Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0c6be0d-b5c2-4296-9e79-8556c5f2dd7f.roa
File: a0c6be0d-b5c2-4296-9e79-8556c5f2dd7f.roa (raw, json)
Hash identifier: 2Xezwk68+2+pf5cJpO1hGY9I5grzLpzxeN8GawKur2Y=
Subject key identifier: B4:97:95:F2:FC:00:21:69:41:6E:97:68:63:60:9F:5F:22:68:10:47
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0A324AB1914EF166A1A2C71498DDD45F2A083F26
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0c6be0d-b5c2-4296-9e79-8556c5f2dd7f.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 43.218.0.0/16 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0a:32:4a:b1:91:4e:f1:66:a1:a2:c7:14:98:dd:d4:5f:2a:08:3f:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9b:a5:43:d6:78:52:f9:de:9e:fe:68:6d:8c:
e1:25:7e:68:a1:bf:13:c7:25:27:1a:4d:ba:3c:92:
42:1f:a2:fe:ab:d9:3e:9d:f4:4c:52:7b:bc:69:0b:
72:38:63:91:d7:ce:7b:62:83:77:f3:82:58:c8:e9:
75:80:74:fb:05:75:60:7f:b9:9c:52:13:37:b8:1a:
49:21:45:c9:46:3f:da:04:be:b1:42:4f:c1:34:15:
99:d0:25:e5:b1:50:1f:7a:86:40:70:98:61:62:ea:
44:1e:46:ca:dd:51:9e:6a:e8:e9:81:24:57:a9:55:
04:c6:f8:6d:7e:83:c7:4c:1e:22:34:31:74:d9:ec:
29:c9:8c:ef:05:3c:86:c9:de:f6:a5:9e:37:af:df:
d8:3e:9b:cd:11:1b:b7:4c:15:f2:1e:7f:4f:7e:b7:
c8:10:4c:16:23:a7:36:80:43:b5:90:99:60:17:27:
15:47:4d:4c:9c:00:e3:64:6e:99:96:47:72:9f:3f:
d3:3f:49:ad:b7:81:05:1e:bc:b5:df:e0:e1:70:1d:
79:ba:b3:ec:9b:d9:34:f5:56:27:46:87:c4:70:a6:
2d:c1:48:eb:ac:40:f5:22:37:2c:a0:58:e1:63:61:
f3:22:75:60:b0:60:a8:be:a3:0e:d0:c2:84:6f:b9:
66:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:97:95:F2:FC:00:21:69:41:6E:97:68:63:60:9F:5F:22:68:10:47
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a0c6be0d-b5c2-4296-9e79-8556c5f2dd7f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.218.0.0/16
Signature Algorithm: sha256WithRSAEncryption
01:69:55:bf:ea:06:8c:22:e7:cc:bb:ab:f6:01:8e:ba:97:83:
0b:a5:31:16:b5:21:0a:4b:11:79:af:28:62:18:f7:31:3b:f3:
d9:1d:a0:be:9e:f7:1c:b4:b8:19:c7:60:f6:52:a6:1a:e4:7e:
7e:9e:ba:7b:41:a0:e8:55:84:0d:dc:75:18:39:96:8a:8a:ac:
b2:10:5b:62:79:b8:aa:fb:1b:9f:dc:86:d9:60:1e:21:a2:a0:
df:7b:3b:33:7d:c2:24:8f:2c:0c:88:36:aa:b2:dd:3b:17:79:
49:d1:bb:40:b7:78:a7:02:63:29:a2:50:85:84:0e:7e:c3:20:
a0:d1:d3:49:bd:c3:25:55:de:be:05:e1:19:a7:45:a4:37:bf:
3b:4d:66:9c:3d:54:13:64:53:ea:49:a6:cc:9d:13:aa:12:f9:
ff:1d:d0:d9:78:08:b1:da:d2:50:62:42:a9:89:08:5e:0f:1e:
3f:63:2f:0f:11:48:90:70:aa:4e:e0:0b:e2:34:79:f1:02:8c:
08:8a:b0:e8:3d:3b:42:d8:38:28:a6:9e:4c:6f:5c:bf:5b:75:
dd:97:0b:c0:6f:30:e9:af:42:a6:a4:26:49:f7:60:39:9b:af:
4d:76:d2:87:0d:59:2f:e3:a8:77:b4:f7:68:d2:26:bd:17:69:
26:fd:77:9a
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgIUCjJKsZFO8WahoscUmN3UXyoIPyYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAYzM5NmEyMzRkNmYyYjMyOGMyNGEy
MjFiZGE2ZWJlOTcxYTVmNDQ1Yzk4ZDgxYWZmOWM2MTA2M2ZiMzFkNzQ2YTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpulQ9Z4Uvnenv5obYzhJX5oob8T
xyUnGk26PJJCH6L+q9k+nfRMUnu8aQtyOGOR1857YoN384JYyOl1gHT7BXVgf7mc
UhM3uBpJIUXJRj/aBL6xQk/BNBWZ0CXlsVAfeoZAcJhhYupEHkbK3VGeaujpgSRX
qVUExvhtfoPHTB4iNDF02ewpyYzvBTyGyd72pZ43r9/YPpvNERu3TBXyHn9PfrfI
EEwWI6c2gEO1kJlgFycVR01MnADjZG6Zlkdynz/TP0mtt4EFHry13+DhcB15urPs
m9k09VYnRofEcKYtwUjrrED1IjcsoFjhY2HzInVgsGCovqMO0MKEb7lm9wIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFLSXlfL8ACFpQW6XaGNgn18iaBBHMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2EwYzZiZTBkLWI1YzItNDI5Ni05ZTc5LTg1NTZjNWYyZGQ3Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTAL
BAIAATAFAwMAK9owDQYJKoZIhvcNAQELBQADggEBAAFpVb/qBowi58y7q/YBjrqX
gwulMRa1IQpLEXmvKGIY9zE789kdoL6e9xy0uBnHYPZSphrkfn6euntBoOhVhA3c
dRg5loqKrLIQW2J5uKr7G5/chtlgHiGioN97OzN9wiSPLAyINqqy3TsXeUnRu0C3
eKcCYymiUIWEDn7DIKDR00m9wyVV3r4F4RmnRaQ3vztNZpw9VBNkU+pJpsydE6oS
+f8d0Nl4CLHa0lBiQqmJCF4PHj9jLw8RSJBwqk7gC+I0efECjAiKsOg9O0LYOCim
nkxvXL9bdd2XC8BvMOmvQqakJkn3YDmbr0120ocNWS/jqHe092jSJr0XaSb9d5o=
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:40:53 2025 by rpki-client