Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/550b1aee-a231-4dc7-be8b-ddacfddffd19.roa
File: 550b1aee-a231-4dc7-be8b-ddacfddffd19.roa (raw, json)
Hash identifier: dVWbtxb8kN8vRmKANIWNoI3xH1rpcYR7iSfumbK7D88=
Subject key identifier: A9:56:CA:00:9C:67:87:23:32:FE:BD:8A:DC:5F:E1:88:46:9E:58:11
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 060F88B6A68B02EDCEBC68FFE5BDC40291F19D55
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/550b1aee-a231-4dc7-be8b-ddacfddffd19.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:9000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 16:30:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
06:0f:88:b6:a6:8b:02:ed:ce:bc:68:ff:e5:bd:c4:02:91:f1:9d:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:76:7d:8c:c9:b2:9b:2a:3b:62:60:6e:c8:1f:
05:4d:65:1b:94:f8:f0:8b:0f:5f:ed:b8:94:bd:a9:
6e:5a:68:15:1e:80:8f:4d:1e:8f:65:ac:36:18:0d:
50:c1:8f:fc:f7:ae:4a:57:b5:75:95:5d:5f:f4:82:
24:7b:33:a5:d0:16:a0:82:24:1c:84:38:a9:dc:f4:
4a:24:c9:3d:20:6c:4e:bc:91:00:01:fc:fa:18:3f:
91:96:fb:fc:3a:ca:fb:ad:43:0d:c0:90:26:9c:60:
4e:f8:5d:08:0f:25:f1:ba:38:7b:b9:27:fd:de:9b:
a7:dc:36:d1:64:54:99:51:f0:3c:de:b4:e4:10:83:
87:60:22:bc:4e:01:e2:3b:8e:74:2e:6a:63:6f:d2:
b2:70:0e:58:86:28:ca:be:23:68:0a:74:eb:2f:1a:
d4:4b:6c:89:4b:45:59:a7:b1:7e:c7:ca:a3:f2:5f:
5f:a1:0f:eb:74:23:1b:ac:ed:0a:ca:88:73:e6:7e:
10:66:fe:73:d3:39:ff:c9:7b:39:b2:39:16:59:e4:
fd:21:47:0b:ec:3f:89:ba:a4:67:34:ab:db:e2:02:
3e:43:fd:66:d2:9a:d2:76:62:78:a8:91:40:6b:f6:
14:e7:3d:8c:9a:2b:53:74:f0:5b:0d:a8:86:8f:78:
6d:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A9:56:CA:00:9C:67:87:23:32:FE:BD:8A:DC:5F:E1:88:46:9E:58:11
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/550b1aee-a231-4dc7-be8b-ddacfddffd19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:9000::/40
Signature Algorithm: sha256WithRSAEncryption
59:8e:79:f2:62:f5:c0:5e:43:ec:a4:93:1d:ce:54:24:f3:0e:
b6:d8:82:93:c0:c7:ca:5d:c9:7c:ec:0a:bd:69:36:0e:7c:99:
20:9f:89:34:65:b5:84:e0:b4:a0:7d:20:20:c5:ef:b1:86:86:
a0:cb:99:a3:a9:4c:1c:20:99:87:56:3c:3e:98:6e:1b:b4:15:
8b:ce:31:70:d9:44:03:69:68:4c:11:4e:41:cf:32:37:92:47:
ef:1a:a5:c9:0e:86:4a:69:b3:51:f4:18:ed:91:5c:1d:f6:f1:
40:e9:dd:07:fc:e4:73:a9:f8:ed:75:b5:e6:29:a1:bd:cb:ec:
6e:42:ba:ed:b6:b4:fe:ce:a9:ea:70:90:9a:e7:68:8f:a6:92:
17:1b:be:23:ae:47:c8:8a:54:cf:f5:9a:ff:aa:21:aa:e3:c8:
73:d5:ba:46:30:df:2c:19:0c:8f:97:ac:32:ee:4e:e8:c5:5b:
4d:05:d4:98:4f:52:f0:4f:ed:81:74:65:20:c7:ef:8a:f5:cf:
12:93:bc:5a:9f:4c:e7:fd:d3:60:36:b3:f7:fa:92:3e:58:15:
74:d9:bd:bc:b8:aa:55:19:10:ed:4f:4d:f5:79:9e:e9:4d:c7:
95:47:0a:a2:76:cc:be:57:46:19:b8:70:96:c6:2b:e9:61:3d:
b5:b9:e1:f7
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUBg+ItqaLAu3OvGj/5b3EApHxnVUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMGUzZTgxNmM2ZjNkMDZhZjVjYTcz
OTdlNDRmODE2MDcyNWJkYjBkZTYwYjYxNDhhZDJiM2MzNDZhY2YyYmI5YjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj3Z9jMmymyo7YmBuyB8FTWUblPjw
iw9f7biUvaluWmgVHoCPTR6PZaw2GA1QwY/8965KV7V1lV1f9IIkezOl0BaggiQc
hDip3PRKJMk9IGxOvJEAAfz6GD+Rlvv8Osr7rUMNwJAmnGBO+F0IDyXxujh7uSf9
3pun3DbRZFSZUfA83rTkEIOHYCK8TgHiO450Lmpjb9KycA5YhijKviNoCnTrLxrU
S2yJS0VZp7F+x8qj8l9foQ/rdCMbrO0Kyohz5n4QZv5z0zn/yXs5sjkWWeT9IUcL
7D+JuqRnNKvb4gI+Q/1m0prSdmJ4qJFAa/YU5z2MmitTdPBbDaiGj3htgwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKlWygCcZ4cjMv69itxf4YhGnlgRMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzU1MGIxYWVlLWEyMzEtNGRjNy1iZThiLWRkYWNmZGRmZmQxOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaAJAwDQYJKoZIhvcNAQELBQADggEBAFmOefJi9cBeQ+ykkx3O
VCTzDrbYgpPAx8pdyXzsCr1pNg58mSCfiTRltYTgtKB9ICDF77GGhqDLmaOpTBwg
mYdWPD6Ybhu0FYvOMXDZRANpaEwRTkHPMjeSR+8apckOhkpps1H0GO2RXB328UDp
3Qf85HOp+O11teYpob3L7G5Cuu22tP7OqepwkJrnaI+mkhcbviOuR8iKVM/1mv+q
IarjyHPVukYw3ywZDI+XrDLuTujFW00F1JhPUvBP7YF0ZSDH74r1zxKTvFqfTOf9
02A2s/f6kj5YFXTZvby4qlUZEO1PTfV5nulNx5VHCqJ2zL5XRhm4cJbGK+lhPbW5
4fc=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:03:59 2025 by rpki-client