Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa
File: 9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa (raw, json)
Hash identifier: a7UU/1rhwlUhR0HxumwMC9sFKsHSCzYf9NXhEx1ZKQY=
Subject key identifier: AD:B2:99:87:C6:82:60:64:9E:F7:5D:62:16:8B:14:33:67:D1:6E:A2
Certificate issuer: /CN=A91CD28A0000/serialNumber=97EBF348F376B867FC76B2B2B91078C3DD494883
Certificate serial: 6A673C34621025B8AAAA3F651DD23238EE6ED6D0
Authority key identifier: 97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa
Signing time: Mon 16 Dec 2024 00:00:00 +0000
ROA not before: Mon 16 Dec 2024 00:00:00 +0000
ROA not after: Mon 20 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 103.21.240.0/24 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:67:3c:34:62:10:25:b8:aa:aa:3f:65:1d:d2:32:38:ee:6e:d6:d0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91CD28A0000
Validity
Not Before: Dec 16 00:00:00 2024 GMT
Not After : Jan 20 23:59:59 2025 GMT
Subject: CN=4257e925-715f-47a2-893e-0e3f97ec7e22
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:42:5d:89:28:96:db:30:d3:e4:cb:56:03:98:
01:7c:37:be:8d:44:f0:0f:93:00:6f:01:c5:58:a9:
11:06:77:bd:3c:44:e9:02:f6:60:82:1b:4c:8f:24:
5b:49:30:30:f0:1d:53:57:f5:bf:7e:ec:8c:d1:a6:
4f:78:db:f8:4d:89:c3:88:fd:6e:cb:38:23:b0:71:
dc:1c:2e:1b:b2:f7:2c:00:47:c8:43:fc:71:b5:57:
0a:87:f8:ad:46:bb:c4:b8:52:7f:fa:58:a1:92:ee:
7f:64:3a:9f:55:25:b9:af:ea:5c:bc:95:1c:02:60:
f4:45:5d:10:5b:92:e5:dc:54:84:f8:8b:f7:66:88:
70:a1:e3:f7:ab:79:f2:fa:90:f4:bc:63:19:9d:99:
f0:1c:63:0b:9f:25:cd:5e:3d:dd:a3:50:32:aa:dd:
73:3e:53:50:0f:94:94:d7:42:8c:b5:df:54:d1:5d:
49:55:98:5f:5f:48:3a:60:cf:47:16:ad:21:dd:09:
80:17:ea:41:c1:9b:80:7a:8c:4b:4b:2e:d8:b4:f3:
e2:dc:18:4c:5a:fe:cb:06:8d:9b:68:1a:44:19:17:
50:b5:f1:0a:f5:f3:48:23:68:5d:f9:e5:db:09:1a:
8e:72:b2:9b:a8:ed:17:27:68:9f:e8:f7:c1:1d:97:
9a:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:B2:99:87:C6:82:60:64:9E:F7:5D:62:16:8B:14:33:67:D1:6E:A2
X509v3 Authority Key Identifier:
keyid:97:EB:F3:48:F3:76:B8:67:FC:76:B2:B2:B9:10:78:C3:DD:49:48:83
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/l-vzSPN2uGf8drKyuRB4w91JSIM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/9fbd7a58-e139-4ada-86fc-00bddf61bca6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/c3cd7c24-12cb-4abc-8fd2-5e2bcbb85ae6/90ca90a9-a10a-44e7-82b9-1365746ba55e.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.21.240.0/24
Signature Algorithm: sha256WithRSAEncryption
68:3d:16:25:3a:0d:16:09:6d:bd:6d:cd:6b:41:c0:cc:e0:a2:
9f:7f:23:31:01:7e:76:38:2d:cb:8d:c7:c6:b4:a0:20:85:2e:
