Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/378e4fe4-326c-4ab3-850f-d313975e272e.roa
File: 378e4fe4-326c-4ab3-850f-d313975e272e.roa (raw, json)
Hash identifier: WTUzCZZe0evZa60KZFPvUPk3LPm+oFkW7pvhJThbfFw=
Subject key identifier: 2F:09:FE:BE:98:3E:F3:93:1C:B6:43:A1:7B:B3:73:A7:7D:77:52:90
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 273A80A7001C3351FE6F46C25387EBE7FB117BE9
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/378e4fe4-326c-4ab3-850f-d313975e272e.roa
Signing time: Fri 10 Jan 2025 00:00:00 +0000
ROA not before: Fri 10 Jan 2025 00:00:00 +0000
ROA not after: Fri 14 Feb 2025 23:59:59 +0000
asID: 14618
IP address blocks: 203.83.220.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:3a:80:a7:00:1c:33:51:fe:6f:46:c2:53:87:eb:e7:fb:11:7b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Jan 10 00:00:00 2025 GMT
Not After : Feb 14 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:0e:02:4c:85:0e:28:31:c5:74:ec:26:86:9b:
7c:ac:a8:d8:ab:c8:8d:62:2f:8d:0b:76:f9:56:5c:
58:e8:4b:41:73:00:95:4b:50:58:71:1e:39:21:df:
5a:c4:e0:4d:cb:39:ce:14:f2:11:12:44:22:ec:a4:
26:96:8f:f4:a3:79:26:dd:a0:b5:3a:12:34:45:95:
85:a6:fb:77:b9:07:74:6a:8d:e4:ae:55:e6:52:8d:
6b:4e:99:18:3c:45:e3:bd:88:5d:57:d3:b7:39:7f:
fb:89:b1:92:31:a2:c1:2f:43:35:27:bd:a4:70:13:
97:fb:8b:d3:ab:69:fc:12:76:42:aa:11:13:72:42:
92:35:35:b8:11:13:4c:d8:44:7d:ab:9c:bc:4c:7b:
b2:f1:18:9b:3d:a3:bc:38:77:e2:56:ea:82:41:2b:
f8:6a:2e:ee:79:a7:9b:37:91:83:0a:22:91:30:3d:
f9:30:9d:78:73:10:72:2d:17:79:7f:07:46:04:ee:
58:b8:2b:0c:78:c2:c9:05:e9:31:a7:9b:c2:9e:da:
29:ac:37:23:9e:9a:a6:e3:22:e0:d0:e1:0a:5b:1e:
35:35:aa:7f:9a:3a:f0:9c:ac:c8:d3:66:36:af:d4:
cd:15:2c:6c:38:f6:72:c0:5f:11:b3:7e:fa:00:c8:
b2:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:09:FE:BE:98:3E:F3:93:1C:B6:43:A1:7B:B3:73:A7:7D:77:52:90
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/378e4fe4-326c-4ab3-850f-d313975e272e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
203.83.220.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:9a:f1:1d:e5:fb:60:52:55:0a:b0:be:fb:c1:2c:ef:dd:c3:
19:c6:d7:fc:cd:66:2b:82:92:31:25:1c:46:11:1b:eb:70:1c:
e5:61:d8:a5:5c:5b:ec:99:b5:9a:21:4a:54:59:ff:5a:d1:78:
2c:3f:58:0c:70:14:ef:7e:2c:fd:7f:7f:09:9c:3d:cf:c3:45:
a5:c4:84:7c:39:95:76:45:b4:21:35:0f:74:e0:cd:c2:11:cb:
03:1b:04:b8:f5:10:4d:d4:c1:97:3b:ef:c7:8c:28:d1:7b:8c:
9f:2c:03:90:62:6d:30:43:9a:af:5b:6a:29:3c:53:a0:f8:10:
8b:71:d1:35:c6:a5:66:25:c5:13:d2:1e:40:55:39:71:47:d6:
4f:38:14:16:83:57:9c:65:ba:07:ed:74:5b:e2:1e:22:90:a4:
22:ea:e2:54:80:6f:93:d3:cf:0f:3e:67:08:36:47:b9:8d:ae:
c0:8b:96:48:9a:95:94:0e:8b:a8:66:56:c0:5c:db:2c:47:7d:
74:2c:0a:2f:92:59:13:0c:ff:bb:39:3d:88:7b:06:b3:0b:e0:
1c:07:5f:66:10:6f:25:0d:63:76:6d:b1:82:0f:3c:d8:ef:9e:
1e:89:d8:77:07:f8:f3:e6:61:06:31:39:26:0b:c4:2c:61:5a:
8c:8f:8e:2a
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUJzqApwAcM1H+b0bCU4fr5/sRe+kwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDExMDAwMDAwMFoX
DTI1MDIxNDIzNTk1OVowejFJMEcGA1UEBRNAMzJjNDcwZWI1NGVkOGU1NWM5ODA5
NTQyYTA1N2NiNGZlNDViMzJlY2U5OTdlNDYyOWEyN2E0OWVmZDhlZGJhNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2g4CTIUOKDHFdOwmhpt8rKjYq8iN
Yi+NC3b5VlxY6EtBcwCVS1BYcR45Id9axOBNyznOFPIREkQi7KQmlo/0o3km3aC1
OhI0RZWFpvt3uQd0ao3krlXmUo1rTpkYPEXjvYhdV9O3OX/7ibGSMaLBL0M1J72k
cBOX+4vTq2n8EnZCqhETckKSNTW4ERNM2ER9q5y8THuy8RibPaO8OHfiVuqCQSv4
ai7ueaebN5GDCiKRMD35MJ14cxByLRd5fwdGBO5YuCsMeMLJBekxp5vCntoprDcj
npqm4yLg0OEKWx41Nap/mjrwnKzI02Y2r9TNFSxsOPZywF8Rs376AMiywwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFC8J/r6YPvOTHLZDoXuzc6d9d1KQMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzM3OGU0ZmU0LTMyNmMtNGFiMy04NTBmLWQzMTM5NzVlMjcyZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCy1PcMA0GCSqGSIb3DQEBCwUAA4IBAQBNmvEd5ftgUlUKsL77wSzv
3cMZxtf8zWYrgpIxJRxGERvrcBzlYdilXFvsmbWaIUpUWf9a0XgsP1gMcBTvfiz9
f38JnD3Pw0WlxIR8OZV2RbQhNQ904M3CEcsDGwS49RBN1MGXO+/HjCjRe4yfLAOQ
Ym0wQ5qvW2opPFOg+BCLcdE1xqVmJcUT0h5AVTlxR9ZPOBQWg1ecZboH7XRb4h4i
kKQi6uJUgG+T088PPmcINke5ja7Ai5ZImpWUDouoZlbAXNssR310LAovklkTDP+7
OT2IewazC+AcB19mEG8lDWN2bbGCDzzY754eidh3B/jz5mEGMTkmC8QsYVqMj44q
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:11:06 2025 by rpki-client