Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b86e4fe-b34b-45ab-8ce2-590368c9acfc.roa
File: 6b86e4fe-b34b-45ab-8ce2-590368c9acfc.roa (raw, json)
Hash identifier: 9wnnVo5tJpC0/QSiYZ4Pm6zVKWUUF43cAQ1n+02zBx4=
Subject key identifier: 03:F9:EC:8B:06:AA:17:0F:32:43:39:E6:A2:EB:FA:20:AA:EE:9E:B0
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 33063A120BD31C99F9FADE9207B3C63ACA6C06E9
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b86e4fe-b34b-45ab-8ce2-590368c9acfc.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:f000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 16:00:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
33:06:3a:12:0b:d3:1c:99:f9:fa:de:92:07:b3:c6:3a:ca:6c:06:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:86:ca:86:b6:5e:a5:3e:f5:cd:03:e2:3d:15:77:
f9:34:ed:db:6a:fa:15:f9:f0:11:51:65:75:a4:0e:
84:dc:4c:3d:e0:d8:4c:3e:16:4b:92:67:fe:c1:ac:
80:3e:48:20:a1:d7:c4:f6:86:81:a1:3c:f8:12:72:
0c:c5:4b:d4:e7:02:83:94:44:80:99:d7:90:e6:70:
b7:93:39:5a:47:60:28:d5:d6:cb:a8:28:b2:b0:3b:
d6:d4:b5:94:f4:54:62:48:55:61:a0:04:58:6c:7d:
c7:67:a7:de:ee:73:e2:ee:76:3c:7f:49:d8:e1:b3:
0b:d5:8b:f0:ba:9f:88:56:59:01:af:7a:77:3d:7e:
2d:d9:ac:f9:09:e8:84:1b:22:2a:3e:fb:a4:9c:d4:
f5:f8:8a:e6:7f:99:9e:2f:4b:28:2e:f9:49:26:3f:
b1:1c:37:f6:2d:d3:03:c1:45:7c:31:80:6d:04:35:
6a:ec:90:23:41:b3:cf:c7:f1:ce:81:30:5b:6e:f3:
3d:ce:10:5d:1d:04:61:73:ca:1e:2c:bb:ea:eb:4c:
35:d2:48:ca:a1:1f:50:d7:08:dc:f1:55:e1:af:19:
92:5c:50:96:c7:dc:34:69:6d:35:92:db:85:13:41:
40:84:5a:89:03:96:76:fb:c1:d1:19:63:67:26:c0:
03:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:F9:EC:8B:06:AA:17:0F:32:43:39:E6:A2:EB:FA:20:AA:EE:9E:B0
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6b86e4fe-b34b-45ab-8ce2-590368c9acfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:f000::/40
Signature Algorithm: sha256WithRSAEncryption
68:d2:68:5d:ab:47:1d:7a:c3:6b:b2:01:f6:97:e6:7d:6c:73:
cf:22:98:89:04:af:45:fa:29:5c:e5:df:20:7e:9b:7e:95:30:
13:6a:11:cf:a1:e7:ed:f0:1a:e0:d0:98:21:36:32:ca:c8:03:
75:47:08:e3:a0:e2:3e:37:6d:4d:80:80:33:8e:8d:03:35:d0:
4d:ae:04:38:07:13:47:de:88:ba:5e:31:df:e4:ce:3c:53:3c:
58:69:d0:eb:8c:c8:f1:16:fb:40:95:95:d7:17:a5:28:bb:aa:
11:4f:d9:78:7c:05:05:5c:8f:1b:20:6e:5a:f5:31:54:08:45:
57:b0:e9:69:e5:78:ff:4d:86:44:71:02:2c:17:ce:d7:64:fe:
b0:11:a0:69:d9:70:e4:0b:47:c8:0c:f2:14:80:49:41:14:4a:
d2:d5:67:92:02:32:86:b6:f1:d0:fd:87:d5:b4:fe:ee:05:32:
a7:03:36:00:76:cc:db:d1:52:a8:58:58:d3:84:0d:1b:4a:59:
6d:f3:50:ab:7c:b7:16:08:d0:85:71:3e:b7:c9:86:63:ae:45:
9c:7a:57:15:2c:eb:5e:53:50:89:e4:d2:7c:cc:98:fb:06:0f:
ed:6c:ce:c4:7a:a1:94:65:7c:e7:67:3e:bb:49:a1:5f:4b:9a:
ce:44:77:9d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUMwY6EgvTHJn5+t6SB7PGOspsBukwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZTQwYjA4OGQ3N2E2ZjM4MWJkOTg0
MjVkYmQ1NTBhNTMxOTE1MTQ5NDNlODRmN2ViMWU2Njc3ZTRmZWE0M2E5OTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhsqGtl6lPvXNA+I9FXf5NO3bavoV
+fARUWV1pA6E3Ew94NhMPhZLkmf+wayAPkggodfE9oaBoTz4EnIMxUvU5wKDlESA
mdeQ5nC3kzlaR2Ao1dbLqCiysDvW1LWU9FRiSFVhoARYbH3HZ6fe7nPi7nY8f0nY
4bML1Yvwup+IVlkBr3p3PX4t2az5CeiEGyIqPvuknNT1+Irmf5meL0soLvlJJj+x
HDf2LdMDwUV8MYBtBDVq7JAjQbPPx/HOgTBbbvM9zhBdHQRhc8oeLLvq60w10kjK
oR9Q1wjc8VXhrxmSXFCWx9w0aW01ktuFE0FAhFqJA5Z2+8HRGWNnJsADxwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAP57IsGqhcPMkM55qLr+iCq7p6wMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzZiODZlNGZlLWIzNGItNDVhYi04Y2UyLTU5MDM2OGM5YWNmYy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba//AwDQYJKoZIhvcNAQELBQADggEBAGjSaF2rRx16w2uyAfaX
5n1sc88imIkEr0X6KVzl3yB+m36VMBNqEc+h5+3wGuDQmCE2MsrIA3VHCOOg4j43
bU2AgDOOjQM10E2uBDgHE0feiLpeMd/kzjxTPFhp0OuMyPEW+0CVldcXpSi7qhFP
2Xh8BQVcjxsgblr1MVQIRVew6WnleP9NhkRxAiwXztdk/rARoGnZcOQLR8gM8hSA
SUEUStLVZ5ICMoa28dD9h9W0/u4FMqcDNgB2zNvRUqhYWNOEDRtKWW3zUKt8txYI
0IVxPrfJhmOuRZx6VxUs615TUInk0nzMmPsGD+1szsR6oZRlfOdnPrtJoV9Lms5E
d50=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:51:47 2025 by rpki-client