Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaf1f3c-55b8-419c-bcaf-892b30f3ef3c.roa
File: 3aaf1f3c-55b8-419c-bcaf-892b30f3ef3c.roa (raw, json)
Hash identifier: P/iimyq4OgAc5WAWkzgViJnHMdLu4X6gxrdgobl0ymA=
Subject key identifier: E4:8B:9F:30:AC:38:C2:ED:B4:10:9E:ED:5D:A1:AF:23:EB:F1:BC:DC
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 04364561512016F5FD922D6BE349EC7873D63319
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaf1f3c-55b8-419c-bcaf-892b30f3ef3c.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:6000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 19:20:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
04:36:45:61:51:20:16:f5:fd:92:2d:6b:e3:49:ec:78:73:d6:33:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:66:11:f6:79:9e:e5:12:97:cc:63:c1:9d:26:
60:c0:eb:cb:1c:90:37:c4:1a:a4:2f:78:0e:37:0e:
10:72:ad:43:f0:53:b5:5c:db:ee:b6:1c:17:34:4c:
31:36:7a:e0:fe:3c:3e:e5:e7:c9:40:4d:88:1b:b5:
80:58:3d:b5:cb:d2:e5:eb:49:58:41:9f:04:1c:2e:
0b:e6:87:06:51:86:89:2f:f6:e2:f2:08:74:32:b7:
8f:97:03:17:c3:04:ac:c9:bc:ab:a2:80:77:e5:a2:
34:05:00:21:68:06:88:fe:e7:aa:de:14:ff:b6:7e:
cf:59:70:b1:a5:7f:93:f1:9c:3e:ba:b8:c7:60:4e:
cb:7d:d1:76:ee:57:5c:31:c6:97:da:df:09:a6:48:
29:f7:5b:cd:3e:93:78:9f:92:80:be:74:e7:61:c8:
3c:c6:82:68:92:d3:ec:19:6a:59:9f:ea:29:06:eb:
c5:75:84:29:03:99:93:b4:36:aa:6b:58:b3:92:10:
bf:4d:62:8f:07:62:16:95:a6:59:17:8c:c4:8f:29:
79:8a:16:37:9c:f3:1f:31:f3:38:f3:e1:83:c8:59:
c2:79:e1:0b:1d:66:67:f7:d3:2e:3b:5b:ce:77:1b:
63:fa:f9:84:7f:cf:bd:31:44:37:b6:26:0e:7e:f5:
fc:1b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:8B:9F:30:AC:38:C2:ED:B4:10:9E:ED:5D:A1:AF:23:EB:F1:BC:DC
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3aaf1f3c-55b8-419c-bcaf-892b30f3ef3c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:6000::/40
Signature Algorithm: sha256WithRSAEncryption
16:ef:99:e1:16:f4:51:ed:e2:c2:13:d9:18:55:d4:dc:f7:e8:
99:1f:fe:83:52:ca:53:41:75:e1:d7:84:ef:69:06:58:6e:15:
05:d4:2a:de:c8:25:87:6f:a4:9b:0a:9a:fd:98:de:06:75:17:
f8:b9:0c:bb:68:4b:47:34:2c:64:35:d7:18:40:25:75:24:a7:
de:00:3e:54:bf:8e:2b:40:ff:9b:62:36:38:76:b6:81:e7:56:
cb:33:16:a3:b6:2a:37:60:28:20:31:50:76:17:29:39:10:b1:
fb:3a:54:77:80:44:57:bf:5d:d3:d2:4a:99:1f:e1:df:c1:2d:
87:6f:b0:56:83:a8:01:ce:0c:e8:e6:a3:c4:43:4b:4e:c9:7f:
b1:ba:ac:b4:27:20:98:f1:09:6a:50:89:83:45:8a:5f:83:50:
1b:5e:53:ab:e4:d5:60:1b:db:58:fd:4d:4e:dc:67:eb:7d:41:
5b:1a:e8:4a:16:26:d8:14:f8:66:84:38:47:9d:d0:13:1a:44:
04:d2:e6:c8:b3:56:7d:8f:7b:df:bb:78:db:85:e7:23:e0:55:
18:64:2a:cf:f6:af:0e:7e:a9:f8:0b:fc:15:3d:f7:cb:78:5a:
45:d3:e5:56:4b:fa:25:e6:0a:51:7c:00:e5:bb:8f:95:30:22:
6f:08:45:24
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUBDZFYVEgFvX9ki1r40nseHPWMxkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMTA1MmYyOTkzYjczZGM3MWE2OWIy
ZTZkMWRhMGEyNzg2MTY2NWQ1YTc0YWQ4YmY5ZDFlYjA4M2Q4NzZkMTE5MjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGYR9nme5RKXzGPBnSZgwOvLHJA3
xBqkL3gONw4Qcq1D8FO1XNvuthwXNEwxNnrg/jw+5efJQE2IG7WAWD21y9Ll60lY
QZ8EHC4L5ocGUYaJL/bi8gh0MrePlwMXwwSsybyrooB35aI0BQAhaAaI/ueq3hT/
tn7PWXCxpX+T8Zw+urjHYE7LfdF27ldcMcaX2t8Jpkgp91vNPpN4n5KAvnTnYcg8
xoJoktPsGWpZn+opBuvFdYQpA5mTtDaqa1izkhC/TWKPB2IWlaZZF4zEjyl5ihY3
nPMfMfM48+GDyFnCeeELHWZn99MuO1vOdxtj+vmEf8+9MUQ3tiYOfvX8GwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOSLnzCsOMLttBCe7V2hryPr8bzcMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzNhYWYxZjNjLTU1YjgtNDE5Yy1iY2FmLTg5MmIzMGYzZWYzYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+2AwDQYJKoZIhvcNAQELBQADggEBABbvmeEW9FHt4sIT2RhV
1Nz36Jkf/oNSylNBdeHXhO9pBlhuFQXUKt7IJYdvpJsKmv2Y3gZ1F/i5DLtoS0c0
LGQ11xhAJXUkp94APlS/jitA/5tiNjh2toHnVsszFqO2KjdgKCAxUHYXKTkQsfs6
VHeARFe/XdPSSpkf4d/BLYdvsFaDqAHODOjmo8RDS07Jf7G6rLQnIJjxCWpQiYNF
il+DUBteU6vk1WAb21j9TU7cZ+t9QVsa6EoWJtgU+GaEOEed0BMaRATS5sizVn2P
e9+7eNuF5yPgVRhkKs/2rw5+qfgL/BU998t4WkXT5VZL+iXmClF8AOW7j5UwIm8I
RSQ=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:07:30 2025 by rpki-client