Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43b679b3-4697-405a-940d-1245ad38a867.roa
File: 43b679b3-4697-405a-940d-1245ad38a867.roa (raw, json)
Hash identifier: U7GpLRp0FCxF7Yh73+b82H9S7I5wSjebHWL3vd4i1+M=
Subject key identifier: D1:40:62:8E:46:DD:B5:44:8D:AF:F0:0B:CD:62:8E:FB:53:9F:31:2F
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 35C93FB17279F0038983AE90D0A222287C7B7EB6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43b679b3-4697-405a-940d-1245ad38a867.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:f000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 16:10:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:c9:3f:b1:72:79:f0:03:89:83:ae:90:d0:a2:22:28:7c:7b:7e:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:a1:a9:ba:af:1f:06:ef:99:65:23:8d:a1:8a:
b1:e5:51:21:8f:5a:d1:17:83:56:a3:50:7d:63:56:
ca:64:b9:89:3d:cb:2d:43:67:26:56:60:15:7e:b2:
bb:ec:06:80:8a:67:41:9a:eb:6c:40:31:5d:e6:99:
d5:d5:87:8d:87:7a:e4:9e:e2:bd:79:d6:14:64:9b:
6c:4b:2b:7c:59:7f:83:0a:34:9a:f1:81:c6:d7:ec:
74:1e:72:cb:14:e5:cc:fb:fb:41:24:26:29:d7:3b:
8a:47:5a:47:58:bc:12:a5:f5:49:b5:46:53:a6:af:
b3:9c:36:2e:96:7b:61:ec:aa:c7:2b:d2:43:e2:c7:
95:8b:1f:da:6a:24:d2:eb:77:5c:f2:82:a6:7e:4a:
94:13:22:e4:b0:e4:0d:97:e9:fa:0f:fc:74:31:e5:
a3:ed:9a:48:8f:e8:4a:2c:7d:7a:58:76:e3:f1:43:
94:71:a3:4a:5f:ce:de:1d:57:16:fd:2f:bd:d3:b0:
83:75:3b:05:45:f0:08:9d:9b:40:30:19:cd:f4:ef:
de:ed:cf:0f:fb:80:c6:1d:16:ba:ce:3a:47:7e:e9:
49:a3:9e:3f:8f:a3:fd:5d:6c:0d:33:70:41:78:d7:
5b:26:ff:c5:10:f6:e4:12:b4:8e:d7:81:ee:96:ff:
f3:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:40:62:8E:46:DD:B5:44:8D:AF:F0:0B:CD:62:8E:FB:53:9F:31:2F
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43b679b3-4697-405a-940d-1245ad38a867.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:f000::/40
Signature Algorithm: sha256WithRSAEncryption
6e:a3:87:44:20:91:da:5b:c8:4b:9b:d0:83:6e:5c:2c:21:13:
b7:19:e8:05:7d:77:89:ab:f6:9d:e9:a8:cb:3f:db:34:fd:1f:
bc:1a:8f:13:08:fb:9b:4a:4c:93:b4:1c:21:ef:91:ef:80:ab:
85:26:cf:9b:3c:17:b1:66:de:d3:3a:8b:df:e5:1a:e6:01:06:
4b:cf:26:c5:f1:57:ec:fd:9f:68:3a:68:7a:c2:2a:5a:db:2c:
10:65:7b:e0:ee:2f:b5:65:f2:7a:8f:91:9a:0a:f5:9c:5b:f7:
63:16:64:14:69:71:65:fd:29:33:6f:09:4d:3a:29:f1:55:c9:
27:18:58:c7:d0:45:59:12:f9:9d:e6:d9:93:8a:b1:2a:32:ad:
0c:c5:68:31:60:e9:88:eb:49:91:db:7f:e8:76:42:1b:37:f3:
8f:17:f3:89:35:da:e1:88:b6:9d:17:28:70:c6:f3:2b:40:24:
b8:4f:05:58:0f:9c:ba:c8:dc:94:78:5a:49:61:26:74:0c:81:
88:2d:1e:7d:e9:92:f8:4e:95:17:30:19:e3:7e:92:d2:25:b4:
3d:5c:e6:01:da:33:94:19:88:05:93:c5:d9:37:50:c5:b9:24:
f6:06:b8:25:33:ae:df:c2:a8:70:8c:cb:00:bb:9b:a1:db:10:
f7:a9:0b:de
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUNck/sXJ58AOJg66Q0KIiKHx7frYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYmJjNWE0N2QwODA2Y2JhOGQ5MTgy
Y2NhYjE5Yjg1NDA1MWIwNDk1NDg2YjZmZDZlZGZjNmVlYjQ4NjNiNmY2NzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsKGpuq8fBu+ZZSONoYqx5VEhj1rR
F4NWo1B9Y1bKZLmJPcstQ2cmVmAVfrK77AaAimdBmutsQDFd5pnV1YeNh3rknuK9
edYUZJtsSyt8WX+DCjSa8YHG1+x0HnLLFOXM+/tBJCYp1zuKR1pHWLwSpfVJtUZT
pq+znDYulnth7KrHK9JD4seVix/aaiTS63dc8oKmfkqUEyLksOQNl+n6D/x0MeWj
7ZpIj+hKLH16WHbj8UOUcaNKX87eHVcW/S+907CDdTsFRfAInZtAMBnN9O/e7c8P
+4DGHRa6zjpHfulJo54/j6P9XWwNM3BBeNdbJv/FEPbkErSO14Hulv/zhQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFNFAYo5G3bVEja/wC81ijvtTnzEvMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQzYjY3OWIzLTQ2OTctNDA1YS05NDBkLTEyNDVhZDM4YTg2Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaAPAwDQYJKoZIhvcNAQELBQADggEBAG6jh0QgkdpbyEub0INu
XCwhE7cZ6AV9d4mr9p3pqMs/2zT9H7wajxMI+5tKTJO0HCHvke+Aq4Umz5s8F7Fm
3tM6i9/lGuYBBkvPJsXxV+z9n2g6aHrCKlrbLBBle+DuL7Vl8nqPkZoK9Zxb92MW
ZBRpcWX9KTNvCU06KfFVyScYWMfQRVkS+Z3m2ZOKsSoyrQzFaDFg6YjrSZHbf+h2
Qhs3848X84k12uGItp0XKHDG8ytAJLhPBVgPnLrI3JR4WklhJnQMgYgtHn3pkvhO
lRcwGeN+ktIltD1c5gHaM5QZiAWTxdk3UMW5JPYGuCUzrt/CqHCMywC7m6HbEPep
C94=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:10:27 2025 by rpki-client