Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/ca0293e8-a412-4e93-bccc-69fffbada891.roa
File: ca0293e8-a412-4e93-bccc-69fffbada891.roa (raw, json)
Hash identifier: T2JKL2IyZ89UpDCp9maAqjoaWjwd3GaNc6w/FEUHjIA=
Subject key identifier: 6E:BF:63:43:20:C0:62:B3:CF:CB:CF:4D:50:E5:12:52:4C:BA:CD:49
Certificate issuer: /CN=A91509EC0000/serialNumber=16F524F8E0EC7CAE0769C42E50FFB3A2B564A6AC
Certificate serial: 6947F7615CE758A96284E790BC4E5C7B8E69801B
Authority key identifier: 16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/ca0293e8-a412-4e93-bccc-69fffbada891.roa
Signing time: Sat 30 Nov 2024 00:00:00 +0000
ROA not before: Sat 30 Nov 2024 00:00:00 +0000
ROA not after: Sat 04 Jan 2025 23:59:59 +0000
asID: 14618
IP address blocks: 103.4.8.0/21 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:47:f7:61:5c:e7:58:a9:62:84:e7:90:bc:4e:5c:7b:8e:69:80:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91509EC0000
Validity
Not Before: Nov 30 00:00:00 2024 GMT
Not After : Jan 4 23:59:59 2025 GMT
Subject: CN=58810403-9ba0-403a-809b-c78252ab7f5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:6f:0d:a9:df:5c:1d:d7:03:3e:4a:18:4d:a3:
c7:ad:36:6c:d6:4e:d3:6e:e0:10:77:36:ff:8a:2f:
dc:f1:fb:d9:5e:f6:f6:37:72:dd:65:cd:93:e2:75:
50:ce:68:af:56:d2:bd:fb:b4:71:dd:0e:3c:8d:fa:
75:ab:a1:46:0d:ec:29:46:fd:a1:5b:14:f9:08:ab:
1c:2a:8b:68:9d:8e:fe:87:57:09:be:8b:95:3c:af:
4a:0a:50:f0:01:ff:c2:31:7e:5e:47:23:16:4c:07:
d8:e6:5a:74:98:08:d1:9a:30:cd:89:9c:f5:fa:98:
ef:77:d5:4c:23:ee:5e:fd:ca:fe:45:42:01:42:52:
ed:9a:5d:b7:0e:04:f1:0a:8c:11:f5:47:50:fd:ff:
0d:64:3c:a0:ff:07:1b:83:79:4c:bd:41:db:63:c4:
12:b3:86:ed:0f:e4:83:fc:84:98:49:58:2f:c5:c8:
ee:79:37:69:8a:4d:9b:4b:11:95:68:2c:75:57:b9:
7d:a8:83:33:20:77:05:08:b3:96:67:a9:84:7b:3a:
4d:16:01:62:0a:a0:af:c2:7f:01:2b:20:31:6c:ff:
3e:7f:45:28:c0:9b:05:43:7e:48:ba:7d:49:c2:1d:
7f:3a:94:fa:c9:42:91:d7:c7:8b:48:44:2c:88:49:
38:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6E:BF:63:43:20:C0:62:B3:CF:CB:CF:4D:50:E5:12:52:4C:BA:CD:49
X509v3 Authority Key Identifier:
keyid:16:F5:24:F8:E0:EC:7C:AE:07:69:C4:2E:50:FF:B3:A2:B5:64:A6:AC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/FvUk-ODsfK4HacQuUP-zorVkpqw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/ca0293e8-a412-4e93-bccc-69fffbada891.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/db9a372a-09bc-4a32-bfe4-8c48e5dbd219/6ecb3cca-488d-43b9-a50b-d37c0c55a9e1.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.4.8.0/21
Signature Algorithm: sha256WithRSAEncryption
24:77:9e:bd:98:d9:63:75:a9:c9:c4:8f:d4:9a:6f:45:f6:12:
