Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d28e878b-7026-4092-9657-bcad7c6b3e74.roa
File: d28e878b-7026-4092-9657-bcad7c6b3e74.roa (raw, json)
Hash identifier: kBCc9JtoxeDoo7mZ54/Ko1MV4hxHVdOZHiGKLkccP5E=
Subject key identifier: 3B:FA:10:44:F5:F0:8A:14:B4:85:DA:D8:05:B8:D1:24:E5:3A:73:EF
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 60EC29351D9B34D2773C015F625F7B70FFD34E15
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d28e878b-7026-4092-9657-bcad7c6b3e74.roa
Signing time: Wed 08 Jan 2025 00:00:00 +0000
ROA not before: Wed 08 Jan 2025 00:00:00 +0000
ROA not after: Wed 12 Feb 2025 23:59:59 +0000
asID: 8987
IP address blocks: 103.246.148.0/22 maxlen: 24
Validation: Failed, certificate has expired
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:ec:29:35:1d:9b:34:d2:77:3c:01:5f:62:5f:7b:70:ff:d3:4e:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jan 8 00:00:00 2025 GMT
Not After : Feb 12 23:59:59 2025 GMT
Subject: serialNumber=3fd04857fe991804629d6aa392a3f3eeeb581bcb6367300a739f278f813504c6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:84:12:6c:0f:48:1c:06:8a:4c:49:c4:52:59:
77:51:b2:54:b7:4b:b9:55:92:2f:d6:84:ff:18:5c:
96:2b:be:57:ee:52:7d:88:a2:66:7b:ef:09:0c:45:
f3:53:c7:ed:8c:b2:53:bf:07:53:bd:1e:db:4d:19:
ff:0d:48:55:4f:da:d6:ce:b2:70:83:c3:f2:53:85:
6f:0d:31:1a:ef:67:7c:4b:36:c7:f9:eb:21:58:ae:
2a:f3:b4:19:21:4a:5f:1f:5b:13:d9:3a:3b:8a:fb:
23:7d:72:aa:0f:d8:6b:a3:fa:33:c0:62:9e:1d:2d:
ab:da:1b:86:4a:a6:42:0b:d5:45:88:82:e4:ab:f4:
97:1b:db:5c:81:4a:1e:e0:0e:c6:8f:e9:be:07:b7:
df:dd:4d:82:03:ea:0e:b1:9e:fa:d8:9c:6a:63:51:
45:a4:d1:70:45:08:9b:b7:07:87:31:26:d1:0e:7c:
3d:52:92:eb:02:92:a1:31:c5:13:f3:5f:8f:80:a6:
f1:32:63:09:be:5c:54:f0:03:e1:d5:4a:b6:dd:80:
9c:4b:79:15:2f:da:36:66:25:5c:05:17:84:cc:a7:
30:da:fb:18:5a:59:0c:47:13:dc:ee:d4:7d:a2:1f:
8c:6e:b9:5b:47:f5:23:3d:9e:5b:b5:d6:83:4e:13:
b3:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:FA:10:44:F5:F0:8A:14:B4:85:DA:D8:05:B8:D1:24:E5:3A:73:EF
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d28e878b-7026-4092-9657-bcad7c6b3e74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.246.148.0/22
Signature Algorithm: sha256WithRSAEncryption
b6:00:02:ac:b6:76:ae:6e:01:44:37:f4:3d:68:52:ab:99:68:
a1:e4:fa:6b:b8:21:8d:98:52:d1:77:2f:8f:dd:bd:54:58:44:
5d:74:4e:25:71:69:d6:da:76:29:68:d3:ba:ba:cd:63:db:87:
a8:c0:2c:4b:ab:e1:8f:c5:34:e6:91:c6:6c:7f:94:c1:65:a3:
4b:bb:85:d6:da:ce:00:22:95:b3:98:9e:6b:16:50:47:c8:05:
a4:26:cb:b6:56:a6:4b:94:8b:3d:b2:a5:c2:a1:05:f1:72:b9:
80:cc:64:0c:1e:31:18:b4:a9:71:22:9d:4b:8a:45:71:3f:95:
70:4b:fa:44:c2:ba:bd:83:8b:e5:00:58:c8:34:a3:a9:b9:42:
71:f8:0d:43:5a:56:92:85:3d:8e:87:e8:5b:32:d8:dd:e0:f0:
f7:a3:4c:c4:89:33:f1:fb:4a:85:52:96:7e:db:d9:eb:6c:7f:
77:ec:29:7f:65:30:35:f8:92:ee:aa:c1:84:28:9c:39:19:01:
51:6e:f6:7c:72:c8:41:ab:6d:67:cc:da:7f:48:12:fc:43:be:
d7:0c:54:92:f3:c8:b2:f0:a9:de:e6:33:8d:87:1e:f4:66:de:
75:61:f7:f4:c4:b4:dc:ac:98:74:e2:4c:64:3d:ce:87:01:ef:
d8:b5:5c:53
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUYOwpNR2bNNJ3PAFfYl97cP/TThUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDEwODAwMDAwMFoX
DTI1MDIxMjIzNTk1OVowejFJMEcGA1UEBRNAM2ZkMDQ4NTdmZTk5MTgwNDYyOWQ2
YWEzOTJhM2YzZWVlYjU4MWJjYjYzNjczMDBhNzM5ZjI3OGY4MTM1MDRjNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6IQSbA9IHAaKTEnEUll3UbJUt0u5
VZIv1oT/GFyWK75X7lJ9iKJme+8JDEXzU8ftjLJTvwdTvR7bTRn/DUhVT9rWzrJw
g8PyU4VvDTEa72d8SzbH+eshWK4q87QZIUpfH1sT2To7ivsjfXKqD9hro/ozwGKe
HS2r2huGSqZCC9VFiILkq/SXG9tcgUoe4A7Gj+m+B7ff3U2CA+oOsZ762JxqY1FF
pNFwRQibtweHMSbRDnw9UpLrApKhMcUT81+PgKbxMmMJvlxU8APh1Uq23YCcS3kV
L9o2ZiVcBReEzKcw2vsYWlkMRxPc7tR9oh+MbrlbR/UjPZ5btdaDThOz2wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFDv6EET18IoUtIXa2AW40STlOnPvMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2QyOGU4NzhiLTcwMjYtNDA5Mi05NjU3LWJjYWQ3YzZiM2U3NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCZ/aUMA0GCSqGSIb3DQEBCwUAA4IBAQC2AAKstnaubgFEN/Q9aFKr
mWih5PpruCGNmFLRdy+P3b1UWERddE4lcWnW2nYpaNO6us1j24eowCxLq+GPxTTm
kcZsf5TBZaNLu4XW2s4AIpWzmJ5rFlBHyAWkJsu2VqZLlIs9sqXCoQXxcrmAzGQM
HjEYtKlxIp1LikVxP5VwS/pEwrq9g4vlAFjINKOpuUJx+A1DWlaShT2Oh+hbMtjd
4PD3o0zEiTPx+0qFUpZ+29nrbH937Cl/ZTA1+JLuqsGEKJw5GQFRbvZ8cshBq21n
zNp/SBL8Q77XDFSS88iy8Kne5jONhx70Zt51Yff0xLTcrJh04kxkPc6HAe/YtVxT
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:31:54 2025 by rpki-client