
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa
File: 289cedd6-78dc-4ef5-9358-e95987fd7c36.roa (raw, json)
Hash identifier: rfjTDyf1LHpw0hpBahNj5BLpZiElnjbENS3VsZQM7vQ=
Subject key identifier: 4F:10:71:F7:4F:54:50:E4:02:93:BC:E2:28:B7:6C:36:48:4F:6C:3A
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 22FDFA6EA8F7D732CC14D7AB65F37F2708DC7031
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa
Signing time: Wed 30 Jul 2025 00:50:52 +0000
ROA not before: Wed 30 Jul 2025 00:50:52 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:2080::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Jul 2025 18:37:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
22:fd:fa:6e:a8:f7:d7:32:cc:14:d7:ab:65:f3:7f:27:08:dc:70:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:50:52 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=0911aa3c40a2f4a30160d60964bbdde8d2b1a2c3d6f973fbd540b97586da93ec, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:91:11:1b:77:0f:45:51:45:41:35:16:df:7d:ca:
8e:94:74:b7:62:dd:97:12:cb:b7:62:fe:26:d4:22:
4c:e8:6d:35:88:64:4f:74:b5:c9:a6:91:7f:42:f5:
5b:2a:0a:2a:c7:4f:b5:8a:74:e2:66:6a:94:5a:e1:
78:1e:ae:cb:25:29:71:86:e0:f2:6b:86:02:28:5f:
da:f4:9c:86:1e:30:64:3b:71:0d:7d:0a:5f:e4:05:
3d:72:b0:6a:12:ca:1a:10:21:61:d4:72:8b:83:f5:
c8:f2:0c:e5:73:f1:49:7d:0c:5b:cd:0a:93:db:17:
78:8b:37:d0:d5:ff:99:c8:f3:53:82:86:f1:65:48:
30:85:cc:4d:1e:85:9c:4b:72:13:b7:ec:96:89:47:
11:a1:34:1e:0a:cd:24:c6:c6:f6:65:b9:54:56:73:
16:e7:6a:3b:52:64:dd:2d:c7:1c:22:7b:cd:67:f5:
93:b8:24:09:5f:a3:1f:4f:29:a0:60:7f:dd:e7:95:
8e:91:6e:ba:c8:6d:ca:93:d6:63:bd:fb:8a:36:f0:
80:d2:20:a1:0d:54:f9:2f:ce:b2:ad:94:9e:3d:71:
38:9c:41:8c:5d:c4:7f:63:46:5c:38:d4:86:2f:df:
f9:51:64:db:67:cf:d2:c8:1e:c3:e3:05:68:b3:66:
7f:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4F:10:71:F7:4F:54:50:E4:02:93:BC:E2:28:B7:6C:36:48:4F:6C:3A
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/289cedd6-78dc-4ef5-9358-e95987fd7c36.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:2080::/46
Signature Algorithm: sha256WithRSAEncryption
06:8a:a4:25:cf:53:f2:2d:f7:bf:dc:29:c3:b8:35:1d:0d:4c:
2c:59:9d:86:dc:e6:86:b0:61:8f:a4:6c:1f:1d:7a:45:02:31:
77:08:d8:65:4b:3c:fe:67:92:75:fc:11:df:c4:ed:08:93:18:
95:45:8f:bc:7f:66:d1:ba:5b:fe:15:0a:11:ca:09:e5:bd:08:
8c:c9:2a:9b:e4:4d:92:ff:52:4b:1b:51:52:ac:b1:6b:aa:c3:
19:3b:f6:24:c5:03:b8:77:a1:ad:02:86:60:4b:37:b9:39:40:
be:62:77:03:48:5c:31:03:40:f1:f8:54:a9:92:ea:e8:a3:4e:
46:ca:d9:d5:f1:40:c6:4b:14:d0:49:cf:90:64:73:a9:da:13:
de:4d:6d:c8:d5:61:5e:fb:1d:cf:1f:ea:19:24:3c:4e:10:15:
74:16:10:13:95:09:d4:84:51:94:20:79:53:b5:b7:89:7c:93:
96:e6:25:20:76:9c:76:45:17:8c:64:6b:ea:65:28:f0:51:62:
a7:04:de:bb:30:47:bd:72:18:2e:5a:f5:b0:90:8c:23:9f:e2:
5a:d1:5f:21:9e:4d:ca:2a:b8:4a:62:2b:5c:33:19:40:9c:ce:
68:08:00:e9:ff:50:2c:b7:13:54:75:7b:44:e5:db:6a:6e:ed:
31:dc:05:fd
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUIv36bqj31zLMFNerZfN/JwjccDEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNTA1MloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMDkxMWFhM2M0MGEyZjRhMzAxNjBk
NjA5NjRiYmRkZThkMmIxYTJjM2Q2Zjk3M2ZiZDU0MGI5NzU4NmRhOTNlYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkREbdw9FUUVBNRbffcqOlHS3Yt2X
Esu3Yv4m1CJM6G01iGRPdLXJppF/QvVbKgoqx0+1inTiZmqUWuF4Hq7LJSlxhuDy
a4YCKF/a9JyGHjBkO3ENfQpf5AU9crBqEsoaECFh1HKLg/XI8gzlc/FJfQxbzQqT
2xd4izfQ1f+ZyPNTgobxZUgwhcxNHoWcS3ITt+yWiUcRoTQeCs0kxsb2ZblUVnMW
52o7UmTdLcccInvNZ/WTuCQJX6MfTymgYH/d55WOkW66yG3Kk9ZjvfuKNvCA0iCh
DVT5L86yrZSePXE4nEGMXcR/Y0ZcONSGL9/5UWTbZ8/SyB7D4wVos2Z/nQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFE8QcfdPVFDkApO84ii3bDZIT2w6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzI4OWNlZGQ2LTc4ZGMtNGVmNS05MzU4LWU5NTk4N2ZkN2MzNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+yCAMA0GCSqGSIb3DQEBCwUAA4IBAQAGiqQlz1PyLfe/3CnD
uDUdDUwsWZ2G3OaGsGGPpGwfHXpFAjF3CNhlSzz+Z5J1/BHfxO0IkxiVRY+8f2bR
ulv+FQoRygnlvQiMySqb5E2S/1JLG1FSrLFrqsMZO/YkxQO4d6GtAoZgSze5OUC+
YncDSFwxA0Dx+FSpkuroo05GytnV8UDGSxTQSc+QZHOp2hPeTW3I1WFe+x3PH+oZ
JDxOEBV0FhATlQnUhFGUIHlTtbeJfJOW5iUgdpx2RReMZGvqZSjwUWKnBN67MEe9
chguWvWwkIwjn+Ja0V8hnk3KKrhKYitcMxlAnM5oCADp/1AstxNUdXtE5dtqbu0x
3AX9
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:03:57 2025 by rpki-client