Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa
File: 2b4adb97-a33f-485c-865b-badaa1f9c897.roa (raw, json)
Hash identifier: 5joh9vK4EF4jFNCHKBTtAGmokqI/lN6GC7En6jTZ5jU=
Subject key identifier: 89:46:39:0C:E9:72:FF:84:2C:33:B7:3A:80:90:5B:98:9D:FA:99:66
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 15C940F32D22DFAFE49585697224D9BF5783154D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:b000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:10:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
15:c9:40:f3:2d:22:df:af:e4:95:85:69:72:24:d9:bf:57:83:15:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:12:cb:71:f9:ca:1c:45:e4:54:ea:cb:ca:fc:
7f:f9:55:9a:f2:0e:9e:a6:38:d8:4c:47:57:36:43:
9d:48:a3:0e:ee:6e:ea:c1:c8:73:07:98:36:14:fa:
3f:ac:09:92:07:c9:89:5c:06:e4:b4:84:2d:3b:75:
19:78:76:cb:c8:6d:ba:84:31:e2:e4:04:1c:4b:30:
bd:2a:d8:e8:ed:c5:67:77:87:0d:f6:3e:a0:e7:3e:
5b:30:e7:18:5c:8f:62:88:5a:04:9d:3c:68:8d:b7:
f6:36:48:9a:9a:ec:39:20:3d:01:c9:1f:08:fc:39:
35:f2:64:69:de:78:2c:3e:c9:be:4d:d6:d9:84:10:
16:57:04:99:f6:28:a7:93:59:a2:e0:51:77:1e:40:
a1:a0:10:88:1c:6b:f9:39:b8:bf:1a:39:91:26:3d:
16:64:08:6f:f8:01:36:2b:ff:65:41:43:29:2f:0a:
1e:26:fa:a7:b2:7b:2e:b4:11:bb:9e:ed:32:cb:4e:
a2:ca:8b:64:8f:ff:5f:e4:1d:86:c4:c7:0a:46:02:
33:80:80:1c:04:e4:7b:e9:87:a9:5d:a9:4f:ee:d7:
a5:33:4c:a9:ec:18:c7:20:6f:45:1e:79:05:82:17:
70:d5:0e:4b:ff:ef:1c:da:51:31:9a:92:1f:de:3f:
b4:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:46:39:0C:E9:72:FF:84:2C:33:B7:3A:80:90:5B:98:9D:FA:99:66
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2b4adb97-a33f-485c-865b-badaa1f9c897.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:b000::/40
Signature Algorithm: sha256WithRSAEncryption
82:a2:22:23:46:0e:dd:9f:0d:23:9c:61:d5:07:f8:27:9f:94:
15:02:35:af:f9:a0:56:ec:df:99:a0:f3:96:19:e8:3b:c9:2e:
bf:ce:a5:a4:ac:05:b0:4f:49:2c:35:06:83:a7:97:5c:20:6e:
58:f4:81:04:1f:90:a4:4e:3b:be:68:eb:c7:98:9f:78:64:71:
5c:f2:d7:93:24:52:b1:da:c3:c9:39:7e:8e:11:3c:71:f4:a6:
b2:af:bc:27:12:d0:4c:49:94:77:ae:31:c5:2e:36:72:4e:a9:
40:33:9b:35:5a:ce:69:36:30:68:d2:eb:e5:c5:b6:cd:32:5b:
79:98:ff:be:44:3a:b7:69:5c:9a:ca:cb:88:0c:ec:af:06:83:
e3:22:f3:c0:55:70:3d:c0:fc:35:fe:82:7d:34:39:cc:9e:be:
3a:76:92:06:a0:b1:8d:36:6b:3b:6d:dc:4a:43:4f:b9:4e:50:
f4:20:a0:cf:8f:5e:eb:98:fe:5e:19:64:4c:07:98:11:5a:bc:
63:c2:c2:e1:0b:a3:a7:04:27:f9:46:bc:91:06:08:0e:2a:41:
37:ea:1e:c5:60:b4:62:39:f0:47:4f:c3:f3:38:af:49:af:40:
23:22:f4:a0:8c:29:a4:83:57:56:4e:3e:00:be:90:83:44:09:
cc:45:0a:20
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFclA8y0i36/klYVpciTZv1eDFU0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANWI3ZDRiMWEwMjdmZTQ3NGRmNTZm
NmMwZTNjZjE0NDJkMTNlMjZmOTgxMGI4NDJjN2E1OWYyYTQzZDkzNjM4ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhLLcfnKHEXkVOrLyvx/+VWa8g6e
pjjYTEdXNkOdSKMO7m7qwchzB5g2FPo/rAmSB8mJXAbktIQtO3UZeHbLyG26hDHi
5AQcSzC9Ktjo7cVnd4cN9j6g5z5bMOcYXI9iiFoEnTxojbf2Nkiamuw5ID0ByR8I
/Dk18mRp3ngsPsm+TdbZhBAWVwSZ9iink1mi4FF3HkChoBCIHGv5Obi/GjmRJj0W
ZAhv+AE2K/9lQUMpLwoeJvqnsnsutBG7nu0yy06iyotkj/9f5B2GxMcKRgIzgIAc
BOR76YepXalP7telM0yp7BjHIG9FHnkFghdw1Q5L/+8c2lExmpIf3j+0FQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIlGOQzpcv+ELDO3OoCQW5id+plmMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzJiNGFkYjk3LWEzM2YtNDg1Yy04NjViLWJhZGFhMWY5Yzg5Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaALAwDQYJKoZIhvcNAQELBQADggEBAIKiIiNGDt2fDSOcYdUH
+CeflBUCNa/5oFbs35mg85YZ6DvJLr/OpaSsBbBPSSw1BoOnl1wgblj0gQQfkKRO
O75o68eYn3hkcVzy15MkUrHaw8k5fo4RPHH0prKvvCcS0ExJlHeuMcUuNnJOqUAz
mzVazmk2MGjS6+XFts0yW3mY/75EOrdpXJrKy4gM7K8Gg+Mi88BVcD3A/DX+gn00
Ocyevjp2kgagsY02aztt3EpDT7lOUPQgoM+PXuuY/l4ZZEwHmBFavGPCwuELo6cE
J/lGvJEGCA4qQTfqHsVgtGI58EdPw/M4r0mvQCMi9KCMKaSDV1ZOPgC+kINECcxF
CiA=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:12:23 2025 by rpki-client