Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57e5a746-78cb-4122-b964-f449ba6f6e5f.roa
File: 57e5a746-78cb-4122-b964-f449ba6f6e5f.roa (raw, json)
Hash identifier: omsnRxBkU4YQyoH86SjYuE8iDCHXuDjNT7p5MXn86rM=
Subject key identifier: 5B:5E:39:C0:13:B0:E7:B9:FC:36:21:5E:A7:AF:C1:D8:3C:9A:38:26
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6583BD2B198E22379BE94BE26CAF2E6A2158AEA0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57e5a746-78cb-4122-b964-f449ba6f6e5f.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da38:a000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:10:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
65:83:bd:2b:19:8e:22:37:9b:e9:4b:e2:6c:af:2e:6a:21:58:ae:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:22:b3:48:73:b3:98:e9:2d:25:e7:1e:28:b3:
e3:1f:dc:49:06:d8:93:db:37:ba:53:50:87:d1:d0:
01:6d:6c:b7:ad:c2:21:d1:17:80:4a:5f:37:2c:81:
6e:68:13:33:9e:94:46:89:41:2f:c7:21:21:1b:d2:
ce:be:e1:63:05:5f:dd:75:df:89:85:b2:af:3e:79:
e9:24:92:bb:35:7f:22:43:a1:59:25:cc:cb:ce:40:
a4:17:ee:52:43:64:a2:71:43:67:2a:1b:ba:22:01:
22:92:67:f0:3b:c3:83:a8:97:9d:64:45:3f:43:30:
04:b6:75:91:f7:ed:6a:7e:8b:72:20:54:a8:82:c7:
af:ac:60:b9:a0:1e:cd:39:58:2b:0e:d9:cb:f0:80:
9b:02:e6:03:43:20:d8:d0:37:3e:ec:eb:79:9a:31:
db:32:3a:fb:37:58:87:a1:97:58:52:4e:4e:00:c2:
27:6c:58:02:3f:e2:e9:5f:5c:13:72:e6:15:94:f9:
fe:67:da:35:ee:63:a1:5d:2d:d8:93:81:a3:9a:e9:
8f:43:9a:87:1c:c1:83:94:b1:ca:47:22:0b:c3:ee:
50:73:49:2d:9e:e0:fb:70:80:79:42:de:53:26:d9:
3d:91:f7:96:a5:98:ef:79:57:da:e5:24:0a:06:d6:
97:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:5E:39:C0:13:B0:E7:B9:FC:36:21:5E:A7:AF:C1:D8:3C:9A:38:26
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/57e5a746-78cb-4122-b964-f449ba6f6e5f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da38:a000::/40
Signature Algorithm: sha256WithRSAEncryption
4a:c0:d9:1c:09:b7:ad:6e:ed:13:11:98:35:33:f9:c2:95:ff:
f3:6f:e3:67:a6:3c:d8:15:68:00:3f:28:2b:70:64:9f:64:50:
36:85:b0:72:49:1c:c8:b2:c9:87:7d:11:ae:a1:08:f8:ec:08:
39:c4:95:1d:e4:d6:22:7e:02:a6:b6:ae:ff:81:a2:f6:68:34:
96:b3:7b:c4:c8:54:4f:67:d2:a9:0b:66:ae:5e:90:9c:f9:fc:
c2:9f:db:de:e9:7a:8a:06:d2:ba:f3:78:ad:35:e1:90:58:68:
40:cd:05:7c:82:7c:46:74:84:f0:70:b6:8d:17:62:e0:58:16:
b9:52:9a:7b:6e:e0:7b:22:ce:27:42:47:19:e2:ca:5c:3c:fa:
57:31:94:36:a9:ad:70:0f:6f:13:e0:f2:0e:d5:64:f6:d5:23:
aa:76:8f:c4:0c:60:1a:74:6b:7a:58:01:28:70:b6:38:ec:32:
2c:09:f3:ac:9b:30:4f:57:8c:bc:7b:dd:59:95:50:08:a2:9e:
1b:58:c2:58:99:bc:fd:db:5c:e9:78:a1:b4:04:8b:53:29:97:
fc:cd:50:7f:a9:f4:03:6b:05:cf:39:60:04:73:c4:1d:49:1c:
dd:8b:4a:9f:04:bb:3b:4c:ba:80:f8:aa:6c:a9:f6:ab:ed:24:
90:e5:33:22
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUZYO9KxmOIjeb6UvibK8uaiFYrqAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZDBmYWFlZWVmNjM0ODIzMmMyMzY1
ODY1MDYwMmY4YmY4OTA3ZmIxNzVlYWEwYjQ2OTRkOGM4NTI4M2ViMWQyNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2SKzSHOzmOktJeceKLPjH9xJBtiT
2ze6U1CH0dABbWy3rcIh0ReASl83LIFuaBMznpRGiUEvxyEhG9LOvuFjBV/ddd+J
hbKvPnnpJJK7NX8iQ6FZJczLzkCkF+5SQ2SicUNnKhu6IgEikmfwO8ODqJedZEU/
QzAEtnWR9+1qfotyIFSogsevrGC5oB7NOVgrDtnL8ICbAuYDQyDY0Dc+7Ot5mjHb
Mjr7N1iHoZdYUk5OAMInbFgCP+LpX1wTcuYVlPn+Z9o17mOhXS3Yk4GjmumPQ5qH
HMGDlLHKRyILw+5Qc0ktnuD7cIB5Qt5TJtk9kfeWpZjveVfa5SQKBtaXKQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFteOcATsOe5/DYhXqevwdg8mjgmMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzU3ZTVhNzQ2LTc4Y2ItNDEyMi1iOTY0LWY0NDliYTZmNmU1Zi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOKAwDQYJKoZIhvcNAQELBQADggEBAErA2RwJt61u7RMRmDUz
+cKV//Nv42emPNgVaAA/KCtwZJ9kUDaFsHJJHMiyyYd9Ea6hCPjsCDnElR3k1iJ+
Aqa2rv+BovZoNJaze8TIVE9n0qkLZq5ekJz5/MKf297peooG0rrzeK014ZBYaEDN
BXyCfEZ0hPBwto0XYuBYFrlSmntu4HsizidCRxniylw8+lcxlDaprXAPbxPg8g7V
ZPbVI6p2j8QMYBp0a3pYAShwtjjsMiwJ86ybME9XjLx73VmVUAiinhtYwliZvP3b
XOl4obQEi1Mpl/zNUH+p9ANrBc85YARzxB1JHN2LSp8EuztMuoD4qmyp9qvtJJDl
MyI=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:54:03 2025 by rpki-client