Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/14e739f6-8650-4583-96ca-2f090de0cc47.roa
File: 14e739f6-8650-4583-96ca-2f090de0cc47.roa (raw, json)
Hash identifier: 2LBOUstpgyV4ce8bfGwS+YiST6ZL0N5RZzH1FWu15iQ=
Subject key identifier: EC:90:91:BB:3C:CA:11:20:3E:F1:C7:E7:1A:11:99:E0:58:E9:BD:BA
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 31303CA08FD47D2246E76DF0CEA7AFE75BDEE79B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/14e739f6-8650-4583-96ca-2f090de0cc47.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:f000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 19:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:30:3c:a0:8f:d4:7d:22:46:e7:6d:f0:ce:a7:af:e7:5b:de:e7:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:fd:b9:56:43:77:1f:04:94:c7:b6:d4:ec:ad:
c1:37:b3:26:04:ef:82:ff:b1:c3:20:1f:3c:89:71:
3a:93:62:02:d7:80:ed:66:83:d2:1e:f7:a3:39:66:
c4:8f:73:e8:8e:9f:9e:ab:10:e2:80:ec:6c:79:a4:
59:94:b7:bc:5e:ff:b2:1d:81:61:06:28:5c:ad:08:
b3:dc:3e:f5:d0:51:56:c5:1a:25:a5:c7:82:7f:a5:
ac:38:9f:4a:1f:65:48:02:9f:8c:d1:58:1d:e5:18:
ba:1b:34:ca:64:86:b6:e2:37:51:3c:ec:b0:2e:1a:
f8:86:1f:af:27:03:f4:7f:9a:9b:34:5e:cd:d1:ad:
f0:36:97:1d:5a:4d:c1:65:e2:b7:e2:78:d1:4d:39:
b0:bb:dc:13:d9:10:3d:cf:7b:c2:f3:15:d4:05:7a:
5c:87:34:32:0f:b9:ee:76:2a:82:db:1d:bc:ee:60:
e1:24:88:3f:12:e4:01:19:3f:b7:69:91:f2:e3:cc:
98:d4:dd:cb:f8:36:19:37:93:af:d5:94:ac:27:14:
93:5f:66:80:fa:55:c3:db:3d:1e:8c:f5:67:a8:5d:
8b:ed:b6:a6:4c:ae:60:02:f6:b5:ce:b7:9e:11:74:
bb:bf:37:3d:3c:01:bf:09:4c:1a:f6:8d:61:22:58:
d1:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:90:91:BB:3C:CA:11:20:3E:F1:C7:E7:1A:11:99:E0:58:E9:BD:BA
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/14e739f6-8650-4583-96ca-2f090de0cc47.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:f000::/40
Signature Algorithm: sha256WithRSAEncryption
14:e1:85:4d:b8:70:99:ad:65:b8:35:cf:b1:f1:6c:c9:cb:e3:
ac:1e:41:f8:c4:4e:19:9f:ed:63:8b:71:4c:85:08:50:66:be:
25:19:b0:e4:fd:70:ab:16:5d:d3:37:c9:d6:5a:cd:92:70:88:
18:84:fd:8c:09:54:6f:62:11:c2:25:8c:61:5c:6b:a7:af:52:
03:b6:b4:3c:f6:34:ea:ca:26:0c:0b:e7:b0:fa:fb:af:ec:0f:
30:67:3f:1e:53:95:1c:d3:a7:f1:d2:4a:3d:3f:69:ab:c3:2c:
a1:37:32:7d:7a:25:03:e3:7f:65:9d:ab:b1:0f:ed:26:28:ea:
20:00:30:d4:c3:cb:98:8d:8e:10:36:8e:b4:ea:be:d7:ec:92:
bf:e5:68:c2:3e:58:84:87:7b:0c:fd:54:8e:80:9e:f3:02:fa:
4f:48:30:fa:e6:21:bb:c9:3f:9d:be:a0:ab:d8:51:09:5f:8d:
b8:fa:d3:32:ac:a6:82:0f:91:dc:49:e0:3b:7f:f2:e6:f7:d3:
be:49:a7:40:35:2c:ac:05:a7:6f:e8:dd:08:da:7d:a3:57:17:
e1:0b:a7:e7:98:be:be:aa:bd:dc:65:da:6b:be:24:5f:13:65:
79:42:03:77:0e:62:2f:17:da:16:18:24:fe:43:45:0a:62:ee:
27:94:dc:1f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUMTA8oI/UfSJG523wzqev51ve55swDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANzVmNTBiYzU0NWQ2ZGJjYzE2YmI4
ZDlmNjY2ZTBiNzJlOGUzOGM0YzBmOWU2NzI5ODU0MjAxMzcyY2NiMjU5MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiv25VkN3HwSUx7bU7K3BN7MmBO+C
/7HDIB88iXE6k2IC14DtZoPSHvejOWbEj3Pojp+eqxDigOxseaRZlLe8Xv+yHYFh
BihcrQiz3D710FFWxRolpceCf6WsOJ9KH2VIAp+M0Vgd5Ri6GzTKZIa24jdRPOyw
Lhr4hh+vJwP0f5qbNF7N0a3wNpcdWk3BZeK34njRTTmwu9wT2RA9z3vC8xXUBXpc
hzQyD7nudiqC2x287mDhJIg/EuQBGT+3aZHy48yY1N3L+DYZN5Ov1ZSsJxSTX2aA
+lXD2z0ejPVnqF2L7bamTK5gAva1zreeEXS7vzc9PAG/CUwa9o1hIljRKwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOyQkbs8yhEgPvHH5xoRmeBY6b26MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzE0ZTczOWY2LTg2NTAtNDU4My05NmNhLTJmMDkwZGUwY2M0Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9/AwDQYJKoZIhvcNAQELBQADggEBABThhU24cJmtZbg1z7Hx
bMnL46weQfjEThmf7WOLcUyFCFBmviUZsOT9cKsWXdM3ydZazZJwiBiE/YwJVG9i
EcIljGFca6evUgO2tDz2NOrKJgwL57D6+6/sDzBnPx5TlRzTp/HSSj0/aavDLKE3
Mn16JQPjf2Wdq7EP7SYo6iAAMNTDy5iNjhA2jrTqvtfskr/laMI+WISHewz9VI6A
nvMC+k9IMPrmIbvJP52+oKvYUQlfjbj60zKspoIPkdxJ4Dt/8ub3075Jp0A1LKwF
p2/o3QjafaNXF+ELp+eYvr6qvdxl2mu+JF8TZXlCA3cOYi8X2hYYJP5DRQpi7ieU
3B8=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:03:59 2025 by rpki-client