Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd95545-b5ca-4bb0-a1c9-c8c48c1faf3b.roa
File: 4fd95545-b5ca-4bb0-a1c9-c8c48c1faf3b.roa (raw, json)
Hash identifier: piptxPOMCI9hQVddJfaluCAoZoNtO5i/rd0J3cu3Y+8=
Subject key identifier: F1:1F:FD:21:63:D8:C0:17:89:B7:D8:13:D5:69:F0:45:3B:94:49:55
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5AE44F2A2924DBE84E1A128710DA93624A493982
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd95545-b5ca-4bb0-a1c9-c8c48c1faf3b.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:1000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 18:50:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5a:e4:4f:2a:29:24:db:e8:4e:1a:12:87:10:da:93:62:4a:49:39:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:2a:56:28:96:f2:29:b4:bc:93:ca:9c:76:cf:
c9:66:06:2d:93:74:f8:e0:9d:41:e1:16:2f:1c:a6:
0b:a6:7b:66:09:43:6e:f2:a0:66:4a:60:51:37:8c:
bf:f3:df:4d:0f:aa:f4:36:fe:69:4a:12:63:83:7b:
f0:77:e5:50:26:f5:c0:c9:3b:16:af:07:58:bf:8a:
3b:da:0b:e5:44:fd:7f:17:33:92:cb:67:61:fb:56:
df:5c:9e:6d:4c:21:25:47:2b:f0:72:30:f3:70:90:
b6:5e:cf:a5:7f:08:62:16:11:54:5c:49:1b:c1:f9:
35:0a:24:b2:62:0f:7c:55:89:c5:32:79:78:7a:7c:
ef:8f:35:78:0e:8c:f0:a4:2e:64:e1:55:8d:11:30:
f0:c4:cc:58:59:c6:cd:1b:4d:11:d3:40:ef:a2:93:
cf:ff:69:ec:c5:8d:79:f4:38:68:74:06:89:ae:5a:
b9:60:70:c7:b8:f4:28:33:5f:b7:85:20:78:a4:e0:
70:95:78:8a:ce:98:d7:e4:5a:f0:76:49:3b:e8:f9:
e6:24:bd:35:61:94:81:f0:8c:56:97:4f:0d:58:9f:
8e:3d:df:89:73:44:aa:d7:82:3f:dd:57:93:0e:ff:
60:9c:c5:4b:b2:3d:3c:86:87:f2:2d:06:8d:77:c0:
11:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F1:1F:FD:21:63:D8:C0:17:89:B7:D8:13:D5:69:F0:45:3B:94:49:55
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/4fd95545-b5ca-4bb0-a1c9-c8c48c1faf3b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:1000::/40
Signature Algorithm: sha256WithRSAEncryption
13:f8:1f:4f:38:93:aa:90:a2:f2:ff:16:67:7f:79:9a:65:43:
a3:36:bf:aa:9a:dd:5c:66:eb:09:29:aa:01:3e:54:69:fa:83:
00:3e:1b:c6:1f:dc:e2:5a:ab:8f:19:ad:cd:d2:b1:e8:60:68:
12:17:75:8d:49:a2:2b:bc:65:f5:cc:34:a1:81:ce:75:3e:85:
bb:7a:30:f3:5d:9b:3c:43:36:e8:73:b1:0d:ba:bb:e8:3d:0b:
90:90:cd:6f:c0:72:d3:24:40:64:fc:07:8e:fe:0e:d6:a8:2f:
be:20:06:b8:e8:51:e1:57:1a:4d:64:bb:85:7e:eb:9e:6a:57:
c7:6c:e1:fa:fa:9a:0d:67:b3:dc:6b:ef:be:09:da:c7:0b:2c:
db:b3:bc:82:be:aa:67:0d:5f:6d:54:fd:cd:68:b9:64:9b:4a:
ec:eb:9b:7d:0a:e6:1f:3a:2c:3c:9a:d7:67:93:9e:4f:db:43:
3b:55:bd:87:8b:7e:6d:f7:0b:f0:2a:8b:b3:99:c7:72:90:64:
99:0c:24:7a:ab:b3:35:e8:ec:db:4f:f5:48:fc:e8:40:b7:a6:
f9:23:1b:84:cf:8f:c0:e1:b6:68:5c:28:98:f6:b9:24:f0:da:
db:02:d1:10:71:3f:6c:e6:5a:34:32:fc:ee:f5:c9:46:62:72:
18:87:b8:8a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUWuRPKikk2+hOGhKHENqTYkpJOYIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANTM1MzIzYTgxMjgwZDczMzdjMWMx
Y2YwYTgxMGY4ZDM5YmI2Mjg5MjNhY2ZjN2E4ZmM4OWI4ZDA3Mjc2ODBhZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1ipWKJbyKbS8k8qcds/JZgYtk3T4
4J1B4RYvHKYLpntmCUNu8qBmSmBRN4y/899ND6r0Nv5pShJjg3vwd+VQJvXAyTsW
rwdYv4o72gvlRP1/FzOSy2dh+1bfXJ5tTCElRyvwcjDzcJC2Xs+lfwhiFhFUXEkb
wfk1CiSyYg98VYnFMnl4enzvjzV4DozwpC5k4VWNETDwxMxYWcbNG00R00DvopPP
/2nsxY159DhodAaJrlq5YHDHuPQoM1+3hSB4pOBwlXiKzpjX5Frwdkk76PnmJL01
YZSB8IxWl08NWJ+OPd+Jc0Sq14I/3VeTDv9gnMVLsj08hofyLQaNd8AR4QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPEf/SFj2MAXibfYE9Vp8EU7lElVMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzRmZDk1NTQ1LWI1Y2EtNGJiMC1hMWM5LWM4YzQ4YzFmYWYzYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaRAwDQYJKoZIhvcNAQELBQADggEBABP4H084k6qQovL/Fmd/
eZplQ6M2v6qa3Vxm6wkpqgE+VGn6gwA+G8Yf3OJaq48Zrc3SsehgaBIXdY1Joiu8
ZfXMNKGBznU+hbt6MPNdmzxDNuhzsQ26u+g9C5CQzW/ActMkQGT8B47+DtaoL74g
BrjoUeFXGk1ku4V+655qV8ds4fr6mg1ns9xr774J2scLLNuzvIK+qmcNX21U/c1o
uWSbSuzrm30K5h86LDya12eTnk/bQztVvYeLfm33C/Aqi7OZx3KQZJkMJHqrszXo
7NtP9Uj86EC3pvkjG4TPj8DhtmhcKJj2uSTw2tsC0RBxP2zmWjQy/O71yUZichiH
uIo=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:04:17 2025 by rpki-client