Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/4d07a3cb-aaaf-4eb6-8cd9-146e8de61f27.roa
File: 4d07a3cb-aaaf-4eb6-8cd9-146e8de61f27.roa (raw, json)
Hash identifier: ugqvy5zMwdhWVmtmMb/1lZGgS71tqehw883qg27s9OQ=
Subject key identifier: 17:0F:C6:C7:13:9E:62:4B:6F:6E:43:C9:91:4A:C1:F3:30:C3:E5:B9
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 28CDAA7A4695DFFE4296C14493937C3D9F42AE76
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/4d07a3cb-aaaf-4eb6-8cd9-146e8de61f27.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.250.196.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:cd:aa:7a:46:95:df:fe:42:96:c1:44:93:93:7c:3d:9f:42:ae:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a4:36:55:c8:39:35:0a:c9:5c:fd:e1:86:aa:
e7:2b:9a:66:e6:99:ff:3d:64:41:86:78:41:ba:55:
95:04:41:6a:e8:e8:78:81:91:72:b8:f9:00:39:0a:
ef:26:5e:55:a0:6f:45:81:5a:51:0b:96:99:0c:54:
ed:1a:68:c2:9f:ef:14:0f:c4:0f:95:69:8e:d1:a6:
28:44:ca:14:75:b5:1e:d4:83:7b:60:30:ff:18:18:
0f:15:52:7e:07:90:80:16:3f:94:f9:a5:65:3c:18:
8a:4f:0e:65:b4:00:98:72:aa:18:77:d7:35:1a:a0:
81:cb:5a:17:d2:b4:ca:f6:7d:ec:35:c3:1a:5b:19:
fd:b6:91:ea:cb:51:f6:9d:e0:ff:16:e2:a2:38:8b:
d8:d8:b5:fe:de:b0:70:89:eb:a7:72:52:a3:4f:6c:
0a:ca:cd:98:39:c0:d8:d1:d1:90:1f:72:2d:54:ad:
bc:01:6a:ba:5d:ac:98:b7:d7:0c:56:32:e5:8a:8f:
2e:88:64:65:15:85:3c:64:ae:9d:34:0e:28:9b:c6:
b6:1f:01:f0:be:87:c9:2c:c3:12:f4:c2:e7:e7:47:
65:45:1d:b8:3e:f3:e6:5e:de:e3:b5:8e:8c:d3:27:
0f:42:8d:7f:43:fa:cf:be:a1:28:89:f6:5c:1e:3d:
75:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:0F:C6:C7:13:9E:62:4B:6F:6E:43:C9:91:4A:C1:F3:30:C3:E5:B9
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/4d07a3cb-aaaf-4eb6-8cd9-146e8de61f27.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.250.196.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:ff:9d:2a:11:a0:a5:ce:15:68:28:08:bf:a8:4f:45:0a:e3:
0c:20:04:31:f5:43:90:df:a7:46:cf:dc:25:b2:65:54:2d:af:
3c:c0:50:d5:f4:0d:ba:a1:1c:0f:03:be:30:d6:6c:80:2b:94:
31:ca:2b:e3:99:7b:2e:8e:e2:65:26:c9:64:e1:14:9d:b5:5a:
27:d6:3e:d4:1c:df:c4:0e:3c:16:e2:ec:0f:d5:d1:c6:c6:2c:
c6:50:ed:35:dc:94:1a:12:1e:4f:19:3e:1d:64:86:49:d5:f1:
99:67:2e:2e:47:9d:24:6c:19:ab:2c:86:43:d2:73:e4:4b:86:
e2:c0:d2:4a:eb:4a:fa:8b:8e:1e:a4:e0:6b:4e:2a:03:ef:ca:
1b:ab:99:20:c9:84:70:ad:67:e0:fd:b2:53:34:55:4b:eb:2f:
53:ae:cc:2f:c6:74:73:91:f7:ba:8c:7b:e7:ca:96:99:57:fa:
d1:db:60:b1:ed:ee:38:44:cb:81:ea:df:ff:14:5c:d2:11:d1:
ce:1a:b1:61:71:56:0c:89:e5:1c:62:ee:d5:ac:f4:b3:ca:33:
e7:47:69:98:23:58:48:d8:98:83:c6:87:f3:9b:e4:f3:c8:46:
47:27:9e:42:75:3c:3d:11:93:42:61:65:eb:ac:3b:9a:5b:67:
bc:89:0b:1a
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUKM2qekaV3/5ClsFEk5N8PZ9CrnYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTIyNTAwMDAwMFoX
DTI1MDEyOTIzNTk1OVowejFJMEcGA1UEBRNAM2JkMDU0YzA4ODYwYzA3N2NiMDBi
MTBhYjg5Y2FhMzkwZmRiMjRiNWNiZWQ2OTA4MjFiNmM0ODRhODZjZmE3ZjEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6Q2Vcg5NQrJXP3hhqrnK5pm5pn/
PWRBhnhBulWVBEFq6Oh4gZFyuPkAOQrvJl5VoG9FgVpRC5aZDFTtGmjCn+8UD8QP
lWmO0aYoRMoUdbUe1IN7YDD/GBgPFVJ+B5CAFj+U+aVlPBiKTw5ltACYcqoYd9c1
GqCBy1oX0rTK9n3sNcMaWxn9tpHqy1H2neD/FuKiOIvY2LX+3rBwieunclKjT2wK
ys2YOcDY0dGQH3ItVK28AWq6XayYt9cMVjLlio8uiGRlFYU8ZK6dNA4om8a2HwHw
vofJLMMS9MLn50dlRR24PvPmXt7jtY6M0ycPQo1/Q/rPvqEoifZcHj11xwIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFBcPxscTnmJLb25DyZFKwfMww+W5MB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
LzRkMDdhM2NiLWFhYWYtNGViNi04Y2Q5LTE0NmU4ZGU2MWYyNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK/rEMA0GCSqGSIb3DQEBCwUAA4IBAQCh/50qEaClzhVoKAi/qE9F
CuMMIAQx9UOQ36dGz9wlsmVULa88wFDV9A26oRwPA74w1myAK5QxyivjmXsujuJl
Jslk4RSdtVon1j7UHN/EDjwW4uwP1dHGxizGUO013JQaEh5PGT4dZIZJ1fGZZy4u
R50kbBmrLIZD0nPkS4biwNJK60r6i44epOBrTioD78obq5kgyYRwrWfg/bJTNFVL
6y9TrswvxnRzkfe6jHvnypaZV/rR22Cx7e44RMuB6t//FFzSEdHOGrFhcVYMieUc
Yu7VrPSzyjPnR2mYI1hI2JiDxofzm+TzyEZHJ55CdTw9EZNCYWXrrDuaW2e8iQsa
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:49:14 2025 by rpki-client