Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/644598e2-5a1d-4374-9e6e-4cad0606e0a8.roa
File: 644598e2-5a1d-4374-9e6e-4cad0606e0a8.roa (raw, json)
Hash identifier: kHg10aAsSzREPiGLCjbD+I7ycE+UD8XmsixXuL+O2SE=
Subject key identifier: DE:A5:18:E2:83:51:6F:63:7C:71:74:F9:1A:A7:CF:66:92:EA:6C:F2
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2C69FD7A6119E96B087A3A46B36E2562FC4F82A4
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/644598e2-5a1d-4374-9e6e-4cad0606e0a8.roa
Signing time: Fri 16 May 2025 15:31:24 +0000
ROA not before: Fri 16 May 2025 15:31:24 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab9:9000::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 May 2025 00:52:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2c:69:fd:7a:61:19:e9:6b:08:7a:3a:46:b3:6e:25:62:fc:4f:82:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: May 16 15:31:24 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=b7818cc723a7bae2d31e07355b92588fee2de7d895eab799d0401d4c74085b85, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:93:30:25:d5:4d:f5:35:80:b4:60:fe:54:ae:
f5:2b:f8:89:bb:5d:15:88:89:d1:f5:70:a1:63:1c:
d1:c7:82:f2:21:79:d1:78:d5:97:67:4b:91:49:c4:
98:c5:b2:4e:a8:88:2e:eb:07:12:e9:22:75:6f:7c:
a3:b2:9f:01:98:54:be:51:29:39:0b:7e:83:99:c3:
8b:2b:51:7c:d2:ca:29:2b:e8:1a:25:ea:9a:13:f4:
4c:a9:45:96:da:1a:65:32:c4:57:4b:6b:f5:d1:45:
1d:55:5d:a2:65:d9:8e:81:3a:8e:f8:03:ef:e4:c3:
53:03:42:8f:b7:6c:22:34:80:b1:4d:c3:54:4d:68:
51:3a:cb:c2:83:da:c8:a0:bc:83:48:fb:71:27:e8:
62:8e:bc:96:69:a8:dc:bd:5a:c9:00:de:70:f4:3d:
ad:2f:ed:13:19:3d:95:2a:08:da:bb:ac:8b:2a:a3:
21:54:4d:b1:96:4a:68:33:43:73:43:a9:28:f4:38:
f9:cc:a4:7e:ea:b5:3e:38:59:8e:4e:2b:50:d2:ed:
be:00:69:80:06:12:36:91:35:a7:e4:4f:10:fb:6d:
a0:6c:9d:d0:5c:f4:18:c1:a6:1b:fc:3f:56:21:c7:
08:49:17:e3:b6:12:7b:1a:f4:cb:c1:77:ed:d1:d6:
c4:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:A5:18:E2:83:51:6F:63:7C:71:74:F9:1A:A7:CF:66:92:EA:6C:F2
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/644598e2-5a1d-4374-9e6e-4cad0606e0a8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab9:9000::/40
Signature Algorithm: sha256WithRSAEncryption
1e:b3:b5:c4:1f:a7:d1:a1:e6:9e:bd:6c:a6:3b:ce:e1:fd:1b:
a1:57:d2:ad:29:31:b1:69:d2:15:39:31:51:ee:a9:37:62:5d:
b7:93:29:b7:2a:98:75:c4:d6:c9:5c:1c:35:bd:6a:de:7f:27:
fa:48:f9:44:4e:86:ed:b0:43:f7:10:1c:bc:09:97:d4:96:8d:
4f:4c:7a:68:62:e7:4f:0e:30:4f:25:c2:93:74:16:83:f4:52:
1f:28:80:2c:03:d3:01:72:bd:51:60:2e:68:31:18:09:31:c3:
f8:1b:e5:94:22:8b:27:11:0d:17:e3:68:61:4f:c6:e7:f4:5e:
3b:2e:b5:05:42:cf:2f:55:0a:c4:65:04:11:c9:1d:3c:f8:30:
44:74:b4:78:6d:a2:33:0c:31:3b:47:70:cc:83:39:36:f6:f7:
89:17:1b:5f:72:aa:97:e4:e2:10:4e:ee:0a:88:7f:58:34:4e:
0a:83:21:bc:3b:86:15:4d:b8:d3:c9:1d:4e:81:95:19:b8:e7:
9c:b5:47:9d:27:aa:fe:73:9e:cb:24:ce:b9:aa:a9:dd:4c:90:
c7:88:6b:f9:1b:1e:fa:9f:b8:77:33:5e:3a:d4:7a:8e:09:45:
98:3c:c0:a8:e9:09:34:66:c4:14:85:27:d2:fb:a2:47:37:f9:
ae:38:90:b5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIULGn9emEZ6WsIejpGs24lYvxPgqQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxNjE1MzEyNFoX
DTI1MDYyMDIzNTk1OVowejFJMEcGA1UEBRNAYjc4MThjYzcyM2E3YmFlMmQzMWUw
NzM1NWI5MjU4OGZlZTJkZTdkODk1ZWFiNzk5ZDA0MDFkNGM3NDA4NWI4NTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqpMwJdVN9TWAtGD+VK71K/iJu10V
iInR9XChYxzRx4LyIXnReNWXZ0uRScSYxbJOqIgu6wcS6SJ1b3yjsp8BmFS+USk5
C36DmcOLK1F80sopK+gaJeqaE/RMqUWW2hplMsRXS2v10UUdVV2iZdmOgTqO+APv
5MNTA0KPt2wiNICxTcNUTWhROsvCg9rIoLyDSPtxJ+hijryWaajcvVrJAN5w9D2t
L+0TGT2VKgjau6yLKqMhVE2xlkpoM0NzQ6ko9Dj5zKR+6rU+OFmOTitQ0u2+AGmA
BhI2kTWn5E8Q+22gbJ3QXPQYwaYb/D9WIccISRfjthJ7GvTLwXft0dbEHQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFN6lGOKDUW9jfHF0+Rqnz2aS6mzyMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzY0NDU5OGUyLTVhMWQtNDM3NC05ZTZlLTRjYWQwNjA2ZTBhOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbauZAwDQYJKoZIhvcNAQELBQADggEBAB6ztcQfp9Gh5p69bKY7
zuH9G6FX0q0pMbFp0hU5MVHuqTdiXbeTKbcqmHXE1slcHDW9at5/J/pI+UROhu2w
Q/cQHLwJl9SWjU9Memhi508OME8lwpN0FoP0Uh8ogCwD0wFyvVFgLmgxGAkxw/gb
5ZQiiycRDRfjaGFPxuf0XjsutQVCzy9VCsRlBBHJHTz4MER0tHhtojMMMTtHcMyD
OTb294kXG19yqpfk4hBO7gqIf1g0TgqDIbw7hhVNuNPJHU6BlRm455y1R50nqv5z
nsskzrmqqd1MkMeIa/kbHvqfuHczXjrUeo4JRZg8wKjpCTRmxBSFJ9L7okc3+a44
kLU=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:35:41 2025 by rpki-client