Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/01809cdd-6c02-42ea-b174-eaf3b6ef39da.roa
File: 01809cdd-6c02-42ea-b174-eaf3b6ef39da.roa (raw, json)
Hash identifier: P6tbrVwC2hseQLPA5ekz+XwPUq1derX1818wMINxFdU=
Subject key identifier: 31:80:35:9F:8E:0C:8D:A3:92:54:DF:72:41:AD:75:86:2B:D3:EA:B5
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0CA25F47F4080962785B887D3DBB4A16356B1A6A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/01809cdd-6c02-42ea-b174-eaf3b6ef39da.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:2000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:a2:5f:47:f4:08:09:62:78:5b:88:7d:3d:bb:4a:16:35:6b:1a:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:02:7a:67:35:db:cc:7a:64:24:40:a5:fd:c6:
c2:9b:38:80:5f:c0:e0:d1:10:3f:59:07:3f:f5:c0:
bf:e5:ec:b9:2f:73:80:a0:2f:2c:e2:59:d7:2e:63:
3f:93:94:a1:f0:13:7f:aa:8b:9c:1f:01:ca:5c:0d:
84:43:db:8f:e0:59:c6:37:24:6c:89:e2:45:ac:cf:
b5:0e:d0:e6:2f:bb:cb:b3:3d:07:0c:19:79:c2:9e:
12:68:b3:16:df:98:d7:a9:7e:a7:fe:86:43:ee:08:
ac:da:2d:79:58:76:6b:33:f6:31:e3:b9:96:a2:16:
92:88:75:b4:98:12:4f:b0:25:44:fc:ab:f9:2a:9e:
dd:c4:70:0c:71:1a:7e:4c:e4:7a:3b:67:ec:f9:45:
a1:7a:03:69:43:a7:76:cb:c6:3f:7b:a6:5f:4b:24:
2b:b4:7a:d0:47:e9:47:b3:fd:4f:fc:85:17:22:6d:
1b:7d:4c:34:42:89:63:b9:77:c1:c8:ae:38:5e:10:
3b:90:6a:6b:3b:65:d0:b8:72:a7:73:45:3b:91:cc:
72:0d:59:c9:43:be:7c:b6:24:b8:15:b9:72:c9:c9:
3b:64:64:ce:a0:a9:68:02:41:8e:77:88:28:df:dc:
a1:43:9b:9f:f8:84:18:46:dc:0e:3f:b1:4e:cd:62:
62:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:80:35:9F:8E:0C:8D:A3:92:54:DF:72:41:AD:75:86:2B:D3:EA:B5
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/01809cdd-6c02-42ea-b174-eaf3b6ef39da.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:2000::/40
Signature Algorithm: sha256WithRSAEncryption
2f:fa:f0:84:73:53:53:b0:9c:74:3a:1f:73:c4:c6:eb:d8:54:
d3:4a:6b:af:c6:72:df:b5:c1:39:1e:43:dd:90:6b:d5:f8:14:
a6:5d:c9:8a:20:15:9e:2b:09:9c:47:1b:f4:09:6d:c7:0e:ec:
ef:d2:db:1d:e9:0c:c7:8c:a7:06:ed:95:01:1d:b4:71:3d:cd:
0a:3d:a4:06:b8:d2:98:1e:a5:49:97:ac:3d:0d:a2:fd:b1:5c:
35:86:4f:08:00:d2:c6:70:ab:ae:08:7a:04:32:c2:85:8f:ae:
64:54:c9:ba:6b:25:08:a2:b0:95:0e:27:af:d3:4b:21:a3:77:
54:8c:cf:02:4b:89:1b:5c:92:ba:c4:56:35:e1:5b:04:e6:27:
3e:6f:a4:cc:83:81:2e:46:47:7d:3e:c3:65:43:8e:e3:c8:f8:
7a:e1:79:c6:2e:1f:b1:47:86:bd:a8:b8:8e:7c:26:5e:bc:5f:
60:c3:5f:aa:fb:84:6c:7c:76:9a:13:b4:96:eb:a6:4b:9f:74:
07:f3:77:f6:26:cc:71:a3:fd:05:bf:ed:b1:93:56:dd:e1:cd:
d7:60:bc:4e:cc:7b:cd:60:33:7f:4f:ac:72:7a:f6:24:66:9b:
7b:17:f4:dd:19:cd:c0:5f:bd:69:22:99:da:ea:25:79:1d:26:
e2:44:8e:a5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUDKJfR/QICWJ4W4h9PbtKFjVrGmowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANjRkODYwYzdjODFiOTMzZTgyNGM5
MWU1MjQ2MzRjYTdhYWYwZWQxOWMwOGNmZjlhY2MzOGIyOTJmNWNlZDY4ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkwJ6ZzXbzHpkJECl/cbCmziAX8Dg
0RA/WQc/9cC/5ey5L3OAoC8s4lnXLmM/k5Sh8BN/qoucHwHKXA2EQ9uP4FnGNyRs
ieJFrM+1DtDmL7vLsz0HDBl5wp4SaLMW35jXqX6n/oZD7gis2i15WHZrM/Yx47mW
ohaSiHW0mBJPsCVE/Kv5Kp7dxHAMcRp+TOR6O2fs+UWhegNpQ6d2y8Y/e6ZfSyQr
tHrQR+lHs/1P/IUXIm0bfUw0QoljuXfByK44XhA7kGprO2XQuHKnc0U7kcxyDVnJ
Q758tiS4Fblyyck7ZGTOoKloAkGOd4go39yhQ5uf+IQYRtwOP7FOzWJiGwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDGANZ+ODI2jklTfckGtdYYr0+q1MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzAxODA5Y2RkLTZjMDItNDJlYS1iMTc0LWVhZjNiNmVmMzlkYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9CAwDQYJKoZIhvcNAQELBQADggEBAC/68IRzU1OwnHQ6H3PE
xuvYVNNKa6/Gct+1wTkeQ92Qa9X4FKZdyYogFZ4rCZxHG/QJbccO7O/S2x3pDMeM
pwbtlQEdtHE9zQo9pAa40pgepUmXrD0Nov2xXDWGTwgA0sZwq64IegQywoWPrmRU
ybprJQiisJUOJ6/TSyGjd1SMzwJLiRtckrrEVjXhWwTmJz5vpMyDgS5GR30+w2VD
juPI+HrhecYuH7FHhr2ouI58Jl68X2DDX6r7hGx8dpoTtJbrpkufdAfzd/YmzHGj
/QW/7bGTVt3hzddgvE7Me81gM39PrHJ69iRmm3sX9N0ZzcBfvWkimdrqJXkdJuJE
jqU=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:51:35 2025 by rpki-client