Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa
File: 3e10b881-cc4d-4575-9034-6eacfc118456.roa (raw, json)
Hash identifier: NY23UK6k6/CUzFMHq6qp3AbM86IMEbyRV44Klg3+JvQ=
Subject key identifier: 80:A2:58:77:4D:B9:01:2D:9A:6E:1A:78:77:91:AE:86:DD:B7:9A:72
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 14AD0EE1A1041DF3857725BD57905DA4A5C3E1E1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:2000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 16:10:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
14:ad:0e:e1:a1:04:1d:f3:85:77:25:bd:57:90:5d:a4:a5:c3:e1:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:75:59:05:5c:ef:1e:71:b6:23:ef:d9:68:b8:
6e:8f:c3:d9:6d:fd:96:3f:aa:20:fe:7c:f6:74:c6:
b9:18:a9:74:9b:88:0f:70:46:4a:f6:ec:c8:4b:0c:
46:78:59:07:9e:83:5c:cf:02:64:a5:d0:35:bd:c0:
44:47:23:ce:bf:ac:a5:bd:af:60:b2:cc:7c:c4:00:
0a:65:bf:c5:82:10:68:48:91:d3:10:27:89:df:99:
d7:52:e3:99:f1:78:51:95:ca:38:2f:4f:82:9f:5e:
9b:6c:f4:0f:27:9b:85:17:79:0e:b0:6f:69:fb:a3:
fa:36:f3:7e:15:97:d8:1a:7c:88:e6:6f:80:1b:a7:
3a:01:83:25:da:59:80:60:68:5e:a6:f5:09:5a:dc:
6e:cf:ce:82:90:d9:6e:68:96:7e:aa:9e:91:8f:95:
af:40:b5:fd:06:dc:4b:53:5e:98:c0:b1:7a:dc:26:
d1:0f:e2:86:be:2d:06:76:4f:a6:22:39:b8:33:fd:
3d:ab:dc:45:3b:92:f3:0f:5b:e6:58:4c:5c:5b:72:
94:f6:19:cb:80:a0:f1:fb:18:10:78:72:4c:2f:98:
cc:60:bd:96:ca:82:ad:d1:7d:e2:4f:d0:8f:e9:31:
69:8d:3b:57:f2:8f:89:81:01:dd:e0:42:04:31:5c:
46:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:A2:58:77:4D:B9:01:2D:9A:6E:1A:78:77:91:AE:86:DD:B7:9A:72
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/3e10b881-cc4d-4575-9034-6eacfc118456.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:2000::/40
Signature Algorithm: sha256WithRSAEncryption
32:eb:89:93:92:a4:66:78:51:f2:33:14:85:95:fa:e5:3e:6c:
2f:44:d8:d6:9f:17:0d:e4:1b:64:21:ee:0f:b8:29:58:34:81:
42:28:22:06:24:e1:71:19:b2:ab:a3:d0:54:e9:27:19:9d:78:
77:38:66:00:94:8c:a2:93:02:ca:ab:d9:15:0f:a8:99:94:77:
cd:9e:a8:79:2e:91:6a:ca:d4:cc:51:9d:c9:82:34:ab:5a:ca:
f6:64:2c:0f:91:8a:63:95:4f:2e:c4:78:53:42:6d:53:ca:ab:
45:80:49:c7:35:fe:5e:93:59:f4:af:12:de:d8:61:68:5d:85:
2a:73:74:e7:15:eb:93:db:02:c8:a6:d4:65:22:92:3b:3f:d3:
d2:fd:08:d9:33:2a:d3:ca:5c:fe:38:ec:f3:12:52:66:32:85:
03:79:78:af:5b:6d:36:4f:46:a3:ab:c6:b9:57:b3:9b:72:57:
a3:1a:52:99:58:3e:81:ef:4f:cc:b9:b6:a3:dc:5d:65:fe:0b:
03:26:ac:44:64:87:b4:f1:22:3c:55:8b:12:64:d9:9b:56:be:
dc:5c:7a:53:d6:54:0f:50:eb:bf:8d:a7:52:a9:9a:02:b4:90:
78:e9:88:29:7a:c6:b3:c1:1b:ad:f0:a2:41:8b:c1:d0:4e:97:
ab:0b:d8:52
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUFK0O4aEEHfOFdyW9V5BdpKXD4eEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMzI2ZmNmYzgxMDFiMWI0ODEyZDc2
ZTk0OTg0YTJmNDUxMWIwMGQ0ZWRmNDM1OTZiY2NmZjA0MDI0YWZmNDc0MzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA23VZBVzvHnG2I+/ZaLhuj8PZbf2W
P6og/nz2dMa5GKl0m4gPcEZK9uzISwxGeFkHnoNczwJkpdA1vcBERyPOv6ylva9g
ssx8xAAKZb/FghBoSJHTECeJ35nXUuOZ8XhRlco4L0+Cn16bbPQPJ5uFF3kOsG9p
+6P6NvN+FZfYGnyI5m+AG6c6AYMl2lmAYGhepvUJWtxuz86CkNluaJZ+qp6Rj5Wv
QLX9BtxLU16YwLF63CbRD+KGvi0Gdk+mIjm4M/09q9xFO5LzD1vmWExcW3KU9hnL
gKDx+xgQeHJML5jMYL2WyoKt0X3iT9CP6TFpjTtX8o+JgQHd4EIEMVxGmQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFICiWHdNuQEtmm4aeHeRrobdt5pyMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzNlMTBiODgxLWNjNGQtNDU3NS05MDM0LTZlYWNmYzExODQ1Ni5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYSAwDQYJKoZIhvcNAQELBQADggEBADLriZOSpGZ4UfIzFIWV
+uU+bC9E2NafFw3kG2Qh7g+4KVg0gUIoIgYk4XEZsquj0FTpJxmdeHc4ZgCUjKKT
Asqr2RUPqJmUd82eqHkukWrK1MxRncmCNKtayvZkLA+RimOVTy7EeFNCbVPKq0WA
Scc1/l6TWfSvEt7YYWhdhSpzdOcV65PbAsim1GUikjs/09L9CNkzKtPKXP447PMS
UmYyhQN5eK9bbTZPRqOrxrlXs5tyV6MaUplYPoHvT8y5tqPcXWX+CwMmrERkh7Tx
IjxVixJk2ZtWvtxcelPWVA9Q67+Np1KpmgK0kHjpiCl6xrPBG63wokGLwdBOl6sL
2FI=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:09:33 2025 by rpki-client