Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49e84179-b363-4bd7-a8a7-5203c6a98687.roa
File: 49e84179-b363-4bd7-a8a7-5203c6a98687.roa (raw, json)
Hash identifier: zuMMFje5eIcc4jxhpYG1sbMHFPB6R8PWrqrg8ejid9Y=
Subject key identifier: B5:AD:F5:A9:EE:EF:A8:60:52:DF:8B:3F:0B:29:1C:A4:6D:7D:7A:8E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 303748BAEAB462CD9FCF24AC043B77E8D9E4F730
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49e84179-b363-4bd7-a8a7-5203c6a98687.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:e000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:21:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:37:48:ba:ea:b4:62:cd:9f:cf:24:ac:04:3b:77:e8:d9:e4:f7:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:01:98:07:07:08:2b:99:4b:f0:51:d2:de:1a:
75:4f:d1:67:46:df:d4:6d:b5:b3:71:36:d9:b7:5e:
38:9f:48:45:03:5a:ed:2a:d5:c0:df:cd:e9:4f:d6:
3b:ba:e4:9a:c0:08:37:86:a4:8c:be:65:a5:4f:4d:
71:0b:c1:f1:c1:dd:d0:ff:44:ae:b0:55:f8:3a:b9:
9d:84:e3:fb:66:fd:7d:a7:25:15:c1:19:92:d0:e7:
d3:3f:5f:59:8a:3b:4a:b8:a8:32:96:b3:54:30:49:
4e:e9:f5:0b:c4:d4:58:35:6e:72:1d:c4:f0:06:f9:
b5:89:8d:92:3c:67:52:02:96:99:62:85:d6:06:90:
db:6a:e1:99:c4:f2:6a:0a:96:ad:3e:31:f7:b0:8a:
51:cd:c8:13:a9:76:d8:64:0c:ce:1e:92:82:61:0d:
f4:22:31:c0:d9:c9:9c:f8:01:22:58:14:fd:22:b9:
86:b0:ac:89:c4:34:06:69:d0:f0:d6:28:8f:0d:b7:
45:8c:0b:1d:2b:63:cf:c6:2c:3c:19:16:38:1d:15:
8b:b2:90:46:7b:1b:53:fc:9c:7a:38:68:ff:6e:68:
8f:f2:aa:72:45:d1:c9:48:3d:2e:79:04:66:7e:16:
76:39:8c:5c:64:84:c5:b7:77:f8:41:e1:ea:21:61:
55:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:AD:F5:A9:EE:EF:A8:60:52:DF:8B:3F:0B:29:1C:A4:6D:7D:7A:8E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/49e84179-b363-4bd7-a8a7-5203c6a98687.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:e000::/40
Signature Algorithm: sha256WithRSAEncryption
29:52:dd:88:b3:08:19:3e:91:d9:59:97:13:b0:86:28:74:ae:
5f:c2:b1:77:84:8f:f8:8f:84:33:35:99:2d:01:b8:49:31:3a:
7e:05:43:a8:e7:03:a6:9a:b3:33:65:fa:52:85:06:a7:21:3c:
6e:1a:4b:98:66:0c:de:b9:59:e3:8a:8e:e8:6c:ff:9f:cd:4e:
10:ed:4b:3d:8f:d9:a0:e1:2a:98:77:19:50:5d:4e:38:30:32:
aa:d8:2a:12:5b:93:df:ef:e9:6a:d2:81:fb:0d:b5:48:ad:54:
fb:94:d1:70:24:03:8a:49:61:9e:24:85:f4:81:73:7c:4d:15:
65:ba:b2:af:8c:54:44:11:6f:3c:c7:f4:c7:cd:1b:5e:88:8b:
94:a8:e3:e8:3c:51:db:78:b6:f4:c0:b8:df:08:3c:a4:c0:ed:
a6:58:f2:52:a6:42:39:3b:30:47:6e:db:04:9f:fe:71:0c:f5:
1b:e4:65:bb:af:ea:34:54:52:59:32:80:97:9d:04:db:2c:e0:
86:44:b8:9f:fc:e1:2f:1a:d7:bf:e5:95:57:12:61:5a:94:d2:
ea:7b:6a:49:76:83:2f:ee:0a:3e:8c:ea:34:2b:82:6c:02:ce:
bf:93:76:5f:0c:b0:53:bf:aa:56:51:c4:78:06:dd:a4:1b:7a:
c5:c2:82:27
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUMDdIuuq0Ys2fzySsBDt36Nnk9zAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMDRmODQzYzMyYmQ3ZDNkYzNmODg0
ZjkwZDIwZmUyOGYzODllYzIxOGUzZjM4OGFhMjE1YzI4YWY1NGVlMDhmYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmgGYBwcIK5lL8FHS3hp1T9FnRt/U
bbWzcTbZt144n0hFA1rtKtXA383pT9Y7uuSawAg3hqSMvmWlT01xC8Hxwd3Q/0Su
sFX4OrmdhOP7Zv19pyUVwRmS0OfTP19ZijtKuKgylrNUMElO6fULxNRYNW5yHcTw
Bvm1iY2SPGdSApaZYoXWBpDbauGZxPJqCpatPjH3sIpRzcgTqXbYZAzOHpKCYQ30
IjHA2cmc+AEiWBT9IrmGsKyJxDQGadDw1iiPDbdFjAsdK2PPxiw8GRY4HRWLspBG
extT/Jx6OGj/bmiP8qpyRdHJSD0ueQRmfhZ2OYxcZITFt3f4QeHqIWFVYwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLWt9anu76hgUt+LPwspHKRtfXqOMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzQ5ZTg0MTc5LWIzNjMtNGJkNy1hOGE3LTUyMDNjNmE5ODY4Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaAOAwDQYJKoZIhvcNAQELBQADggEBAClS3YizCBk+kdlZlxOw
hih0rl/CsXeEj/iPhDM1mS0BuEkxOn4FQ6jnA6aaszNl+lKFBqchPG4aS5hmDN65
WeOKjuhs/5/NThDtSz2P2aDhKph3GVBdTjgwMqrYKhJbk9/v6WrSgfsNtUitVPuU
0XAkA4pJYZ4khfSBc3xNFWW6sq+MVEQRbzzH9MfNG16Ii5So4+g8Udt4tvTAuN8I
PKTA7aZY8lKmQjk7MEdu2wSf/nEM9RvkZbuv6jRUUlkygJedBNss4IZEuJ/84S8a
17/llVcSYVqU0up7akl2gy/uCj6M6jQrgmwCzr+Tdl8MsFO/qlZRxHgG3aQbesXC
gic=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:12:04 2025 by rpki-client