Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6bfb7067-919d-4bc0-a24d-bcb253a234d6.roa
File: 6bfb7067-919d-4bc0-a24d-bcb253a234d6.roa (raw, json)
Hash identifier: QjcE1upnrXZhHmne1y8GAvQKwE/JDRL1qsRACXXVHUo=
Subject key identifier: 9F:11:88:89:F6:2F:6B:3A:BC:14:57:DB:B4:28:E3:96:F1:04:4E:F2
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1D4ABF775295D6963E640BF21C050046060ECDF6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6bfb7067-919d-4bc0-a24d-bcb253a234d6.roa
Signing time: Wed 30 Jul 2025 00:30:56 +0000
ROA not before: Wed 30 Jul 2025 00:30:56 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:4020::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Jul 2025 18:08:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:4a:bf:77:52:95:d6:96:3e:64:0b:f2:1c:05:00:46:06:0e:cd:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:30:56 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=f229db378990e52a2ba45f38dc27f276197964f84ec24069453d89c6aa1ca8c6, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:11:ad:f5:78:74:52:45:6a:23:e9:fc:8d:6f:
34:ba:63:c0:6a:86:9d:df:5a:5f:c7:35:4a:51:47:
09:66:19:ab:1b:22:6c:43:a5:2f:e5:a8:5f:e3:74:
ef:d6:71:a0:fd:d7:ec:8d:aa:d8:8f:b2:49:5a:45:
4c:cb:e5:64:b1:bf:f1:01:fd:a8:6d:14:31:37:98:
1e:40:8b:13:f2:94:f3:bb:3c:c4:b3:87:f0:e2:87:
a4:cc:73:da:4b:05:fc:90:a8:54:96:03:28:54:bf:
36:48:b7:8b:87:f0:b1:b9:0a:d9:de:11:d7:85:1a:
55:05:0a:bc:3b:9c:d9:72:9c:b7:d2:c5:48:e1:70:
f8:16:31:28:e1:6f:54:4d:e9:4d:1b:62:4e:c5:4a:
18:f8:f6:f0:3d:35:a1:20:8c:68:34:4d:ca:7d:bc:
d2:fd:c1:8d:74:30:de:71:5e:66:54:5b:ee:29:f7:
e9:ad:26:b7:71:de:9c:45:a5:14:be:3e:7b:fe:dc:
cb:70:80:02:85:58:f8:e4:88:08:f1:7c:13:2e:c3:
42:37:d5:1b:ef:97:cf:f2:e4:06:ef:51:1f:2b:0e:
b5:df:1e:ad:fa:db:12:70:8f:f6:0e:99:00:d6:42:
d3:25:ad:04:b6:2d:83:c9:16:5f:ef:38:4b:62:20:
a8:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:11:88:89:F6:2F:6B:3A:BC:14:57:DB:B4:28:E3:96:F1:04:4E:F2
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6bfb7067-919d-4bc0-a24d-bcb253a234d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:4020::/46
Signature Algorithm: sha256WithRSAEncryption
9a:05:34:0a:8c:30:65:e7:fa:eb:f2:ae:b9:d8:2f:63:fc:30:
51:81:5f:d5:7f:c2:5b:97:ac:f8:68:72:b2:1b:68:60:c0:86:
2f:09:6e:24:2b:d1:c2:fc:65:71:96:25:9a:df:e6:ea:47:b1:
24:98:d3:9f:38:a2:e8:bd:a3:50:46:0d:20:33:35:c7:cc:29:
a7:21:03:d0:36:af:d5:8e:f2:a1:c5:7d:cc:a2:25:e8:a6:ed:
1c:d8:ac:db:9e:96:70:fb:97:d4:c3:66:bf:29:0e:82:a7:c3:
31:c1:80:01:b2:9d:07:ea:da:8b:0e:d5:03:01:03:b3:22:2b:
bc:44:b0:d2:2f:0b:4e:71:ba:03:03:5c:45:fa:a2:0e:93:e5:
1c:e0:56:17:3c:e9:dc:fd:47:40:83:83:8e:f2:c6:6c:8c:3e:
93:6e:ae:7e:c6:5b:66:06:83:16:87:ad:07:bd:75:a7:4c:a4:
10:64:64:9a:32:f0:c9:10:08:4e:97:7a:a7:5c:e6:c1:41:b6:
ea:af:38:b6:d1:97:aa:92:2c:89:8b:12:46:e9:c7:39:e5:1d:
b1:e3:f1:63:ad:52:59:ee:76:b4:0e:f5:7a:0c:7d:5d:aa:f3:
d9:58:a7:56:52:27:bb:fd:59:6a:6a:fc:ad:b4:34:60:87:de:
21:d7:eb:93
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUHUq/d1KV1pY+ZAvyHAUARgYOzfYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMzA1NloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZjIyOWRiMzc4OTkwZTUyYTJiYTQ1
ZjM4ZGMyN2YyNzYxOTc5NjRmODRlYzI0MDY5NDUzZDg5YzZhYTFjYThjNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1xGt9Xh0UkVqI+n8jW80umPAaoad
31pfxzVKUUcJZhmrGyJsQ6Uv5ahf43Tv1nGg/dfsjarYj7JJWkVMy+Vksb/xAf2o
bRQxN5geQIsT8pTzuzzEs4fw4oekzHPaSwX8kKhUlgMoVL82SLeLh/CxuQrZ3hHX
hRpVBQq8O5zZcpy30sVI4XD4FjEo4W9UTelNG2JOxUoY+PbwPTWhIIxoNE3KfbzS
/cGNdDDecV5mVFvuKffprSa3cd6cRaUUvj57/tzLcIAChVj45IgI8XwTLsNCN9Ub
75fP8uQG71EfKw613x6t+tsScI/2DpkA1kLTJa0Eti2DyRZf7zhLYiCoEQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJ8RiIn2L2s6vBRX27Qo45bxBE7yMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzZiZmI3MDY3LTkxOWQtNGJjMC1hMjRkLWJjYjI1M2EyMzRkNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba90AgMA0GCSqGSIb3DQEBCwUAA4IBAQCaBTQKjDBl5/rr8q65
2C9j/DBRgV/Vf8Jbl6z4aHKyG2hgwIYvCW4kK9HC/GVxliWa3+bqR7EkmNOfOKLo
vaNQRg0gMzXHzCmnIQPQNq/VjvKhxX3MoiXopu0c2KzbnpZw+5fUw2a/KQ6Cp8Mx
wYABsp0H6tqLDtUDAQOzIiu8RLDSLwtOcboDA1xF+qIOk+Uc4FYXPOnc/UdAg4OO
8sZsjD6Tbq5+xltmBoMWh60HvXWnTKQQZGSaMvDJEAhOl3qnXObBQbbqrzi20Zeq
kiyJixJG6cc55R2x4/FjrVJZ7na0DvV6DH1dqvPZWKdWUie7/VlqavyttDRgh94h
1+uT
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:58:23 2025 by rpki-client