Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaa4e98-35e7-4700-aa65-013387f5feae.roa
File: 3aaa4e98-35e7-4700-aa65-013387f5feae.roa (raw, json)
Hash identifier: ZRPshw3OAX05EBw01ykd7+NrjzQ0zdDX6Vmf/8HNMCE=
Subject key identifier: 16:4B:85:7C:7C:77:F4:32:87:DE:B4:C1:00:30:4E:51:4C:A0:2E:A9
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 76E4D5A157CD06FB4F963D9E1E661181683AA8CB
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaa4e98-35e7-4700-aa65-013387f5feae.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:b000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 19:20:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:e4:d5:a1:57:cd:06:fb:4f:96:3d:9e:1e:66:11:81:68:3a:a8:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:db:c9:82:c2:1a:93:0f:1b:a5:19:dd:e7:dd:
1d:85:e5:be:ee:fa:86:fd:19:3b:d9:9e:c9:2d:94:
62:04:1b:0a:c4:41:d9:1a:06:26:6a:49:8d:b7:29:
3a:2d:a0:61:74:c7:cd:46:86:a1:a1:73:3d:6a:64:
d9:0f:b9:c2:f8:00:c2:23:ef:39:f4:18:76:5a:ef:
bb:12:b8:21:c7:c4:d5:e0:0d:06:c1:62:07:57:38:
6b:8e:e0:48:8f:4d:33:e4:8f:c4:70:7d:9c:b8:ee:
b7:f8:6d:24:2e:fd:67:a4:0b:e2:4f:0d:c0:de:c5:
a3:5b:b7:dc:9a:35:c4:17:be:e9:d2:f3:e9:71:e6:
f4:b6:96:c2:c9:b3:f2:e0:fd:ee:f9:67:0d:65:99:
d4:13:b6:fc:9a:89:3a:79:9e:48:3e:de:5e:7c:31:
a2:40:bf:3b:9b:b3:5b:1e:ad:2e:dc:45:d2:07:16:
a8:cd:0a:75:64:20:c7:9a:8a:c5:c8:66:93:76:16:
93:69:a6:4c:17:c4:47:f7:37:6c:8f:bf:5d:88:c9:
73:ab:d2:10:c0:ca:9f:37:97:ef:88:4b:b7:01:81:
fa:89:a8:48:13:a7:3e:e9:0e:8b:0b:38:d4:a6:e0:
22:c9:da:3d:e3:e0:e8:94:48:6a:42:1b:d9:e1:2c:
0c:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:4B:85:7C:7C:77:F4:32:87:DE:B4:C1:00:30:4E:51:4C:A0:2E:A9
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaa4e98-35e7-4700-aa65-013387f5feae.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:b000::/40
Signature Algorithm: sha256WithRSAEncryption
8d:97:76:b8:7e:7e:28:c2:f7:05:79:14:84:69:3d:53:c5:42:
73:93:a1:8c:ce:d2:ac:c1:78:40:6b:8e:13:42:b7:23:71:c9:
9b:58:cc:b7:6b:d1:ca:e0:b9:ce:b9:c6:de:0d:0d:a8:a9:f2:
ab:a0:27:7b:50:09:95:b8:94:37:85:e0:96:30:06:58:8b:23:
5d:2c:04:ef:66:86:b0:ab:10:50:0a:85:92:10:08:e2:b0:f4:
fb:0f:0e:5c:73:24:99:29:b5:f8:3d:13:07:b7:79:19:c5:b0:
48:2c:47:5e:58:6e:49:e0:0c:37:39:24:f3:a4:16:6e:57:c7:
27:bc:ac:be:dd:09:2f:7f:29:25:e1:6b:cd:54:b8:82:d9:12:
4c:6a:d6:71:e4:a4:6c:06:2e:c3:7a:c0:11:34:42:d4:21:69:
c8:ba:74:01:af:f0:b8:6b:ce:b2:e6:5e:ff:a2:18:c8:cc:85:
fb:3c:06:c6:77:31:6d:d6:12:37:63:61:db:df:54:b8:ce:71:
ce:49:61:f8:93:59:9b:59:15:c8:6c:9b:13:e3:08:57:b7:46:
1a:2f:47:ed:08:d4:e7:6b:bf:03:32:c7:8d:99:d1:13:9e:dd:
44:3e:33:38:9d:22:41:e1:7f:9b:a7:21:44:6d:51:3c:0c:2d:
d6:70:75:b0
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUduTVoVfNBvtPlj2eHmYRgWg6qMswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYTAyODg0YWJjZGQ4MmUyM2JiNDYz
ZGU1YzlmOWQ2YjQ0MmIwNDJlNzI0MzkxMjM2Nzg2Zjc4Njk3MmYzMTUwMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtvJgsIakw8bpRnd590dheW+7vqG
/Rk72Z7JLZRiBBsKxEHZGgYmakmNtyk6LaBhdMfNRoahoXM9amTZD7nC+ADCI+85
9Bh2Wu+7Erghx8TV4A0GwWIHVzhrjuBIj00z5I/EcH2cuO63+G0kLv1npAviTw3A
3sWjW7fcmjXEF77p0vPpceb0tpbCybPy4P3u+WcNZZnUE7b8mok6eZ5IPt5efDGi
QL87m7NbHq0u3EXSBxaozQp1ZCDHmorFyGaTdhaTaaZMF8RH9zdsj79diMlzq9IQ
wMqfN5fviEu3AYH6iahIE6c+6Q6LCzjUpuAiydo94+DolEhqQhvZ4SwMEwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBZLhXx8d/Qyh960wQAwTlFMoC6pMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzNhYWE0ZTk4LTM1ZTctNDcwMC1hYTY1LTAxMzM4N2Y1ZmVhZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+7AwDQYJKoZIhvcNAQELBQADggEBAI2Xdrh+fijC9wV5FIRp
PVPFQnOToYzO0qzBeEBrjhNCtyNxyZtYzLdr0crguc65xt4NDaip8qugJ3tQCZW4
lDeF4JYwBliLI10sBO9mhrCrEFAKhZIQCOKw9PsPDlxzJJkptfg9Ewe3eRnFsEgs
R15YbkngDDc5JPOkFm5Xxye8rL7dCS9/KSXha81UuILZEkxq1nHkpGwGLsN6wBE0
QtQhaci6dAGv8LhrzrLmXv+iGMjMhfs8BsZ3MW3WEjdjYdvfVLjOcc5JYfiTWZtZ
FchsmxPjCFe3RhovR+0I1OdrvwMyx42Z0ROe3UQ+MzidIkHhf5unIURtUTwMLdZw
dbA=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:10:15 2025 by rpki-client