Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/095aabaa-12a1-42c0-aeb7-99712365104e.roa
File: 095aabaa-12a1-42c0-aeb7-99712365104e.roa (raw, json)
Hash identifier: U7vsQq3WpIEV7+Sdbe0y2YN99n9nZ73g+QDakTWPCtM=
Subject key identifier: 0C:20:11:10:BD:57:AD:DD:50:59:6A:34:D7:6F:B3:8B:E9:CD:8D:F3
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2E25F19BABD6B0CA3064E7BFD6EA3608662B0D91
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/095aabaa-12a1-42c0-aeb7-99712365104e.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:2800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:21:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:25:f1:9b:ab:d6:b0:ca:30:64:e7:bf:d6:ea:36:08:66:2b:0d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:aa:86:5d:84:25:22:aa:7e:73:91:3f:ba:19:
ef:32:7c:db:80:a0:e4:39:d4:74:87:9f:5f:77:50:
36:e5:ee:d2:e4:79:45:a6:0a:b8:ca:49:f2:29:8f:
75:3a:be:17:e6:6d:42:b7:a0:1d:3f:15:fd:48:37:
44:72:3e:73:89:96:72:54:1c:69:a2:72:3a:b2:62:
7b:6f:a2:c8:b1:62:44:c6:33:be:1e:38:a5:3f:33:
84:6f:cc:03:f6:d3:e4:e4:33:8e:6a:ba:58:c9:5f:
89:69:a3:9c:f5:49:4e:99:d1:7a:a9:8f:a9:73:c9:
25:5c:05:ee:4a:e0:17:44:f1:78:1f:38:5c:c2:92:
d4:22:2d:0f:f3:9b:9c:a1:5b:69:45:b3:9d:d7:1e:
b3:98:11:f6:e2:4a:74:5b:e7:32:85:cc:d5:a2:8a:
7e:4e:16:f2:99:5b:a1:cc:fd:f1:75:5d:de:4d:93:
9b:04:26:94:d3:b2:9b:81:bc:73:04:5e:6a:92:ab:
11:c3:24:b3:92:30:48:da:96:a9:d7:84:25:9c:1e:
6c:a5:f9:1d:47:33:19:fd:68:9f:87:e7:f1:1e:09:
62:78:23:9d:14:dc:bd:85:8d:26:53:bb:f2:26:7f:
ec:2e:16:d1:6d:06:c5:54:df:d2:c5:74:6f:ca:7c:
2d:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:20:11:10:BD:57:AD:DD:50:59:6A:34:D7:6F:B3:8B:E9:CD:8D:F3
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/095aabaa-12a1-42c0-aeb7-99712365104e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:2800::/40
Signature Algorithm: sha256WithRSAEncryption
18:20:34:a8:bb:a9:19:3b:16:5d:b7:e4:3a:60:44:31:ff:59:
c0:8a:76:b2:e7:0f:c4:02:8e:c0:46:5a:a4:6f:1f:f4:a5:21:
95:22:23:cf:0a:67:bf:4d:12:8d:37:1f:79:fd:e1:f4:3f:34:
9a:84:2c:f4:95:7c:70:62:50:c5:6a:d6:ee:9c:ca:08:80:f4:
9e:f6:17:f2:27:e6:88:c8:c8:7b:5a:9d:f1:c4:67:29:2e:06:
05:c5:38:6e:df:3e:a5:6a:be:25:44:3f:e2:8a:25:fb:01:00:
b5:c6:3c:9d:4f:cb:77:ad:6c:58:70:41:e4:c6:ae:fc:46:c5:
33:b0:08:9e:7b:50:e7:8d:5a:36:de:28:65:59:a4:a0:77:f0:
72:92:79:5b:6c:7f:12:2b:f9:0b:78:de:e4:1b:01:e8:d4:b0:
df:06:04:19:b4:c3:d4:df:b9:15:57:15:c1:a9:f8:36:29:d0:
ad:f2:6d:7f:6c:e6:52:f2:66:ea:a5:da:57:b6:8f:95:29:d8:
a2:8c:03:8b:59:1c:05:f0:10:73:8e:3f:d6:b0:1a:72:92:d4:
be:39:82:78:56:ee:d5:34:7d:ce:86:72:a1:a0:5f:49:98:bb:
f0:8f:b5:6c:7e:70:7d:5d:7d:57:a9:4c:14:79:5e:ba:7b:4b:
98:b1:b2:73
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIULiXxm6vWsMowZOe/1uo2CGYrDZEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANDRmZmZiMTU0Mjk4OTcyNjM3MTNh
MWM4NzQxNTJlNDU3MWJiMTc1ZTY3YTQzOGY5NTg3YWE2MTNiYmMyOTMzOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxKqGXYQlIqp+c5E/uhnvMnzbgKDk
OdR0h59fd1A25e7S5HlFpgq4yknyKY91Or4X5m1Ct6AdPxX9SDdEcj5ziZZyVBxp
onI6smJ7b6LIsWJExjO+HjilPzOEb8wD9tPk5DOOarpYyV+JaaOc9UlOmdF6qY+p
c8klXAXuSuAXRPF4HzhcwpLUIi0P85ucoVtpRbOd1x6zmBH24kp0W+cyhczVoop+
ThbymVuhzP3xdV3eTZObBCaU07KbgbxzBF5qkqsRwySzkjBI2pap14QlnB5spfkd
RzMZ/Wifh+fxHglieCOdFNy9hY0mU7vyJn/sLhbRbQbFVN/SxXRvynwt7wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAwgERC9V63dUFlqNNdvs4vpzY3zMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzA5NWFhYmFhLTEyYTEtNDJjMC1hZWI3LTk5NzEyMzY1MTA0ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9CgwDQYJKoZIhvcNAQELBQADggEBABggNKi7qRk7Fl235Dpg
RDH/WcCKdrLnD8QCjsBGWqRvH/SlIZUiI88KZ79NEo03H3n94fQ/NJqELPSVfHBi
UMVq1u6cygiA9J72F/In5ojIyHtanfHEZykuBgXFOG7fPqVqviVEP+KKJfsBALXG
PJ1Py3etbFhwQeTGrvxGxTOwCJ57UOeNWjbeKGVZpKB38HKSeVtsfxIr+Qt43uQb
AejUsN8GBBm0w9TfuRVXFcGp+DYp0K3ybX9s5lLyZuql2le2j5Up2KKMA4tZHAXw
EHOOP9awGnKS1L45gnhW7tU0fc6GcqGgX0mYu/CPtWx+cH1dfVepTBR5Xrp7S5ix
snM=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:54:34 2025 by rpki-client