Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/21c08c5d-0ef6-4aae-b410-bff2b7dc4d94.roa
File: 21c08c5d-0ef6-4aae-b410-bff2b7dc4d94.roa (raw, json)
Hash identifier: 9DxrvHAbRR8/lQL9ZULO7RpyIbIHkeVmnszcB1h/2qc=
Subject key identifier: E6:5E:1B:59:DC:B3:98:3A:43:6B:18:5A:DA:FD:9C:A4:B3:C6:1B:91
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0CAB0AADD029A469A6552D38931987F9F8EEB665
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/21c08c5d-0ef6-4aae-b410-bff2b7dc4d94.roa
Signing time: Wed 30 Jul 2025 00:41:30 +0000
ROA not before: Wed 30 Jul 2025 00:41:30 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:f0c0::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Jul 2025 18:24:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0c:ab:0a:ad:d0:29:a4:69:a6:55:2d:38:93:19:87:f9:f8:ee:b6:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:41:30 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=0d9b1bfa0f92c23c6e7f3983a7b212e8c4d60ab143146d5480781bff81df00b3, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:2c:9f:fc:a0:1e:74:ef:20:96:32:1d:51:7c:
89:67:71:88:01:a1:0e:c5:a3:87:78:46:c8:6e:4d:
1a:f7:d9:fc:d1:b2:47:6b:60:dc:5c:42:97:2f:2b:
09:20:29:bb:bb:9c:2c:cf:ab:98:c8:5f:c4:e7:72:
7e:56:e4:50:8e:d6:64:fd:45:06:ba:3d:24:46:8f:
11:80:0a:56:85:65:e5:c5:9d:d5:4c:42:e7:bc:39:
e5:14:a7:74:c1:b1:85:f4:be:e1:75:83:18:37:b6:
4c:e0:d9:ef:67:a7:5f:1d:d6:f7:81:0d:30:9f:7c:
48:68:dd:d7:03:cd:95:76:01:c4:42:ad:bb:18:d4:
c6:a6:c6:71:c7:03:43:7a:71:ad:3a:ef:67:2c:5f:
13:e3:79:4b:ce:28:ee:b5:7e:23:7b:5a:48:ff:4f:
85:36:08:c2:87:b1:01:7e:57:41:7e:69:5f:f2:00:
27:0d:fd:7b:d9:6f:e1:61:75:02:46:9a:5d:24:1a:
78:45:d0:42:30:3a:d8:b6:15:dc:74:b8:e6:49:a2:
52:43:58:d6:4c:7d:94:6b:75:f9:5e:d1:ef:cd:8d:
7f:f8:be:f3:91:1f:e3:32:b6:36:38:3c:d4:da:15:
3b:ea:31:1a:b0:9e:b9:2b:04:c1:72:4b:11:ca:04:
b4:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:5E:1B:59:DC:B3:98:3A:43:6B:18:5A:DA:FD:9C:A4:B3:C6:1B:91
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/21c08c5d-0ef6-4aae-b410-bff2b7dc4d94.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:f0c0::/46
Signature Algorithm: sha256WithRSAEncryption
70:53:b4:f3:05:0f:ff:cf:ae:78:0f:f1:ac:2c:1f:7b:bf:f3:
ed:65:5c:f9:d9:d8:3b:89:9f:df:80:fc:0f:2d:56:4f:f9:0f:
57:bf:09:4b:d9:27:5f:44:ca:cb:52:74:91:6e:86:65:99:03:
dc:9d:44:bf:e4:25:a5:7b:e6:68:2b:0c:d5:a4:b3:f6:76:f4:
1c:f0:68:ab:30:59:f6:07:3e:a3:e0:88:2d:f2:ed:a2:c1:9b:
36:8f:5a:84:f3:f0:49:cb:71:92:41:5e:80:0b:2a:32:81:1a:
3f:49:4e:48:62:08:4c:66:02:28:a5:ef:1f:cb:48:12:f6:28:
d5:10:06:e4:18:76:2e:41:2d:16:9d:72:fe:6e:e2:c0:54:de:
8f:00:d5:1d:84:86:fe:a8:c0:ed:cc:87:21:d6:2f:f6:9c:bc:
8d:f9:8d:26:00:f6:2f:5e:ea:28:1e:ae:7a:df:27:27:cf:ab:
da:49:7a:b8:c8:46:93:2c:9a:15:22:a6:4d:2d:99:08:f3:47:
7d:6c:7d:ce:d4:d7:8e:ac:96:47:e9:15:db:fe:2b:8c:39:25:
8a:67:7c:4d:3f:e4:50:b1:d8:c3:62:b7:da:ce:76:6d:ab:98:
27:0e:4f:99:f3:ee:7f:fc:fa:60:92:d6:4e:99:fc:49:dc:fd:
35:ff:26:4c
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUDKsKrdAppGmmVS04kxmH+fjutmUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDEzMFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMGQ5YjFiZmEwZjkyYzIzYzZlN2Yz
OTgzYTdiMjEyZThjNGQ2MGFiMTQzMTQ2ZDU0ODA3ODFiZmY4MWRmMDBiMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCyf/KAedO8gljIdUXyJZ3GIAaEO
xaOHeEbIbk0a99n80bJHa2DcXEKXLysJICm7u5wsz6uYyF/E53J+VuRQjtZk/UUG
uj0kRo8RgApWhWXlxZ3VTELnvDnlFKd0wbGF9L7hdYMYN7ZM4NnvZ6dfHdb3gQ0w
n3xIaN3XA82VdgHEQq27GNTGpsZxxwNDenGtOu9nLF8T43lLzijutX4je1pI/0+F
NgjCh7EBfldBfmlf8gAnDf172W/hYXUCRppdJBp4RdBCMDrYthXcdLjmSaJSQ1jW
TH2Ua3X5XtHvzY1/+L7zkR/jMrY2ODzU2hU76jEasJ65KwTBcksRygS0sQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOZeG1ncs5g6Q2sYWtr9nKSzxhuRMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzIxYzA4YzVkLTBlZjYtNGFhZS1iNDEwLWJmZjJiN2RjNGQ5NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba9/DAMA0GCSqGSIb3DQEBCwUAA4IBAQBwU7TzBQ//z654D/Gs
LB97v/PtZVz52dg7iZ/fgPwPLVZP+Q9XvwlL2SdfRMrLUnSRboZlmQPcnUS/5CWl
e+ZoKwzVpLP2dvQc8GirMFn2Bz6j4Igt8u2iwZs2j1qE8/BJy3GSQV6ACyoygRo/
SU5IYghMZgIope8fy0gS9ijVEAbkGHYuQS0WnXL+buLAVN6PANUdhIb+qMDtzIch
1i/2nLyN+Y0mAPYvXuooHq563ycnz6vaSXq4yEaTLJoVIqZNLZkI80d9bH3O1NeO
rJZH6RXb/iuMOSWKZ3xNP+RQsdjDYrfaznZtq5gnDk+Z8+5//PpgktZOmfxJ3P01
/yZM
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:02:11 2025 by rpki-client