36:8a:90:df:cb:f9:1a:2b:d5:e5:80:0c:57:7b:1c:74:76:19:
c4:c6:d5:90:ac:f4:23:94:e6:79:f3:02:93:fa:72:65:a7:93:
06:26:7c:07:e0:17:3d:20:51:06:c7:0f:19:9e:77:09:d7:12:
ff:bf:d4:34:b8:82:fb:92:02:ac:6a:c7:71:99:6f:cc:e2:7a:
96:69:ad:16:f2:f7:d6:01:93:b8:17:76:24:41:ce:45:c6:cb:
b9:fa:e1:f4:d9:7a:ab:b3:d8:61:31:36:0d:3a:dd:e5:3a:5b:
ed:81:34:1a:bc:63:ab:87:80:0e:c1:7a:a8:36:13:6a:64:4a:
8b:77:cb:ed:96:ce:ec:17:f5:02:c0:8a:21:8d:e3:19:bb:2a:
a8:71:e7:4c:8d:fd:9a:66:46:f6:bd:79:4b:86:00:d9:76:d9:
90:63:87:35:1d:ee:07:3d:a6:7c:3b:bb:8b:f8:84:99:8a:57:
50:a0:71:a9:4f:6a:6a:b9:db:04:8c:be:74:87:98:a2:49:92:
20:be:16:c7:63:c4:da:2f:21:3d:74:ff:8b:fa:19:45:a7:f9:
aa:9e:a0:0e:c6:c1:a3:6a:df:05:c2:a5:47:c0:fb:d3:04:2b:
f7:ae:5c:42
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUaUf3YVznWKlihOeQvE5ce45pgBswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNTA5RUMwMDAwMTEwLwYDVQQFEygxNkY1MjRGOEUw
RUM3Q0FFMDc2OUM0MkU1MEZGQjNBMkI1NjRBNkFDMB4XDTI0MTEzMDAwMDAwMFoX
DTI1MDEwNDIzNTk1OVowejFJMEcGA1UEBRNAY2Y2ZTgxMzU2YjZkMmFiMmY2ZjYy
N2U5NzE4MGZjOTAwOTMwMDNmNmE4ZGEzMGQ3OGNkYmUwYzc0NzRlNDJmYTEtMCsG
A1UEAxMkNTg4MTA0MDMtOWJhMC00MDNhLTgwOWItYzc4MjUyYWI3ZjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsm8Nqd9cHdcDPkoYTaPHrTZs1k7T
buAQdzb/ii/c8fvZXvb2N3LdZc2T4nVQzmivVtK9+7Rx3Q48jfp1q6FGDewpRv2h
WxT5CKscKotonY7+h1cJvouVPK9KClDwAf/CMX5eRyMWTAfY5lp0mAjRmjDNiZz1
+pjvd9VMI+5e/cr+RUIBQlLtml23DgTxCowR9UdQ/f8NZDyg/wcbg3lMvUHbY8QS
s4btD+SD/ISYSVgvxcjueTdpik2bSxGVaCx1V7l9qIMzIHcFCLOWZ6mEezpNFgFi
CqCvwn8BKyAxbP8+f0UowJsFQ35Iun1Jwh1/OpT6yUKR18eLSEQsiEk41QIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFG6/Y0MgwGKzz8vPTVDlElJMus1JMB8GA1UdIwQY
MBaAFBb1JPjg7HyuB2nELlD/s6K1ZKasMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9GdlVrLU9E
c2ZLNEhhY1F1VVAtem9yVmtwcXcuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvZGI5YTM3MmEtMDliYy00YTMyLWJmZTQtOGM0OGU1ZGJkMjE5
L2NhMDI5M2U4LWE0MTItNGU5My1iY2NjLTY5ZmZmYmFkYTg5MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9kYjlhMzcyYS0wOWJjLTRhMzItYmZlNC04YzQ4
ZTVkYmQyMTkvNmVjYjNjY2EtNDg4ZC00M2I5LWE1MGItZDM3YzBjNTVhOWUxLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQDZwQIMA0GCSqGSIb3DQEBCwUAA4IBAQAkd569mNljdanJxI/Umm9F
9hI2ipDfy/kaK9XlgAxXexx0dhnExtWQrPQjlOZ58wKT+nJlp5MGJnwH4Bc9IFEG
xw8ZnncJ1xL/v9Q0uIL7kgKsasdxmW/M4nqWaa0W8vfWAZO4F3YkQc5Fxsu5+uH0
2Xqrs9hhMTYNOt3lOlvtgTQavGOrh4AOwXqoNhNqZEqLd8vtls7sF/UCwIohjeMZ
uyqocedMjf2aZkb2vXlLhgDZdtmQY4c1He4HPaZ8O7uL+ISZildQoHGpT2pqudsE
jL50h5iiSZIgvhbHY8TaLyE9dP+L+hlFp/mqnqAOxsGjat8FwqVHwPvTBCv3rlxC
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:48:05 2025 by rpki-client