Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6e02e531-f45f-49be-9529-f33d23fae32e.roa
File: 6e02e531-f45f-49be-9529-f33d23fae32e.roa (raw, json)
Hash identifier: 3EeVBrgFomcx1Q9N0QLZbMQCMWoWiKpOlQHcCXhwNjw=
Subject key identifier: 6C:51:54:FE:B9:37:8C:D1:69:D5:3A:AA:D6:86:99:15:09:42:70:04
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4FD93FC820368B6F3915ED70B5247D6A479C628D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6e02e531-f45f-49be-9529-f33d23fae32e.roa
Signing time: Wed 30 Jul 2025 00:51:17 +0000
ROA not before: Wed 30 Jul 2025 00:51:17 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:80c0::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Jul 2025 18:22:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4f:d9:3f:c8:20:36:8b:6f:39:15:ed:70:b5:24:7d:6a:47:9c:62:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:51:17 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=9196f31074f6dd972021d26b162a78249a379dff607b59b73a46c36638ec203f, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e3:50:b7:a5:52:0c:97:50:31:dc:85:01:8b:
04:c1:89:84:d8:d1:07:43:74:5b:a2:8b:52:54:7d:
32:c8:9a:ad:ff:62:c8:f9:59:65:c0:aa:6a:f0:13:
7e:1d:93:d4:b7:d8:08:f7:38:de:5b:73:c2:ed:ed:
07:d2:05:04:2f:29:89:e6:7a:7e:64:24:9b:ac:89:
01:8b:8a:0a:ae:2e:0c:0b:90:8f:ed:d7:8e:12:81:
df:de:9b:9a:24:47:a6:a2:2d:36:1d:7e:bb:83:9f:
34:56:40:61:b1:4e:1d:3a:3c:9d:00:78:8f:13:e5:
f5:9e:57:52:de:bf:9b:a0:8c:d4:df:71:95:89:6e:
19:f6:c7:41:aa:ca:1f:69:0a:77:9a:ee:7b:1b:e1:
f4:cc:a5:d2:d2:f5:06:f8:ef:36:cd:52:a6:81:72:
ca:d9:a4:de:80:fc:02:96:b4:63:49:47:c7:e6:b2:
e6:20:19:5f:77:10:5e:34:5c:d3:ab:15:fa:fe:ca:
0f:1e:a2:82:a5:8e:22:2c:c1:2d:34:73:cf:63:a1:
57:d7:d4:83:f4:f2:97:7d:8c:6a:9a:10:24:ff:18:
46:d1:fd:a2:d9:2b:06:43:8e:56:d9:b8:54:66:a2:
09:40:40:a2:a6:0b:83:65:14:8b:6c:a5:cc:55:a3:
d9:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:51:54:FE:B9:37:8C:D1:69:D5:3A:AA:D6:86:99:15:09:42:70:04
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/6e02e531-f45f-49be-9529-f33d23fae32e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:80c0::/46
Signature Algorithm: sha256WithRSAEncryption
84:07:78:9e:04:cf:dd:d5:ed:9c:99:44:d4:82:8c:c2:3b:a4:
7f:bc:67:82:2c:3d:ec:55:f6:51:90:bd:9e:56:ce:79:14:c0:
96:6f:8f:c4:9d:74:2d:c0:10:3e:98:fb:44:19:d3:06:8c:c8:
9b:7f:cd:82:0f:85:c6:84:27:a7:7a:bc:b0:b8:49:ae:5f:c2:
ec:5d:69:cc:ec:82:44:c0:e9:f4:e5:b5:29:f1:9e:a4:ff:39:
c9:89:44:46:f8:af:d6:da:4b:fc:d9:95:41:da:1b:73:ca:40:
22:fd:ab:f4:17:a3:95:d8:c2:9d:94:0e:91:be:28:d2:3a:1b:
3d:a3:e7:49:f7:4c:29:71:42:44:e2:8f:9f:4d:26:e5:54:17:
84:83:ad:26:05:d2:b2:d5:97:75:c0:c8:6a:3a:fb:66:5c:8b:
e1:b9:e8:94:dd:22:05:cb:ed:48:7d:73:1e:7a:e5:6d:18:ce:
9a:4c:53:02:f2:5b:e0:75:6a:55:26:87:b0:6c:7d:35:c0:4a:
92:05:e1:3b:d8:47:ac:1f:97:57:22:3a:a4:66:71:94:a5:97:
22:cc:2e:00:de:f5:46:73:37:af:5b:be:84:3d:7f:31:cf:d4:
13:19:85:d4:6b:d0:1c:d0:a0:d5:da:c5:40:9f:c8:26:93:b2:
e5:4c:48:33
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUT9k/yCA2i285Fe1wtSR9akecYo0wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNTExN1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAOTE5NmYzMTA3NGY2ZGQ5NzIwMjFk
MjZiMTYyYTc4MjQ5YTM3OWRmZjYwN2I1OWI3M2E0NmMzNjYzOGVjMjAzZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueNQt6VSDJdQMdyFAYsEwYmE2NEH
Q3RbootSVH0yyJqt/2LI+VllwKpq8BN+HZPUt9gI9zjeW3PC7e0H0gUELymJ5np+
ZCSbrIkBi4oKri4MC5CP7deOEoHf3puaJEemoi02HX67g580VkBhsU4dOjydAHiP
E+X1nldS3r+boIzU33GViW4Z9sdBqsofaQp3mu57G+H0zKXS0vUG+O82zVKmgXLK
2aTegPwClrRjSUfH5rLmIBlfdxBeNFzTqxX6/soPHqKCpY4iLMEtNHPPY6FX19SD
9PKXfYxqmhAk/xhG0f2i2SsGQ45W2bhUZqIJQECipguDZRSLbKXMVaPZ0QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGxRVP65N4zRadU6qtaGmRUJQnAEMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzZlMDJlNTMxLWY0NWYtNDliZS05NTI5LWYzM2QyM2ZhZTMyZS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba94DAMA0GCSqGSIb3DQEBCwUAA4IBAQCEB3ieBM/d1e2cmUTU
gozCO6R/vGeCLD3sVfZRkL2eVs55FMCWb4/EnXQtwBA+mPtEGdMGjMibf82CD4XG
hCenerywuEmuX8LsXWnM7IJEwOn05bUp8Z6k/znJiURG+K/W2kv82ZVB2htzykAi
/av0F6OV2MKdlA6RvijSOhs9o+dJ90wpcUJE4o+fTSblVBeEg60mBdKy1Zd1wMhq
OvtmXIvhueiU3SIFy+1IfXMeeuVtGM6aTFMC8lvgdWpVJoewbH01wEqSBeE72Ees
H5dXIjqkZnGUpZcizC4A3vVGczevW76EPX8xz9QTGYXUa9Ac0KDV2sVAn8gmk7Ll
TEgz
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:58:28 2025 by rpki-client