Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/51a41624-b980-452b-a6a9-1f823c83f82a.roa
File: 51a41624-b980-452b-a6a9-1f823c83f82a.roa (raw, json)
Hash identifier: BzmTr9eqnO1IHEdbbogNfsTVQFiANnKfI9oV9Ut2sQ0=
Subject key identifier: E5:A0:90:34:5B:8D:E7:17:78:A1:FD:93:F6:84:68:9D:3D:18:AD:16
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1919B66D0B97E9F56C1CAA80EC1C3672B208FBA0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/51a41624-b980-452b-a6a9-1f823c83f82a.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:4800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:10:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:19:b6:6d:0b:97:e9:f5:6c:1c:aa:80:ec:1c:36:72:b2:08:fb:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f5:58:c5:02:d6:e9:5c:8e:d4:2c:6b:e9:bc:
6f:3f:92:2e:f9:bd:c9:b0:30:26:02:3e:f2:8b:89:
63:00:f7:d6:2f:6b:d3:48:05:8a:08:01:fc:96:c2:
95:0f:b6:71:8d:79:5a:60:1a:bf:e0:f4:d0:98:cc:
d8:d8:cb:44:c9:23:5d:58:f6:a7:b5:ec:30:27:96:
e4:15:43:85:f1:79:5d:5b:00:da:2e:0a:60:2a:3a:
fa:f6:b7:cb:9b:bd:3e:b4:72:ab:cc:97:68:f2:61:
72:bf:64:c7:a0:12:5b:f7:2f:1d:05:4b:7f:ed:b5:
f8:fe:09:af:a4:90:f2:a8:79:9b:c2:78:3f:b2:3a:
98:91:3e:9a:2e:bf:36:6c:82:5b:ca:61:9d:d1:3f:
79:0c:ec:ef:15:7b:87:49:93:28:6e:1f:6b:23:c8:
1e:6a:de:85:e8:1c:47:26:17:6e:41:a9:c1:1b:31:
5f:67:f9:85:fb:9d:c8:e4:56:06:1b:d3:c7:8f:21:
7b:d6:6e:9f:41:ed:e2:72:c2:32:5e:19:3e:70:d2:
bd:07:84:91:20:e5:2d:b3:32:4f:95:2b:fa:84:7a:
5b:4a:f8:b4:f4:4c:a8:eb:27:da:b6:34:0f:2f:29:
95:b1:55:86:db:5c:12:ea:0c:44:d3:9d:67:f1:62:
14:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A0:90:34:5B:8D:E7:17:78:A1:FD:93:F6:84:68:9D:3D:18:AD:16
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/51a41624-b980-452b-a6a9-1f823c83f82a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:4800::/40
Signature Algorithm: sha256WithRSAEncryption
4d:cc:70:6b:93:db:d8:c9:1e:19:a4:dc:f0:64:cf:6d:f0:ed:
37:2f:07:5d:8b:ed:da:e9:ea:6b:7a:5c:54:31:ba:42:43:c0:
ae:8c:c6:7a:c7:df:60:3a:a5:57:e4:ac:ca:d1:c2:12:aa:07:
71:a2:c3:fc:df:41:40:f6:ec:0f:c4:35:f6:de:07:7d:23:8d:
dd:5e:68:69:d9:99:e8:bc:70:b8:83:19:03:bc:22:69:4d:93:
8d:48:55:74:cb:9f:3f:0a:45:17:8f:b5:5d:15:d3:e3:3f:88:
84:0a:f8:38:62:6e:e9:c7:b1:c1:dd:45:3d:0b:96:2e:43:6a:
b2:c2:f8:08:6e:d2:aa:bf:f6:6f:8f:8f:70:35:da:44:d8:ee:
06:64:bb:4c:93:cf:f2:36:40:1e:fa:d3:85:96:92:61:ed:cb:
27:ae:07:6a:84:f7:d1:e9:b3:dc:c0:db:3e:81:13:24:40:3e:
d4:8d:88:e2:4f:91:ad:c4:e9:28:cf:82:f3:c4:0b:9f:4b:73:
01:af:8e:34:c6:58:cd:b8:a8:37:6e:14:d8:c9:8b:6c:ef:b3:
db:77:47:38:ec:66:f6:c8:be:d0:c2:d8:3c:a7:13:45:65:d6:
c9:34:e8:10:99:79:90:72:2f:13:b5:af:87:38:8b:48:d3:0b:
b2:2d:5a:1e
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUGRm2bQuX6fVsHKqA7Bw2crII+6AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMTJjOTgxYTI0NTkyMDcyYjZmYWFl
M2IyMzk0ZGU1MTdjOTU2MmFkMjY3OTU4ODZhOGRiNTQ3YjliMTE1ZTMwNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fVYxQLW6VyO1Cxr6bxvP5Iu+b3J
sDAmAj7yi4ljAPfWL2vTSAWKCAH8lsKVD7ZxjXlaYBq/4PTQmMzY2MtEySNdWPan
tewwJ5bkFUOF8XldWwDaLgpgKjr69rfLm70+tHKrzJdo8mFyv2THoBJb9y8dBUt/
7bX4/gmvpJDyqHmbwng/sjqYkT6aLr82bIJbymGd0T95DOzvFXuHSZMobh9rI8ge
at6F6BxHJhduQanBGzFfZ/mF+53I5FYGG9PHjyF71m6fQe3icsIyXhk+cNK9B4SR
IOUtszJPlSv6hHpbSvi09Eyo6yfatjQPLymVsVWG21wS6gxE051n8WIUtQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOWgkDRbjecXeKH9k/aEaJ09GK0WMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzUxYTQxNjI0LWI5ODAtNDUyYi1hNmE5LTFmODIzYzgzZjgyYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9EgwDQYJKoZIhvcNAQELBQADggEBAE3McGuT29jJHhmk3PBk
z23w7TcvB12L7drp6mt6XFQxukJDwK6MxnrH32A6pVfkrMrRwhKqB3Giw/zfQUD2
7A/ENfbeB30jjd1eaGnZmei8cLiDGQO8ImlNk41IVXTLnz8KRRePtV0V0+M/iIQK
+DhibunHscHdRT0Lli5DarLC+Ahu0qq/9m+Pj3A12kTY7gZku0yTz/I2QB7604WW
kmHtyyeuB2qE99Hps9zA2z6BEyRAPtSNiOJPka3E6SjPgvPEC59LcwGvjjTGWM24
qDduFNjJi2zvs9t3RzjsZvbIvtDC2DynE0Vl1sk06BCZeZByLxO1r4c4i0jTC7It
Wh4=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:52:23 2025 by rpki-client