Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0818112b-58fa-421a-8be9-c4d17b28b642.roa
File: 0818112b-58fa-421a-8be9-c4d17b28b642.roa (raw, json)
Hash identifier: iBNL1n+fsJGPdeKe7DAwtWIz1l3UxQgQ8lctzxWxi3Q=
Subject key identifier: 0E:C5:01:54:D2:82:02:9F:FF:52:C6:DB:F6:EE:5E:FA:E9:19:9D:7D
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5287BECB6281851F688BC8D97157854EEB3995AB
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0818112b-58fa-421a-8be9-c4d17b28b642.roa
Signing time: Wed 14 May 2025 00:01:06 +0000
ROA not before: Wed 14 May 2025 00:01:06 +0000
ROA not after: Wed 18 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:8800::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 03 Jun 2025 19:37:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:87:be:cb:62:81:85:1f:68:8b:c8:d9:71:57:85:4e:eb:39:95:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: May 14 00:01:06 2025 GMT
Not After : Jun 18 23:59:59 2025 GMT
Subject: serialNumber=91ba251bc528ab45a990961ba7db29897701242905c0cbe126b5d9babc424722, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:6c:d1:58:1f:5c:df:52:f8:fa:8c:57:80:9a:
9e:3c:c1:31:ef:c3:70:e8:6b:9d:b5:54:ff:a9:17:
d2:b3:a4:4c:1c:08:6f:61:0f:72:f0:a8:fe:14:2f:
2c:22:c0:00:a2:fd:f1:f3:e8:39:0f:d5:b0:7a:e1:
2f:ff:99:4e:7e:e8:7b:80:49:fa:2b:e1:34:aa:aa:
cd:4c:1e:87:5e:20:dd:4b:7b:4a:11:0f:ba:45:18:
ba:03:94:5c:51:15:1a:0f:80:7b:54:b3:e7:95:3c:
62:fa:c2:3c:da:12:d9:a8:42:81:d9:18:8e:11:fc:
33:5a:fb:f2:8c:f8:7d:ec:f7:52:a5:67:6a:54:11:
44:99:9b:69:57:8a:52:5d:0b:87:09:24:9d:e2:c4:
8b:37:e7:07:48:41:68:eb:5b:50:ce:02:94:ca:97:
6e:d9:78:55:fc:44:5e:c9:e4:70:c1:c5:4e:7f:43:
74:9d:32:fe:a1:e2:30:d2:ae:a9:01:ca:c5:ef:a7:
73:86:db:4f:48:6c:01:f1:7c:32:a2:d7:d3:33:05:
dc:2f:f9:63:1e:ed:d6:b9:1a:81:ec:80:af:5e:b2:
f8:63:13:03:59:03:b3:e0:f0:87:5d:3f:96:64:19:
52:cb:d1:11:e1:dc:8b:a3:96:0b:64:8e:f2:10:ab:
e5:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:C5:01:54:D2:82:02:9F:FF:52:C6:DB:F6:EE:5E:FA:E9:19:9D:7D
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0818112b-58fa-421a-8be9-c4d17b28b642.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:8800::/40
Signature Algorithm: sha256WithRSAEncryption
2b:20:0b:0e:f0:ed:ad:4e:ee:12:82:8c:bd:85:23:f5:b7:34:
10:37:d4:e3:ee:6e:2b:5f:fa:ec:75:9a:82:5f:4d:00:a5:29:
d5:8a:0b:47:3c:13:3f:d6:f0:4e:a2:ad:dc:cd:74:9c:2c:df:
a0:72:df:18:96:da:5a:a6:4f:1e:71:d1:f9:3a:89:11:e9:2c:
ff:65:c5:78:f7:b2:88:0d:b0:a2:91:97:63:e1:50:4b:f9:5a:
7d:3c:79:2b:7d:6d:9b:72:6e:3c:a6:54:fd:37:4a:9b:1b:1b:
28:f7:1a:24:be:8e:4b:7f:c9:ff:e4:73:a3:b4:2e:e9:a9:ad:
9c:56:01:5d:56:ea:42:ba:b4:4c:ed:a0:92:11:4b:2d:bc:33:
8d:7d:e4:ba:c5:c3:9e:f4:0c:26:67:f3:3d:ab:e8:9c:8d:6c:
84:6f:da:be:1e:b5:29:89:03:2f:d4:bd:33:50:fc:31:2d:10:
5c:05:7c:a8:41:b8:37:dc:93:e6:6f:21:6c:4e:19:dc:19:75:
83:44:26:08:12:78:20:40:d0:7b:dc:6e:e3:bb:a8:22:cf:4e:
24:b3:eb:b1:e7:4e:90:4b:fb:8c:42:ec:58:1c:ea:54:dd:74:
5d:3d:a6:3e:59:2e:f4:5f:6b:fa:dc:f3:3f:0c:13:80:5d:cd:
68:25:3c:0d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUUoe+y2KBhR9oi8jZcVeFTus5laswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNDAwMDEwNloX
DTI1MDYxODIzNTk1OVowejFJMEcGA1UEBRNAOTFiYTI1MWJjNTI4YWI0NWE5OTA5
NjFiYTdkYjI5ODk3NzAxMjQyOTA1YzBjYmUxMjZiNWQ5YmFiYzQyNDcyMjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqGzRWB9c31L4+oxXgJqePMEx78Nw
6GudtVT/qRfSs6RMHAhvYQ9y8Kj+FC8sIsAAov3x8+g5D9WweuEv/5lOfuh7gEn6
K+E0qqrNTB6HXiDdS3tKEQ+6RRi6A5RcURUaD4B7VLPnlTxi+sI82hLZqEKB2RiO
EfwzWvvyjPh97PdSpWdqVBFEmZtpV4pSXQuHCSSd4sSLN+cHSEFo61tQzgKUypdu
2XhV/EReyeRwwcVOf0N0nTL+oeIw0q6pAcrF76dzhttPSGwB8XwyotfTMwXcL/lj
Hu3WuRqB7ICvXrL4YxMDWQOz4PCHXT+WZBlSy9ER4dyLo5YLZI7yEKvllQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFA7FAVTSggKf/1LG2/buXvrpGZ19MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzA4MTgxMTJiLTU4ZmEtNDIxYS04YmU5LWM0ZDE3YjI4YjY0Mi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9IgwDQYJKoZIhvcNAQELBQADggEBACsgCw7w7a1O7hKCjL2F
I/W3NBA31OPubitf+ux1moJfTQClKdWKC0c8Ez/W8E6irdzNdJws36By3xiW2lqm
Tx5x0fk6iRHpLP9lxXj3sogNsKKRl2PhUEv5Wn08eSt9bZtybjymVP03SpsbGyj3
GiS+jkt/yf/kc6O0LumprZxWAV1W6kK6tEztoJIRSy28M4195LrFw570DCZn8z2r
6JyNbIRv2r4etSmJAy/UvTNQ/DEtEFwFfKhBuDfck+ZvIWxOGdwZdYNEJggSeCBA
0HvcbuO7qCLPTiSz67HnTpBL+4xC7Fgc6lTddF09pj5ZLvRfa/rc8z8ME4BdzWgl
PA0=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:31:57 2025 by rpki-client