a7:09:c1:72:7b:53:97:7c:32:61:8a:91:10:0a:d8:53:dc:7a:
9f:c8:d0:4b:f1:80:8e:e4:eb:ac:97:ec:6c:30:65:fd:f5:a3:
72:14:d7:04:28:23:bc:32:16:d2:80:b9:c5:62:bc:32:dc:1c:
62:34:cb:fe:2b:e1:05:2b:be:94:04:75:ca:4b:2c:0d:68:eb:
5e:7b:5b:87:1c:e1:f1:22:6e:99:25:ce:ec:44:9c:49:b7:e7:
23:ce:bd:18:d3:2a:7c:b2:c3:41:17:76:41:82:c8:ff:6b:43:
30:fc:5e:be:e7:78:09:e3:c3:f9:a5:21:ff:6f:77:56:a2:7b:
19:de:f9:ad:62:08:55:0a:a4:07:6b:23:1e:5f:00:16:23:8a:
89:d0:54:47:a1:63:ae:05:33:92:87:5b:8c:ff:bf:57:2b:b1:
67:e8:0f:e1:a8:06:38:47:f8:c5:93:dc:aa:54:82:3a:62:2b:
c9:3e:29:3b:f9:90:78:b2:9c:8e:2e:f4:70:0c:14:d1:5e:ad:
20:88:20:10:4d:00:b1:be:c3:73:71:3a:44:4f:24:5d:61:a5:
2a:9f:87:bc
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUamc8NGIQJbiqqj9lHdIyOO5u1tAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxQ0QyOEEwMDAwMTEwLwYDVQQFEyg5N0VCRjM0OEYz
NzZCODY3RkM3NkIyQjJCOTEwNzhDM0RENDk0ODgzMB4XDTI0MTIxNjAwMDAwMFoX
DTI1MDEyMDIzNTk1OVowejFJMEcGA1UEBRNAMWJjZTEzZjAyMzViOGU1YmFkNjk4
NjEzZmI2ZDU4M2Q5Mjg2YTNlYjgzZmFkMDc1MDM1NGU5ZGU0OGE1MjM4ZDEtMCsG
A1UEAxMkNDI1N2U5MjUtNzE1Zi00N2EyLTg5M2UtMGUzZjk3ZWM3ZTIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy0JdiSiW2zDT5MtWA5gBfDe+jUTw
D5MAbwHFWKkRBne9PETpAvZgghtMjyRbSTAw8B1TV/W/fuyM0aZPeNv4TYnDiP1u
yzgjsHHcHC4bsvcsAEfIQ/xxtVcKh/itRrvEuFJ/+lihku5/ZDqfVSW5r+pcvJUc
AmD0RV0QW5Ll3FSE+Iv3ZohwoeP3q3ny+pD0vGMZnZnwHGMLnyXNXj3do1Ayqt1z
PlNQD5SU10KMtd9U0V1JVZhfX0g6YM9HFq0h3QmAF+pBwZuAeoxLSy7YtPPi3BhM
Wv7LBo2baBpEGRdQtfEK9fNII2hd+eXbCRqOcrKbqO0XJ2if6PfBHZeaiQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFK2ymYfGgmBknvddYhaLFDNn0W6iMB8GA1UdIwQY
MBaAFJfr80jzdrhn/HaysrkQeMPdSUiDMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9sLXZ6U1BO
MnVHZjhkckt5dVJCNHc5MUpTSU0uY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYzNjZDdjMjQtMTJjYi00YWJjLThmZDItNWUyYmNiYjg1YWU2
LzlmYmQ3YTU4LWUxMzktNGFkYS04NmZjLTAwYmRkZjYxYmNhNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9jM2NkN2MyNC0xMmNiLTRhYmMtOGZkMi01ZTJi
Y2JiODVhZTYvOTBjYTkwYTktYTEwYS00NGU3LTgyYjktMTM2NTc0NmJhNTVlLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAZxXwMA0GCSqGSIb3DQEBCwUAA4IBAQBoPRYlOg0WCW29bc1rQcDM
4KKffyMxAX52OC3LjcfGtKAghS6nCcFye1OXfDJhipEQCthT3HqfyNBL8YCO5Ous
l+xsMGX99aNyFNcEKCO8MhbSgLnFYrwy3BxiNMv+K+EFK76UBHXKSywNaOtee1uH
HOHxIm6ZJc7sRJxJt+cjzr0Y0yp8ssNBF3ZBgsj/a0Mw/F6+53gJ48P5pSH/b3dW
onsZ3vmtYghVCqQHayMeXwAWI4qJ0FRHoWOuBTOSh1uM/79XK7Fn6A/hqAY4R/jF
k9yqVII6YivJPik7+ZB4spyOLvRwDBTRXq0giCAQTQCxvsNzcTpETyRdYaUqn4e8
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:13:42 2025 by rpki-client