Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/98be1b25-e267-48c9-8089-71d3f3f86c51.roa
File: 98be1b25-e267-48c9-8089-71d3f3f86c51.roa (raw, json)
Hash identifier: nA4PEQDaiomO88918XvWDno+bkwBtxPf1ZHzdIfkdME=
Subject key identifier: 91:AA:0C:91:2D:60:DD:53:32:AD:46:B9:08:E5:E6:30:08:36:19:FF
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 7F7F57ACBC5C2E653240324F682B86D72762C8A2
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/98be1b25-e267-48c9-8089-71d3f3f86c51.roa
Signing time: Tue 17 Dec 2024 00:00:00 +0000
ROA not before: Tue 17 Dec 2024 00:00:00 +0000
ROA not after: Tue 21 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 103.21.241.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:7f:57:ac:bc:5c:2e:65:32:40:32:4f:68:2b:86:d7:27:62:c8:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Dec 17 00:00:00 2024 GMT
Not After : Jan 21 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:17:4a:91:3b:74:49:0e:73:34:19:42:46:1c:
5f:68:8b:a5:d9:b1:eb:3a:45:8c:18:21:47:6d:53:
0e:b7:38:ed:35:06:b5:cb:1e:7f:2f:f8:06:36:b4:
2c:52:87:e6:17:39:6b:85:69:ac:2f:e7:7d:d0:d3:
bf:f6:a9:66:03:57:93:67:f1:c3:eb:3e:dc:36:77:
e7:95:72:33:c4:9b:5c:75:b1:6d:6f:43:7a:f5:f3:
0e:c1:0f:d4:07:28:c6:90:8d:2f:9d:7c:67:35:c0:
1c:26:4a:5b:98:30:ea:a2:fc:03:98:6c:91:c3:c4:
3e:21:d7:8d:65:06:b4:54:72:db:e2:70:73:cf:a5:
b3:34:8c:82:c9:47:2f:6f:b1:f7:bd:b9:12:74:b4:
74:b7:2a:11:95:15:8f:b5:ae:d7:87:b1:e9:42:88:
98:2d:13:48:1d:21:d1:99:9f:75:42:07:11:ac:30:
c8:e7:ba:3e:ea:9c:bf:83:79:60:c4:bb:9b:b4:b1:
99:ef:db:1d:7a:72:36:42:31:bd:f8:b8:9b:c2:54:
8a:63:bc:89:69:26:62:e9:5d:77:82:be:a0:09:37:
da:f7:24:d0:3f:ba:8c:1e:11:1a:26:1c:05:57:96:
32:4f:7b:60:0f:38:09:8a:04:5a:28:ef:b1:d2:98:
d0:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:AA:0C:91:2D:60:DD:53:32:AD:46:B9:08:E5:E6:30:08:36:19:FF
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/98be1b25-e267-48c9-8089-71d3f3f86c51.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.21.241.0/24
Signature Algorithm: sha256WithRSAEncryption
ac:77:0f:8f:d4:0f:f2:c3:a2:2e:e8:78:4b:9e:a3:de:52:d5:
2e:6d:1f:58:68:4c:49:e6:2a:74:da:af:6b:fc:b9:0a:8c:94:
dc:16:37:6e:aa:52:3c:23:86:d7:74:96:c3:e3:b0:6e:0d:5e:
cb:6a:13:ad:45:9c:0d:fa:61:70:04:46:a7:58:52:65:f3:0d:
51:78:3c:d9:ad:43:47:49:83:4b:43:7e:4b:f0:30:d2:8c:3e:
ab:e3:21:0e:2b:03:f5:72:7e:6b:a9:15:5e:98:8b:a9:87:bd:
5d:eb:10:c7:79:be:ba:e6:83:ea:39:6a:aa:82:43:e8:fa:e5:
23:69:7d:fd:48:dc:1b:82:e6:a8:82:a7:ed:56:dd:2b:aa:2e:
46:8c:9a:a4:2a:51:56:9c:00:ae:89:8a:f2:e0:88:8c:7e:7b:
00:57:0e:bc:fc:51:c1:87:e7:16:2c:d1:c8:df:1b:05:bc:32:
e3:2f:c7:d3:21:53:bf:9a:fa:ba:fb:9b:91:39:cc:5c:9b:9e:
ef:7e:15:85:8a:8c:ae:74:38:1f:94:f4:78:8b:bc:0d:1d:db:
25:63:07:5c:22:5c:f3:43:24:8c:17:fb:10:75:a7:6e:ce:e2:
86:bb:29:ed:4d:a2:1c:e0:d0:6c:42:98:2a:73:8d:f2:47:0b:
c1:b4:dc:47
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUf39XrLxcLmUyQDJPaCuG1ydiyKIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTIxNzAwMDAwMFoX
DTI1MDEyMTIzNTk1OVowejFJMEcGA1UEBRNAZjhkODMwZDgyZGE5ZWM0Y2Q4ZjA0
Nzc4N2EwYWM5NmFmY2RjY2IwNTUzYjViYzlkMDljYjY1YWQwNjY0MGFhMjEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhdKkTt0SQ5zNBlCRhxfaIul2bHr
OkWMGCFHbVMOtzjtNQa1yx5/L/gGNrQsUofmFzlrhWmsL+d90NO/9qlmA1eTZ/HD
6z7cNnfnlXIzxJtcdbFtb0N69fMOwQ/UByjGkI0vnXxnNcAcJkpbmDDqovwDmGyR
w8Q+IdeNZQa0VHLb4nBzz6WzNIyCyUcvb7H3vbkSdLR0tyoRlRWPta7Xh7HpQoiY
LRNIHSHRmZ91QgcRrDDI57o+6py/g3lgxLubtLGZ79sdenI2QjG9+LibwlSKY7yJ
aSZi6V13gr6gCTfa9yTQP7qMHhEaJhwFV5YyT3tgDzgJigRaKO+x0pjQwQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFJGqDJEtYN1TMq1GuQjl5jAINhn/MB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
Lzk4YmUxYjI1LWUyNjctNDhjOS04MDg5LTcxZDNmM2Y4NmM1MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAZxXxMA0GCSqGSIb3DQEBCwUAA4IBAQCsdw+P1A/yw6Iu6HhLnqPe
UtUubR9YaExJ5ip02q9r/LkKjJTcFjduqlI8I4bXdJbD47BuDV7LahOtRZwN+mFw
BEanWFJl8w1ReDzZrUNHSYNLQ35L8DDSjD6r4yEOKwP1cn5rqRVemIuph71d6xDH
eb665oPqOWqqgkPo+uUjaX39SNwbguaogqftVt0rqi5GjJqkKlFWnACuiYry4IiM
fnsAVw68/FHBh+cWLNHI3xsFvDLjL8fTIVO/mvq6+5uROcxcm57vfhWFioyudDgf
lPR4i7wNHdslYwdcIlzzQySMF/sQdaduzuKGuyntTaIc4NBsQpgqc43yRwvBtNxH
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:45:22 2025 by rpki-client