Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43f142a4-ac6c-46ed-a6c9-21998974ec83.roa
File: 43f142a4-ac6c-46ed-a6c9-21998974ec83.roa (raw, json)
Hash identifier: Oyfe71P3vNdP81qA6q9rSUi3Rs02tdS7iNeR8iHT2vA=
Subject key identifier: A4:94:99:AA:E1:76:23:C7:17:10:7D:12:75:0B:5D:F4:98:E2:21:18
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3D1FEA8C5F277ABF02E6952A9175059FCA698684
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43f142a4-ac6c-46ed-a6c9-21998974ec83.roa
Signing time: Mon 07 Jul 2025 15:00:08 +0000
ROA not before: Mon 07 Jul 2025 15:00:08 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:c080::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Jul 2025 18:07:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:1f:ea:8c:5f:27:7a:bf:02:e6:95:2a:91:75:05:9f:ca:69:86:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 7 15:00:08 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=08b1f8fdd7d342dc120619ea88530f332616bed6b4924e29cd524026b07795a0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:41:94:bd:5f:7d:b6:a7:a9:6c:66:32:8f:21:
49:40:75:e7:76:0e:b8:d5:75:dc:ba:fc:b9:01:fb:
e4:5a:9f:57:0d:39:16:42:e3:8c:8c:ec:de:13:db:
40:65:31:45:86:0f:19:c0:e7:6a:c7:54:41:fc:e3:
ea:7c:3b:bd:7d:38:0f:fd:27:91:2f:21:46:d3:9f:
68:f0:a3:b0:88:e6:04:52:6b:c2:67:81:ee:db:6f:
a8:63:04:f9:e3:70:ff:04:cc:db:40:e9:6d:0d:df:
83:00:13:04:e6:53:51:c0:59:b0:32:3b:fe:f3:83:
3c:3f:13:3f:f8:38:a9:ee:fe:fb:70:88:0b:a2:23:
23:42:d9:56:3b:59:f8:64:3b:24:6f:76:7c:d8:7c:
08:cd:85:cd:30:22:2d:0f:a5:0d:d6:20:ea:b5:98:
33:00:2c:92:a7:fa:73:ee:ef:73:8f:34:c1:9e:72:
d1:f7:72:e5:1b:af:29:18:84:fd:0b:fc:b9:8d:10:
98:7a:09:87:9e:12:53:e8:f8:05:d4:a7:79:47:09:
7b:5a:60:de:a1:4b:3f:4f:4d:51:ac:97:9b:40:6a:
95:c1:eb:ed:1f:56:3b:f1:fe:e3:97:c9:79:40:80:
3f:c3:66:ef:0f:ff:a6:08:f9:5d:55:c4:d9:43:99:
ca:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:94:99:AA:E1:76:23:C7:17:10:7D:12:75:0B:5D:F4:98:E2:21:18
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/43f142a4-ac6c-46ed-a6c9-21998974ec83.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:c080::/46
Signature Algorithm: sha256WithRSAEncryption
c1:66:55:c1:e1:b2:8a:50:1f:84:09:16:88:9c:87:80:87:44:
3e:2b:13:f9:0d:35:3f:63:3a:69:72:47:a5:37:81:e9:40:e2:
af:40:6f:1e:b5:88:67:5b:1e:f4:eb:ad:fe:97:42:9a:c3:5b:
76:c5:fb:8a:9b:cc:c1:b7:a2:6a:29:14:8b:61:ce:2f:f6:55:
e3:f2:2d:cd:b4:df:52:f3:9d:c0:37:6a:4f:ef:b7:22:69:c4:
c8:09:3a:0b:a8:84:1f:65:2c:47:cf:98:75:85:ad:d0:61:df:
ba:23:b1:77:65:ce:23:5e:db:d8:99:08:a6:6b:ea:9a:2b:28:
a8:6f:e8:31:1f:a9:1e:6e:03:76:11:41:3c:4d:fa:ce:af:49:
f9:6f:72:ad:77:25:e9:78:e9:84:63:79:94:a6:29:3c:d7:7e:
48:15:50:ea:51:d1:6d:d0:73:7c:a9:61:63:57:1b:0f:04:f9:
81:6b:34:7c:4a:92:49:79:89:68:2e:27:0d:04:8b:3a:6b:1c:
0d:06:55:0a:0d:b8:b4:86:00:4f:dc:db:c9:98:aa:57:f9:69:
55:ed:2f:5b:2c:ca:e8:62:2a:4e:60:77:dc:2c:f8:dc:79:6a:
85:95:df:ca:89:82:8c:71:58:7e:bd:8f:dd:64:1c:9f:fc:16:
ea:fa:1e:52
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUPR/qjF8ner8C5pUqkXUFn8pphoQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcwNzE1MDAwOFoX
DTI1MDgxMTIzNTk1OVowejFJMEcGA1UEBRNAMDhiMWY4ZmRkN2QzNDJkYzEyMDYx
OWVhODg1MzBmMzMyNjE2YmVkNmI0OTI0ZTI5Y2Q1MjQwMjZiMDc3OTVhMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr0GUvV99tqepbGYyjyFJQHXndg64
1XXcuvy5AfvkWp9XDTkWQuOMjOzeE9tAZTFFhg8ZwOdqx1RB/OPqfDu9fTgP/SeR
LyFG059o8KOwiOYEUmvCZ4Hu22+oYwT543D/BMzbQOltDd+DABME5lNRwFmwMjv+
84M8PxM/+Dip7v77cIgLoiMjQtlWO1n4ZDskb3Z82HwIzYXNMCItD6UN1iDqtZgz
ACySp/pz7u9zjzTBnnLR93LlG68pGIT9C/y5jRCYegmHnhJT6PgF1Kd5Rwl7WmDe
oUs/T01RrJebQGqVwevtH1Y78f7jl8l5QIA/w2bvD/+mCPldVcTZQ5nKYwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKSUmarhdiPHFxB9EnULXfSY4iEYMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQzZjE0MmE0LWFjNmMtNDZlZC1hNmM5LTIxOTk4OTc0ZWM4My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaacCAMA0GCSqGSIb3DQEBCwUAA4IBAQDBZlXB4bKKUB+ECRaI
nIeAh0Q+KxP5DTU/YzppckelN4HpQOKvQG8etYhnWx70663+l0Kaw1t2xfuKm8zB
t6JqKRSLYc4v9lXj8i3NtN9S853AN2pP77ciacTICToLqIQfZSxHz5h1ha3QYd+6
I7F3Zc4jXtvYmQima+qaKyiob+gxH6kebgN2EUE8TfrOr0n5b3KtdyXpeOmEY3mU
pik8135IFVDqUdFt0HN8qWFjVxsPBPmBazR8SpJJeYloLicNBIs6axwNBlUKDbi0
hgBP3NvJmKpX+WlV7S9bLMroYipOYHfcLPjceWqFld/KiYKMcVh+vY/dZByf/Bbq
+h5S
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:58:47 2025 by rpki-client