDMOiHhfqYJo+H3vQyUcafXyWN0XMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzAwOTcxY2RhLWY4YTUtNDlhMC1hMWRjLTIyODVjNjhhOGU5Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMDK8gwDQYJKoZIhvcNAQELBQADggEBAMYypCLSpnGaaK0nNiz+eZNd
TN2lVoSrafgvgzA9K7V4mlL7UhPFOOWwXoqC+6CClHQFlTWRz5CcK6wmah8L1hDa
nizIIT6IzBJTFl0bLGHtkC4y+BINGnobQD0NL+RRcZzJhC13JWMyrY7lMLCZsPf0
xD62+dF5earccufQSRIQoNNlif89m5lTVQQv6tva9BnC4kplAPvcDwJ5WCSyviL6
TOfOLRVOjfqYY6SdJEm1D0t9saEu6V6n8QyV+v2Qa+uvAEpn1aulXbSstFnfmXhf
IzoXXMpYK8jyk5Y/wga7u79SwYh+g6dbJm4VtCQyAe2D9Ke8c3r5G5jAEAosqvo=
-----END CERTIFICATE-----
Generated at Fri Apr 4 23:26:58 2025 by rpki-client