Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/085f913d-6f5b-47e4-8ad5-5a37d1473a41.roa
File: 085f913d-6f5b-47e4-8ad5-5a37d1473a41.roa (raw, json)
Hash identifier: 44wTKGPJnZDd6EnSGBXDFUPpqs1uD6TvoQax+AHF9zc=
Subject key identifier: B8:ED:7D:A4:41:87:7E:D4:6F:46:33:A6:0E:14:32:91:74:DC:96:D6
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 69797D909626B6319F03357A90C730DF91A92C65
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/085f913d-6f5b-47e4-8ad5-5a37d1473a41.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:b000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
69:79:7d:90:96:26:b6:31:9f:03:35:7a:90:c7:30:df:91:a9:2c:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7f:db:da:b0:a8:a8:7b:dc:9f:12:ef:08:6e:
90:4e:41:8e:53:b7:73:eb:8f:71:a0:30:d7:bd:fb:
64:e9:45:5c:4d:5d:a0:fd:a8:ae:f7:d1:55:82:3d:
b5:83:54:a1:bc:f4:3c:20:0a:1c:3e:e6:66:0e:98:
f6:50:b0:3d:80:91:2a:53:d1:f1:d0:67:08:68:ae:
95:7c:45:45:57:ad:8d:6b:4a:f9:2f:91:02:47:28:
18:2b:ab:42:35:e4:5c:86:38:80:8f:4a:a2:bb:14:
db:b4:7f:76:ae:a9:25:69:e3:ab:50:45:0b:b4:d4:
35:5c:51:c6:09:9d:53:c8:d5:f2:fa:4a:b4:52:cc:
56:b7:d8:c4:86:e9:2a:d4:f7:b4:4a:d2:0f:e8:46:
bb:99:3f:25:43:43:e6:f4:50:89:05:0a:30:86:4f:
a6:b8:60:35:ae:25:16:21:e4:4a:e4:78:97:56:4e:
6a:c9:b1:46:2d:19:7f:d8:d9:6d:97:b8:9e:a5:fc:
ad:bc:8b:c4:87:d2:73:47:c6:d2:aa:5b:d3:50:c9:
3c:d8:a8:38:3e:e2:a8:0a:ac:51:a3:aa:37:c6:7c:
17:4a:a6:63:98:27:49:a8:aa:8b:d3:87:d2:00:8a:
06:c2:ed:0c:0e:be:c6:6d:b6:fc:94:1a:2d:0a:f6:
a9:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:ED:7D:A4:41:87:7E:D4:6F:46:33:A6:0E:14:32:91:74:DC:96:D6
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/085f913d-6f5b-47e4-8ad5-5a37d1473a41.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:b000::/40
Signature Algorithm: sha256WithRSAEncryption
50:49:ab:85:d1:42:1b:4a:d5:cb:b6:43:8c:15:5e:75:e3:bd:
9e:07:8d:82:06:76:b8:e8:a9:d2:ad:28:ab:e7:73:2b:15:47:
84:c9:9b:de:8a:5a:ca:58:e2:05:b7:5a:78:04:cb:6e:1f:9a:
bd:79:af:97:ea:05:52:5f:3f:06:a2:ff:86:8f:0e:5a:d1:22:
2c:21:e5:ed:4d:34:2d:22:55:5f:dc:1c:ab:e2:6f:f9:cb:82:
49:cd:64:9a:97:07:79:62:11:9b:0a:a7:a5:57:9e:bd:bb:76:
03:e7:b9:76:a0:d2:c6:7a:67:e2:b1:7f:71:ca:db:35:f2:04:
ff:09:cf:0a:e6:b1:5b:bc:11:3e:25:8d:8b:de:4c:26:06:d7:
7d:9d:99:a1:1b:b1:f3:62:81:e0:42:2c:81:be:c0:9b:91:60:
bb:64:72:bb:ef:ea:9d:5d:94:1a:e1:c0:88:03:64:91:a4:58:
10:84:fa:ac:fc:89:5d:51:79:b8:3a:25:53:3d:24:8b:9f:ab:
af:69:a4:ec:d9:f0:7b:26:88:8c:39:c7:4e:30:fe:c2:7b:fb:
06:e0:7c:67:ea:c6:c2:86:7e:8c:a5:b8:69:8d:a8:74:4c:c3:
00:cb:5d:af:33:2e:00:22:82:7c:04:e9:fe:2f:a0:b4:9d:4a:
f6:4a:16:15
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUaXl9kJYmtjGfAzV6kMcw35GpLGUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAN2Y5MGUyMmY5YzBjOGY2OGIwZDg5
ODg5NjEzZDI1NTZlOTYyY2E4YjY2MjNkMjIwODUwN2VhMmNkZTY5YmIyZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu3/b2rCoqHvcnxLvCG6QTkGOU7dz
649xoDDXvftk6UVcTV2g/aiu99FVgj21g1ShvPQ8IAocPuZmDpj2ULA9gJEqU9Hx
0GcIaK6VfEVFV62Na0r5L5ECRygYK6tCNeRchjiAj0qiuxTbtH92rqklaeOrUEUL
tNQ1XFHGCZ1TyNXy+kq0UsxWt9jEhukq1Pe0StIP6Ea7mT8lQ0Pm9FCJBQowhk+m
uGA1riUWIeRK5HiXVk5qybFGLRl/2Nltl7iepfytvIvEh9JzR8bSqlvTUMk82Kg4
PuKoCqxRo6o3xnwXSqZjmCdJqKqL04fSAIoGwu0MDr7Gbbb8lBotCvaplQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLjtfaRBh37Ub0Yzpg4UMpF03JbWMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzA4NWY5MTNkLTZmNWItNDdlNC04YWQ1LTVhMzdkMTQ3M2E0MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8rAwDQYJKoZIhvcNAQELBQADggEBAFBJq4XRQhtK1cu2Q4wV
XnXjvZ4HjYIGdrjoqdKtKKvncysVR4TJm96KWspY4gW3WngEy24fmr15r5fqBVJf
Pwai/4aPDlrRIiwh5e1NNC0iVV/cHKvib/nLgknNZJqXB3liEZsKp6VXnr27dgPn
uXag0sZ6Z+Kxf3HK2zXyBP8JzwrmsVu8ET4ljYveTCYG132dmaEbsfNigeBCLIG+
wJuRYLtkcrvv6p1dlBrhwIgDZJGkWBCE+qz8iV1Rebg6JVM9JIufq69ppOzZ8Hsm
iIw5x04w/sJ7+wbgfGfqxsKGfoyluGmNqHRMwwDLXa8zLgAignwE6f4voLSdSvZK
FhU=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:49:57 2025 by rpki-client