Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/47ab50a1-fe55-45fe-99e6-cd7b2f672a8e.roa
File: 47ab50a1-fe55-45fe-99e6-cd7b2f672a8e.roa (raw, json)
Hash identifier: BilgEkaisbE/VG0OEMCAmiXe3CWhb5XkOaDt3D08hng=
Subject key identifier: 24:8F:81:27:E4:DD:8D:42:BD:9A:A1:41:47:FD:C4:A0:DF:3F:04:D4
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 49CEFD033E8574A95BCCFD570A8613474FE87228
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/47ab50a1-fe55-45fe-99e6-cd7b2f672a8e.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7::/32 maxlen: 32
Validation: Failed, certificate revoked on Mon 03 Feb 2025 18:10:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
49:ce:fd:03:3e:85:74:a9:5b:cc:fd:57:0a:86:13:47:4f:e8:72:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:73:e6:40:46:33:29:4d:87:1d:8c:67:36:8a:
ce:28:7a:b2:f5:16:4b:ee:6a:65:b1:f4:03:77:0e:
22:8c:ad:3c:94:d7:b2:58:1b:b1:4c:57:d4:bf:6f:
2f:e1:d1:0e:85:c0:58:ba:7d:69:ca:81:51:b6:b5:
8c:ce:3c:81:95:16:12:da:d4:65:c6:75:60:ec:3c:
4c:98:3d:d9:2a:82:ed:ce:2c:b4:dc:0a:d0:57:d5:
53:77:09:8d:2c:0a:19:c8:94:be:f2:9d:10:10:d0:
0e:a7:3b:e8:cf:dd:d8:c6:00:8c:12:5f:06:b7:fc:
49:49:17:a3:bc:d5:05:75:1c:d0:f3:a0:22:de:e2:
dd:61:65:93:25:91:59:25:8d:e2:47:3a:4a:a2:67:
40:66:c3:06:ee:41:20:8b:31:bb:88:16:23:87:92:
35:51:f0:41:62:24:10:dc:70:ec:00:70:2f:b9:a3:
07:9c:a0:0e:47:c5:5f:a5:26:3e:81:fe:c9:49:70:
b0:25:17:b2:57:73:d6:73:3b:d0:b6:f2:25:22:0c:
0c:00:30:b4:0e:4a:a3:2f:0d:b6:a9:79:33:a5:dc:
c5:bc:fe:8b:85:26:5b:ee:44:68:85:f9:50:74:e3:
8c:93:6d:85:5f:be:bb:86:95:7e:c3:38:7a:6f:ff:
a0:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8F:81:27:E4:DD:8D:42:BD:9A:A1:41:47:FD:C4:A0:DF:3F:04:D4
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/47ab50a1-fe55-45fe-99e6-cd7b2f672a8e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7::/32
Signature Algorithm: sha256WithRSAEncryption
aa:7f:af:4a:7f:8f:e7:7e:8e:6d:63:24:82:2a:07:c0:bc:b8:
25:14:1b:59:39:2d:c9:05:ea:39:02:33:47:6d:a7:04:c1:ee:
86:0e:47:f5:29:2e:95:9e:2b:05:98:f5:11:d8:fd:b5:d8:e6:
7b:56:0c:78:a7:86:d9:53:7d:65:7e:7d:a9:a4:17:cc:41:07:
e7:27:5f:f4:83:99:10:f7:cb:88:62:7f:b9:26:ca:9b:0c:de:
90:d9:96:d4:75:a5:f4:90:27:16:a2:12:0b:e2:9b:7c:b5:61:
30:e0:a8:60:f1:8d:61:9a:cd:4f:5f:3c:53:34:49:90:e8:b5:
68:2c:55:93:7f:5e:2c:af:72:c3:bf:04:0b:35:1b:9d:df:38:
47:03:ab:c6:95:f6:3c:76:75:0d:41:91:9e:28:fc:eb:ab:a9:
54:50:e3:f3:27:f5:58:d1:1a:12:d8:06:a9:13:63:98:fc:46:
dd:1f:b3:b9:9d:0b:64:8b:36:2f:1d:cf:de:b3:f3:e8:83:d9:
95:a5:15:1d:f3:d1:7e:e6:ec:f8:6e:10:22:5c:79:0a:5a:b6:
ca:4e:90:c7:f5:6d:17:f8:30:cc:1b:e4:ae:fd:75:fe:82:72:
b4:08:09:67:a0:4d:94:24:d6:42:7f:3d:12:3c:3a:31:22:e4:
c1:c0:0b:aa
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUSc79Az6FdKlbzP1XCoYTR0/ocigwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANDk2NjlmNjg3MTA5NDk0YTM4NWMx
MTI5NmY4YTkxZTBkYWJmMzcwZWNiMWU4NTNlMDRjYTU5MTdkNWI4MTZhOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7HPmQEYzKU2HHYxnNorOKHqy9RZL
7mplsfQDdw4ijK08lNeyWBuxTFfUv28v4dEOhcBYun1pyoFRtrWMzjyBlRYS2tRl
xnVg7DxMmD3ZKoLtziy03ArQV9VTdwmNLAoZyJS+8p0QENAOpzvoz93YxgCMEl8G
t/xJSRejvNUFdRzQ86Ai3uLdYWWTJZFZJY3iRzpKomdAZsMG7kEgizG7iBYjh5I1
UfBBYiQQ3HDsAHAvuaMHnKAOR8VfpSY+gf7JSXCwJReyV3PWczvQtvIlIgwMADC0
DkqjLw22qXkzpdzFvP6LhSZb7kRohflQdOOMk22FX767hpV+wzh6b/+gnQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFCSPgSfk3Y1CvZqhQUf9xKDfPwTUMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQ3YWI1MGExLWZlNTUtNDVmZS05OWU2LWNkN2IyZjY3MmE4ZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUAJAba9zANBgkqhkiG9w0BAQsFAAOCAQEAqn+vSn+P536ObWMkgioH
wLy4JRQbWTktyQXqOQIzR22nBMHuhg5H9SkulZ4rBZj1Edj9tdjme1YMeKeG2VN9
ZX59qaQXzEEH5ydf9IOZEPfLiGJ/uSbKmwzekNmW1HWl9JAnFqISC+KbfLVhMOCo
YPGNYZrNT188UzRJkOi1aCxVk39eLK9yw78ECzUbnd84RwOrxpX2PHZ1DUGRnij8
66upVFDj8yf1WNEaEtgGqRNjmPxG3R+zuZ0LZIs2Lx3P3rPz6IPZlaUVHfPRfubs
+G4QIlx5Clq2yk6Qx/VtF/gwzBvkrv11/oJytAgJZ6BNlCTWQn89Ejw6MSLkwcAL
qg==
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:12:14 2025 by rpki-client