Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/640f656b-d9be-4a61-baa0-b98d20cb0649.roa
File: 640f656b-d9be-4a61-baa0-b98d20cb0649.roa (raw, json)
Hash identifier: smfXjtnaPPd4v2yymkYeMjbuEhssh6yJVNVidepRfHo=
Subject key identifier: 9F:5E:92:47:63:53:7F:AD:88:FB:D6:D3:A3:11:34:E8:5C:80:9E:1C
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1B6DBBD901F10D4A39FC671EA51DD6DFC97AF778
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/640f656b-d9be-4a61-baa0-b98d20cb0649.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da38:4000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1b:6d:bb:d9:01:f1:0d:4a:39:fc:67:1e:a5:1d:d6:df:c9:7a:f7:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:2f:fa:68:83:e0:c0:a9:18:00:d4:6b:e1:3b:
6c:12:ca:e1:c9:52:d4:09:b7:0d:e5:02:a5:fb:84:
2d:d1:40:e1:e4:df:7d:85:f4:19:39:a3:56:6a:d8:
a1:4d:c5:52:0f:4b:70:13:27:8e:cf:ca:5f:6e:ec:
9a:1f:58:0d:47:4d:f0:63:8c:08:ce:fd:3b:ea:6d:
43:32:1d:e0:c5:21:1d:e7:32:10:93:ea:78:47:a7:
e8:cd:1b:29:fa:5f:a8:8e:60:59:50:aa:b5:52:19:
03:49:c1:83:55:a2:cd:67:1e:9e:86:7f:9a:3e:5b:
52:a1:de:d6:fc:df:23:22:45:9c:f1:e8:30:68:2f:
b0:67:00:aa:f6:f8:c7:3c:ee:3c:f8:85:e6:57:14:
d9:b7:af:0f:cb:02:8b:43:88:cb:16:89:e4:d8:95:
23:d9:b7:38:19:39:10:d0:60:74:ab:27:3d:ae:17:
80:07:67:2b:ca:bb:3b:19:23:6b:4a:3d:18:ce:59:
b4:57:bc:7e:3c:13:9e:2c:91:33:ba:6a:7d:ae:96:
c0:c2:0a:bd:bf:c1:ea:dc:91:9b:54:16:a9:16:49:
fa:39:d6:58:06:46:b5:95:7b:22:7b:8d:19:35:6e:
f9:d0:00:11:88:27:60:ff:06:7d:b1:a7:9b:5b:4b:
f5:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:5E:92:47:63:53:7F:AD:88:FB:D6:D3:A3:11:34:E8:5C:80:9E:1C
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/640f656b-d9be-4a61-baa0-b98d20cb0649.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da38:4000::/40
Signature Algorithm: sha256WithRSAEncryption
65:0b:92:53:63:95:0f:42:9b:a1:34:fe:c3:9a:94:16:17:83:
ee:d3:45:f4:3a:71:49:c8:0f:24:92:41:50:3f:17:a9:e9:95:
7e:c9:36:56:ea:12:65:e8:68:ae:99:ce:c8:2a:78:4b:ce:21:
67:8d:f9:fb:fd:bd:db:39:5d:12:ed:29:32:43:1d:8d:15:b2:
29:02:3a:34:e2:6c:b5:ed:65:cc:8f:54:b7:20:e1:76:e3:3d:
ad:54:b8:13:06:8e:1c:13:a0:87:ac:cf:c2:b3:4c:91:07:d7:
c7:10:80:12:26:e8:c9:a3:af:8a:b8:95:e4:2c:1e:7c:8b:94:
15:07:4c:03:82:6d:9f:60:e8:9e:a6:7d:e3:9f:e8:76:63:87:
1d:cf:2e:7e:da:b4:bd:47:a3:d5:91:b8:0f:ba:a1:82:47:a8:
70:3d:ce:46:91:27:4e:f2:35:f2:09:45:80:ac:f0:0b:2d:2c:
6a:10:dd:2e:47:0a:dc:1a:59:c9:e8:4e:bb:ad:5f:ce:84:10:
45:0d:df:9d:2d:68:a2:c8:56:3b:d2:90:f4:67:25:25:f0:96:
8a:54:26:78:e1:f8:6f:71:d6:03:0b:56:03:61:d7:56:0b:e0:
f1:f8:51:3a:ab:6d:c0:51:97:63:ca:97:49:c9:9b:57:aa:31:
25:a0:04:66
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUG2272QHxDUo5/GcepR3W38l693gwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZTg1ODVhMTU3MWE4NmUyNDMyYTYz
NDA3NDIxNGRhYWYzOGZlZmY5NDJiNmRkYzUwZTYzMTMxYmVlZGMxOTczMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuS/6aIPgwKkYANRr4TtsEsrhyVLU
CbcN5QKl+4Qt0UDh5N99hfQZOaNWatihTcVSD0twEyeOz8pfbuyaH1gNR03wY4wI
zv076m1DMh3gxSEd5zIQk+p4R6fozRsp+l+ojmBZUKq1UhkDScGDVaLNZx6ehn+a
PltSod7W/N8jIkWc8egwaC+wZwCq9vjHPO48+IXmVxTZt68PywKLQ4jLFonk2JUj
2bc4GTkQ0GB0qyc9rheAB2cryrs7GSNrSj0Yzlm0V7x+PBOeLJEzump9rpbAwgq9
v8Hq3JGbVBapFkn6OdZYBka1lXsie40ZNW750AARiCdg/wZ9saebW0v1BwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJ9ekkdjU3+tiPvW06MRNOhcgJ4cMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzY0MGY2NTZiLWQ5YmUtNGE2MS1iYWEwLWI5OGQyMGNiMDY0OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOEAwDQYJKoZIhvcNAQELBQADggEBAGULklNjlQ9Cm6E0/sOa
lBYXg+7TRfQ6cUnIDySSQVA/F6nplX7JNlbqEmXoaK6ZzsgqeEvOIWeN+fv9vds5
XRLtKTJDHY0VsikCOjTibLXtZcyPVLcg4XbjPa1UuBMGjhwToIesz8KzTJEH18cQ
gBIm6Mmjr4q4leQsHnyLlBUHTAOCbZ9g6J6mfeOf6HZjhx3PLn7atL1Ho9WRuA+6
oYJHqHA9zkaRJ07yNfIJRYCs8AstLGoQ3S5HCtwaWcnoTrutX86EEEUN350taKLI
VjvSkPRnJSXwlopUJnjh+G9x1gMLVgNh11YL4PH4UTqrbcBRl2PKl0nJm1eqMSWg
BGY=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:54:49 2025 by rpki-client