Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/58ba68d3-9488-476b-8d44-5ecf1f0018e8.roa
File: 58ba68d3-9488-476b-8d44-5ecf1f0018e8.roa (raw, json)
Hash identifier: Jl+Sluc9X4XFkGmf50dMkREcE7LhiFKfI7U0XhB+RFQ=
Subject key identifier: F0:B3:9D:4B:76:50:A1:E3:BE:DA:6F:44:FA:9A:21:E5:53:7C:05:E9
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 7724ECEF308285F69F4ABA5C64FECB8D911166A6
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/58ba68d3-9488-476b-8d44-5ecf1f0018e8.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 43.224.76.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:24:ec:ef:30:82:85:f6:9f:4a:ba:5c:64:fe:cb:8d:91:11:66:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:45:9e:0a:ca:27:2a:9b:75:71:a5:fc:5e:e8:
60:51:70:c3:1c:54:d1:a0:f5:17:c5:db:a0:0c:b8:
c8:cb:a0:ae:76:b8:ed:bc:11:61:6a:15:40:9c:da:
12:cd:05:24:26:83:88:a5:3c:29:50:d4:84:d6:a1:
30:e5:8c:73:e3:c7:7f:c0:e4:cd:1c:0b:8f:40:e5:
18:5b:b2:62:19:fa:e9:a0:9f:a4:b8:db:b7:00:a6:
2d:70:c5:2a:65:7d:09:1a:4c:bf:11:bf:54:37:ec:
dd:4d:4f:f7:07:ab:a1:44:6c:0c:29:9d:92:b3:e3:
d3:cd:7a:b2:1c:c1:25:09:9e:f8:33:e0:e8:1e:18:
05:63:2c:b2:3c:0d:29:5f:91:3f:0a:38:92:54:9b:
ca:0f:a1:8b:11:8d:a0:e4:e6:98:ca:23:8d:ec:9c:
98:62:8d:d9:aa:ea:e8:3b:80:f9:fe:d3:18:50:0f:
67:50:2b:34:1f:35:c6:4f:39:71:bf:21:07:5f:f6:
8d:22:f2:d3:07:4b:28:ac:06:a1:d8:38:ae:c3:52:
c5:5a:60:1f:36:13:46:15:5f:25:59:c1:a4:34:b8:
a3:bd:66:68:28:53:cf:cd:72:f3:4b:80:a1:59:66:
09:cd:df:04:b8:94:26:b9:36:8b:32:c5:23:07:37:
91:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:B3:9D:4B:76:50:A1:E3:BE:DA:6F:44:FA:9A:21:E5:53:7C:05:E9
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/58ba68d3-9488-476b-8d44-5ecf1f0018e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.224.76.0/22
Signature Algorithm: sha256WithRSAEncryption
4d:ab:e2:ed:2b:46:0f:96:bd:a4:c9:4c:8a:2d:29:a1:d8:98:
5c:17:41:48:fa:9e:5b:a9:d9:66:f2:58:5b:66:6c:74:09:40:
a1:3f:d6:ae:2a:b3:aa:c7:bd:d1:7f:44:5c:7a:b6:a6:21:e2:
95:9c:d9:b2:a2:51:13:30:4b:a3:66:a3:05:77:11:94:75:bb:
06:68:bb:1d:6d:48:9f:9a:f9:77:fd:6b:bd:52:68:ba:cf:57:
f4:ce:f7:44:7c:f4:50:a9:89:c7:4d:2f:47:f4:e3:33:ae:fd:
54:e9:75:f1:1b:9a:8c:e0:62:4d:56:0b:4d:30:7f:de:a3:1b:
b3:8e:48:76:b7:5b:12:40:bc:c7:89:72:76:c1:f0:21:2d:9f:
23:1c:78:d5:60:77:b4:d4:1c:71:fa:5c:63:ea:70:ea:93:9c:
20:14:1e:7c:9f:3b:a9:42:4e:2d:fd:b9:da:8b:a3:68:d0:94:
c1:a9:8b:9a:04:43:7f:9e:8c:6e:b2:92:f8:64:cf:90:d9:b5:
58:a8:b5:d1:62:6a:9d:09:db:15:de:bd:b6:45:84:ea:5c:6b:
c6:0e:c6:c9:a6:58:10:06:83:2a:4d:b0:d9:e4:8c:70:13:54:
e7:73:5c:10:c2:1f:23:3e:46:e6:6c:08:fd:e2:14:cf:0c:90:
83:68:9a:22
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUdyTs7zCChfafSrpcZP7LjZERZqYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIyNTAwMDAwMFoX
DTI1MDEyOTIzNTk1OVowejFJMEcGA1UEBRNAMGRjZjA1ZTE5ZjkwNTY1NjY1ZTVi
ZjIzNjczOGMxYmI3YzkyNjU1ZjRlMGI4NjA0ODJiNWMxZDUwNmMwMTY3NTEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4kWeCsonKpt1caX8XuhgUXDDHFTR
oPUXxdugDLjIy6CudrjtvBFhahVAnNoSzQUkJoOIpTwpUNSE1qEw5Yxz48d/wOTN
HAuPQOUYW7JiGfrpoJ+kuNu3AKYtcMUqZX0JGky/Eb9UN+zdTU/3B6uhRGwMKZ2S
s+PTzXqyHMElCZ74M+DoHhgFYyyyPA0pX5E/CjiSVJvKD6GLEY2g5OaYyiON7JyY
Yo3ZquroO4D5/tMYUA9nUCs0HzXGTzlxvyEHX/aNIvLTB0sorAah2Diuw1LFWmAf
NhNGFV8lWcGkNLijvWZoKFPPzXLzS4ChWWYJzd8EuJQmuTaLMsUjBzeRlQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFPCznUt2UKHjvtpvRPqaIeVTfAXpMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzU4YmE2OGQzLTk0ODgtNDc2Yi04ZDQ0LTVlY2YxZjAwMThlOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQBNq+LtK0YPlr2kyUyKLSmh
2JhcF0FI+p5bqdlm8lhbZmx0CUChP9auKrOqx73Rf0RceramIeKVnNmyolETMEuj
ZqMFdxGUdbsGaLsdbUifmvl3/Wu9Umi6z1f0zvdEfPRQqYnHTS9H9OMzrv1U6XXx
G5qM4GJNVgtNMH/eoxuzjkh2t1sSQLzHiXJ2wfAhLZ8jHHjVYHe01Bxx+lxj6nDq
k5wgFB58nzupQk4t/bnai6No0JTBqYuaBEN/noxuspL4ZM+Q2bVYqLXRYmqdCdsV
3r22RYTqXGvGDsbJplgQBoMqTbDZ5IxwE1Tnc1wQwh8jPkbmbAj94hTPDJCDaJoi
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:23:54 2025 by rpki-client