Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2bbabd33-7e7b-4885-9680-532342168721.roa
File: 2bbabd33-7e7b-4885-9680-532342168721.roa (raw, json)
Hash identifier: grQN5R8o4GgqBWViSeAe7Ax+f/G034n893WJlkMQyl8=
Subject key identifier: A1:7C:D3:6E:2B:DB:FD:8D:B1:12:D9:F5:B2:F1:B9:1E:29:AD:0C:AA
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5AC82F3AFEF554B28533FCCF557A0F023673B58A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2bbabd33-7e7b-4885-9680-532342168721.roa
Signing time: Wed 30 Jul 2025 00:51:28 +0000
ROA not before: Wed 30 Jul 2025 00:51:28 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:c840::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Jul 2025 18:24:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:c8:2f:3a:fe:f5:54:b2:85:33:fc:cf:55:7a:0f:02:36:73:b5:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:51:28 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=b1e701bcba2b021c01bacc89f8c8608c7c6b32c47571ea47fce0fe5c0038e59b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0e:e3:57:8f:27:61:ca:92:9f:a5:ac:8c:11:
a8:59:4d:15:7b:d1:68:74:05:d8:9f:10:8d:59:5c:
4a:cb:88:2a:d8:51:18:24:25:da:1e:93:13:e6:b9:
31:7a:14:a5:19:47:f9:ca:dd:8c:0c:72:54:7b:9b:
90:83:ae:67:7b:95:25:74:de:54:78:64:81:78:f4:
13:ac:95:ad:61:85:3e:cf:b0:53:73:51:97:27:c3:
66:94:c6:61:77:d3:72:b8:14:91:88:fa:11:9d:97:
51:79:35:b7:76:69:66:3d:64:81:91:ba:97:b9:2c:
2a:b3:a3:b5:1e:b5:05:47:a4:2f:ba:78:e1:7d:72:
ee:b1:87:91:09:e2:56:1b:c2:25:8d:ec:d4:f7:d9:
9a:a7:d5:48:14:e8:00:ac:b5:ca:f3:dd:75:d8:b1:
77:79:32:af:78:5f:3e:d0:52:17:e0:8c:fc:04:dd:
17:54:c7:c0:8b:13:87:b9:04:d5:14:1b:11:6f:53:
12:c7:ba:5a:77:8a:f5:a2:12:d9:76:be:91:09:11:
be:a1:27:7e:2a:c7:82:3b:cb:45:21:b7:15:9f:ff:
c0:2b:a2:23:dc:ca:af:d7:dd:40:c2:4d:ec:a5:d2:
78:f0:fc:1a:4f:da:51:ef:a5:f0:89:38:a4:96:ba:
70:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:7C:D3:6E:2B:DB:FD:8D:B1:12:D9:F5:B2:F1:B9:1E:29:AD:0C:AA
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/2bbabd33-7e7b-4885-9680-532342168721.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:c840::/46
Signature Algorithm: sha256WithRSAEncryption
9d:a8:dc:f6:4e:f5:07:29:6d:26:d3:48:fd:7f:f9:7f:dd:7b:
8b:69:79:9e:04:3a:a7:25:d7:ae:74:a0:e2:0f:0e:7e:eb:de:
2c:d5:d1:d5:de:c0:21:ba:ac:72:98:3e:99:81:1b:57:15:39:
e2:b4:50:d6:c4:80:aa:4a:1d:ea:8b:cf:27:c2:6d:eb:47:da:
54:f3:c3:22:e2:56:3d:fa:33:87:8e:bb:56:d9:b0:82:8a:92:
3d:3b:0d:a7:68:50:a8:27:ef:0f:d3:f1:44:1b:d3:df:c2:56:
fa:8b:c0:3e:4d:58:dc:5f:ec:5d:6a:cd:ad:ab:d1:0b:3f:ca:
43:21:83:5d:1d:20:3d:70:ae:03:59:e9:55:5b:bc:10:75:4d:
d9:48:aa:05:06:3a:b6:bd:83:c5:89:f7:72:8b:fb:81:ef:34:
cc:37:ca:b4:af:62:88:d5:b4:e9:6e:ed:f8:19:87:43:c5:03:
1b:9e:79:33:a6:3a:dc:46:93:25:c3:66:f3:62:65:42:38:0c:
81:fd:48:d1:76:8a:b6:49:38:df:1d:aa:c1:81:b0:5a:74:ae:
67:49:b9:3d:51:0c:56:43:08:3f:8a:bd:81:b5:ac:d9:1a:0b:
1f:9c:4a:b4:90:a1:7b:8e:a1:ef:fa:4b:5e:29:0a:57:02:d3:
a0:86:ba:d8
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUWsgvOv71VLKFM/zPVXoPAjZztYowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNTEyOFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAYjFlNzAxYmNiYTJiMDIxYzAxYmFj
Yzg5ZjhjODYwOGM3YzZiMzJjNDc1NzFlYTQ3ZmNlMGZlNWMwMDM4ZTU5YjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqA7jV48nYcqSn6WsjBGoWU0Ve9Fo
dAXYnxCNWVxKy4gq2FEYJCXaHpMT5rkxehSlGUf5yt2MDHJUe5uQg65ne5UldN5U
eGSBePQTrJWtYYU+z7BTc1GXJ8NmlMZhd9NyuBSRiPoRnZdReTW3dmlmPWSBkbqX
uSwqs6O1HrUFR6QvunjhfXLusYeRCeJWG8IljezU99map9VIFOgArLXK89112LF3
eTKveF8+0FIX4Iz8BN0XVMfAixOHuQTVFBsRb1MSx7pad4r1ohLZdr6RCRG+oSd+
KseCO8tFIbcVn//AK6Ij3Mqv191Awk3spdJ48PwaT9pR76XwiTiklrpwjQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKF8024r2/2NsRLZ9bLxuR4prQyqMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzJiYmFiZDMzLTdlN2ItNDg4NS05NjgwLTUzMjM0MjE2ODcyMS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba98hAMA0GCSqGSIb3DQEBCwUAA4IBAQCdqNz2TvUHKW0m00j9
f/l/3XuLaXmeBDqnJdeudKDiDw5+694s1dHV3sAhuqxymD6ZgRtXFTnitFDWxICq
Sh3qi88nwm3rR9pU88Mi4lY9+jOHjrtW2bCCipI9Ow2naFCoJ+8P0/FEG9Pfwlb6
i8A+TVjcX+xdas2tq9ELP8pDIYNdHSA9cK4DWelVW7wQdU3ZSKoFBjq2vYPFifdy
i/uB7zTMN8q0r2KI1bTpbu34GYdDxQMbnnkzpjrcRpMlw2bzYmVCOAyB/UjRdoq2
STjfHarBgbBadK5nSbk9UQxWQwg/ir2BtazZGgsfnEq0kKF7jqHv+kteKQpXAtOg
hrrY
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:05:51 2025 by rpki-client