Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0b48b67a-8f34-4df2-a885-fa74261d3552.roa
File: 0b48b67a-8f34-4df2-a885-fa74261d3552.roa (raw, json)
Hash identifier: RIPjEvI10E1CnRimNQFvMB7oDQa3LfTG3WLE3iEqC/A=
Subject key identifier: DC:C6:87:99:1D:D0:54:FA:8F:DB:4E:FD:91:DD:AB:15:C8:CE:78:76
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2FCBDFE52EEC99A2ABBFBC712DF491626A810BCE
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0b48b67a-8f34-4df2-a885-fa74261d3552.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:2000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 19:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:cb:df:e5:2e:ec:99:a2:ab:bf:bc:71:2d:f4:91:62:6a:81:0b:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3a:52:41:96:e6:bd:97:96:57:95:ca:b6:98:
c9:fd:89:5d:01:23:7c:f2:3b:b9:21:f2:6e:d3:ad:
26:d9:67:f8:c8:15:58:58:d1:9b:72:ea:98:42:ca:
69:a2:7b:8e:c0:43:6f:0e:a5:2e:05:d1:3a:01:26:
92:8f:bd:0d:91:5b:03:d7:9b:d3:a6:28:15:f6:86:
11:7b:f1:c2:35:9c:ec:49:94:06:1e:a0:c6:e7:fe:
71:d8:df:ef:65:25:89:e7:4e:05:49:11:df:ad:c4:
73:1c:c2:36:82:d9:81:6b:dc:e6:ee:d8:5b:87:68:
9a:5f:4f:cb:5d:7a:3d:79:d7:6a:d4:b6:d7:c8:6f:
47:40:24:d7:1f:2b:6b:87:79:b5:9b:76:0d:4b:71:
f5:36:3a:c4:63:3e:5b:04:8d:3d:d6:22:66:eb:b1:
2d:d9:e4:ed:32:90:df:60:a7:d8:01:07:5b:1b:4e:
9e:1f:ad:27:8b:02:f1:b9:6c:0a:de:14:54:48:1c:
b1:e6:cf:db:05:b8:a1:96:dc:42:20:6e:b0:ca:49:
f1:97:34:b0:f3:36:2b:f6:f8:81:f2:53:f2:87:85:
05:a6:05:15:78:11:39:03:4a:2c:ec:ba:c9:68:22:
ba:e6:6d:d5:7d:36:41:04:f9:02:ae:e6:7c:a0:d7:
2a:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DC:C6:87:99:1D:D0:54:FA:8F:DB:4E:FD:91:DD:AB:15:C8:CE:78:76
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/0b48b67a-8f34-4df2-a885-fa74261d3552.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:2000::/40
Signature Algorithm: sha256WithRSAEncryption
8e:94:29:f4:eb:b0:42:00:0f:c2:8d:d8:c3:f5:28:79:da:3b:
8a:a2:4c:30:15:03:8c:d1:7c:a9:4d:f7:5a:6a:42:56:2b:82:
9a:fc:21:89:54:35:8c:9f:ea:db:43:7f:11:7c:f9:32:8e:ba:
e8:0b:cc:66:8e:bc:64:76:aa:df:e8:08:41:68:44:88:98:45:
b6:60:26:e7:e6:7d:69:3b:43:2c:f7:06:9c:b2:ac:85:2b:64:
23:3b:51:7b:9f:34:fc:a5:11:d2:ac:a7:b6:b2:b5:84:48:f0:
01:80:39:3f:93:22:6d:3f:76:94:6c:32:d3:7b:d1:99:51:97:
e3:f4:46:7e:ef:9e:eb:e0:b2:60:e4:51:9d:08:9a:e8:26:7e:
96:d3:e8:01:28:59:ea:88:a5:92:17:30:8a:58:f0:bb:24:a1:
62:ca:f0:a5:f5:83:2e:44:95:3f:19:2c:ab:ee:47:8d:81:55:
00:a5:d6:eb:28:43:03:eb:b6:40:54:36:67:77:b2:4a:2a:15:
25:85:dc:07:3f:a8:c4:fe:63:16:b7:61:d4:7c:73:c2:b2:83:
84:08:2a:e7:37:3b:04:6d:80:e2:7e:a2:64:1f:36:42:2c:0c:
50:a9:d5:ac:6a:33:4a:a0:f7:79:6b:8c:ba:f8:f4:35:55:d2:
9d:b9:36:ca
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUL8vf5S7smaKrv7xxLfSRYmqBC84wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYmQ5YWRlMWQ1YzhjNWE4ODcwN2Vk
YjJhMDBiZTIzN2EzYzEyZjc0Y2Y3NTE3ZDI1MzViNTQzMDllNjIwYmViMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkDpSQZbmvZeWV5XKtpjJ/YldASN8
8ju5IfJu060m2Wf4yBVYWNGbcuqYQspponuOwENvDqUuBdE6ASaSj70NkVsD15vT
pigV9oYRe/HCNZzsSZQGHqDG5/5x2N/vZSWJ504FSRHfrcRzHMI2gtmBa9zm7thb
h2iaX0/LXXo9eddq1LbXyG9HQCTXHytrh3m1m3YNS3H1NjrEYz5bBI091iJm67Et
2eTtMpDfYKfYAQdbG06eH60niwLxuWwK3hRUSByx5s/bBbihltxCIG6wyknxlzSw
8zYr9viB8lPyh4UFpgUVeBE5A0os7LrJaCK65m3VfTZBBPkCruZ8oNcq2wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNzGh5kd0FT6j9tO/ZHdqxXIznh2MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzBiNDhiNjdhLThmMzQtNGRmMi1hODg1LWZhNzQyNjFkMzU1Mi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+yAwDQYJKoZIhvcNAQELBQADggEBAI6UKfTrsEIAD8KN2MP1
KHnaO4qiTDAVA4zRfKlN91pqQlYrgpr8IYlUNYyf6ttDfxF8+TKOuugLzGaOvGR2
qt/oCEFoRIiYRbZgJufmfWk7Qyz3BpyyrIUrZCM7UXufNPylEdKsp7aytYRI8AGA
OT+TIm0/dpRsMtN70ZlRl+P0Rn7vnuvgsmDkUZ0ImugmfpbT6AEoWeqIpZIXMIpY
8LskoWLK8KX1gy5ElT8ZLKvuR42BVQCl1usoQwPrtkBUNmd3skoqFSWF3Ac/qMT+
Yxa3YdR8c8Kyg4QIKuc3OwRtgOJ+omQfNkIsDFCp1axqM0qg93lrjLr49DVV0p25
Nso=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:05:13 2025 by rpki-client