Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ab5692b-d5ea-4f3b-a303-37d2c4c9927c.roa
File: 1ab5692b-d5ea-4f3b-a303-37d2c4c9927c.roa (raw, json)
Hash identifier: 6ZocgWstOfnsVlw7BoXt9D1OC2i/8vAO+2uKnXdA7xQ=
Subject key identifier: E9:22:B4:B3:4F:0D:85:3B:61:22:09:B4:E8:0A:93:04:2A:D9:4E:AA
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 147D2673F5B080A877DDCDAA035E769513D0099A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ab5692b-d5ea-4f3b-a303-37d2c4c9927c.roa
Signing time: Mon 12 May 2025 15:01:07 +0000
ROA not before: Mon 12 May 2025 15:01:07 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dabb:7000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 20:07:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:7d:26:73:f5:b0:80:a8:77:dd:cd:aa:03:5e:76:95:13:d0:09:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: May 12 15:01:07 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=35495bc6406c1de193f1dfe43f2c469dcdd0bee01a063fe28b9f7ee90368c9df, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:18:fd:48:58:47:7f:0d:04:0d:30:f7:c5:59:
fc:98:01:2c:f0:23:e8:af:d1:d8:71:e9:d9:49:89:
0b:7e:39:2b:01:5b:ed:28:92:25:09:b7:da:47:39:
89:88:ef:b4:1e:29:ff:48:67:ee:8e:30:b0:bb:cd:
c1:90:5f:d4:a2:a5:36:50:6f:a8:f2:75:8a:51:91:
ee:d1:fd:79:2e:56:5c:aa:07:63:2b:53:8b:5c:07:
4a:f8:df:0f:d5:4a:88:d2:40:14:74:5f:b0:59:b5:
0a:02:77:5f:66:07:4f:5f:ab:0e:08:44:2b:81:2d:
db:3d:67:b8:23:07:ce:07:8d:56:64:14:80:37:ab:
54:a8:65:17:8a:14:ff:07:1d:f6:4b:ca:75:a2:78:
ae:85:74:89:39:35:82:eb:ae:e8:5c:fc:32:cd:90:
80:88:6e:e1:7e:8c:9e:58:08:84:ba:06:65:e0:b9:
10:44:ee:95:78:ce:ca:fd:b7:3e:20:88:16:b1:b8:
6d:ad:da:cb:05:63:dd:dd:fe:c2:e5:a2:0f:b2:84:
6b:54:5a:87:60:66:a7:69:cd:a4:f7:f5:d5:1d:10:
10:77:74:a8:30:9b:00:29:c9:12:71:70:07:4c:bc:
67:29:c9:4c:04:ef:e8:ac:6d:ea:f8:03:fc:45:2d:
58:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:22:B4:B3:4F:0D:85:3B:61:22:09:B4:E8:0A:93:04:2A:D9:4E:AA
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/1ab5692b-d5ea-4f3b-a303-37d2c4c9927c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dabb:7000::/40
Signature Algorithm: sha256WithRSAEncryption
24:90:e5:18:d6:dc:c8:b5:41:2d:6e:db:2f:12:63:18:64:a2:
06:33:f0:e1:47:ea:12:69:0b:5e:1a:d8:48:c9:f2:72:90:16:
18:8b:ee:50:95:76:05:8b:1c:a9:96:05:72:93:96:0a:ed:bd:
f0:0f:da:c8:f0:2c:be:40:e4:58:0e:f9:7c:34:72:de:9e:43:
c8:86:ee:ca:73:0c:69:b3:3d:bb:25:2a:85:24:55:76:fd:15:
c3:92:08:1c:b5:b8:60:d1:2b:03:cc:8f:70:c8:34:f6:36:08:
e9:82:e5:b9:3c:53:8f:fe:3e:e2:e7:3b:6d:fe:70:d5:75:35:
44:56:e3:f3:66:20:25:97:48:b2:b6:3f:22:88:06:d2:52:a6:
56:c9:5d:2e:8f:47:0e:6e:b0:2e:c5:9b:c1:9e:29:0e:c3:0e:
b7:e3:ae:0f:1f:ab:4d:fc:a4:51:81:a8:84:c0:25:d3:d4:f0:
06:20:d1:26:fb:9b:28:38:62:d1:53:55:04:d9:b9:76:06:c4:
a3:38:28:62:d7:ad:13:c4:84:07:39:c1:21:9e:b7:ae:d7:00:
3b:ff:84:bb:22:6c:2c:43:c1:f6:61:a8:c4:ba:3c:9f:54:20:
59:ab:93:c8:77:ac:e5:0e:32:d0:e8:be:90:04:2c:ac:c9:eb:
0f:c9:ef:04
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFH0mc/WwgKh33c2qA152lRPQCZowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MDEwN1oX
DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNAMzU0OTViYzY0MDZjMWRlMTkzZjFk
ZmU0M2YyYzQ2OWRjZGQwYmVlMDFhMDYzZmUyOGI5ZjdlZTkwMzY4YzlkZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzhj9SFhHfw0EDTD3xVn8mAEs8CPo
r9HYcenZSYkLfjkrAVvtKJIlCbfaRzmJiO+0Hin/SGfujjCwu83BkF/UoqU2UG+o
8nWKUZHu0f15LlZcqgdjK1OLXAdK+N8P1UqI0kAUdF+wWbUKAndfZgdPX6sOCEQr
gS3bPWe4IwfOB41WZBSAN6tUqGUXihT/Bx32S8p1oniuhXSJOTWC667oXPwyzZCA
iG7hfoyeWAiEugZl4LkQRO6VeM7K/bc+IIgWsbhtrdrLBWPd3f7C5aIPsoRrVFqH
YGanac2k9/XVHRAQd3SoMJsAKckScXAHTLxnKclMBO/orG3q+AP8RS1YTQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOkitLNPDYU7YSIJtOgKkwQq2U6qMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzFhYjU2OTJiLWQ1ZWEtNGYzYi1hMzAzLTM3ZDJjNGM5OTI3Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbau3AwDQYJKoZIhvcNAQELBQADggEBACSQ5RjW3Mi1QS1u2y8S
YxhkogYz8OFH6hJpC14a2EjJ8nKQFhiL7lCVdgWLHKmWBXKTlgrtvfAP2sjwLL5A
5FgO+Xw0ct6eQ8iG7spzDGmzPbslKoUkVXb9FcOSCBy1uGDRKwPMj3DINPY2COmC
5bk8U4/+PuLnO23+cNV1NURW4/NmICWXSLK2PyKIBtJSplbJXS6PRw5usC7Fm8Ge
KQ7DDrfjrg8fq038pFGBqITAJdPU8AYg0Sb7myg4YtFTVQTZuXYGxKM4KGLXrRPE
hAc5wSGet67XADv/hLsibCxDwfZhqMS6PJ9UIFmrk8h3rOUOMtDovpAELKzJ6w/J
7wQ=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:13:52 2025 by rpki-client