Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78dbe2c4-99f7-4127-860b-674617546e1b.roa
File: 78dbe2c4-99f7-4127-860b-674617546e1b.roa (raw, json)
Hash identifier: iUkX8yJtW/osQYUXJSCDQ6F+uUlMrGIgTznD4OLG84Q=
Subject key identifier: 0C:7A:76:22:DB:8B:16:C2:0B:5D:FE:8D:32:7B:9A:D6:3D:75:C0:31
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 71917FC0888B76BF892671E23F39F50B2FB92697
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78dbe2c4-99f7-4127-860b-674617546e1b.roa
Signing time: Thu 22 May 2025 00:38:19 +0000
ROA not before: Thu 22 May 2025 00:38:19 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab9:4840::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 19:38:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
71:91:7f:c0:88:8b:76:bf:89:26:71:e2:3f:39:f5:0b:2f:b9:26:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: May 22 00:38:19 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=f1142659ec73d3b5b01463ad86faadff8c8a9d43595f77ac72ba002ac7419109, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:4b:c7:b0:ad:02:de:0f:33:db:1e:41:99:ff:
09:d3:a7:2a:9f:17:c8:cf:ac:a9:36:6d:78:ab:5f:
55:c4:f6:4c:87:17:56:c2:c2:60:d7:d1:f3:7a:3d:
20:f0:44:6a:e8:bc:a0:60:fd:2f:25:52:06:b3:a5:
20:df:a2:e6:4c:da:3f:4c:36:cc:eb:f5:bf:64:0b:
01:48:5f:4d:27:81:75:df:1a:b1:f9:26:cf:ef:fa:
5a:5b:c2:19:6d:79:4e:4d:73:c1:ac:2e:6b:5f:ac:
b9:2d:a7:af:2c:64:7f:0d:91:30:3b:cd:2d:ce:c1:
fc:d6:d7:fa:ba:53:a9:89:e0:35:e6:7c:83:ec:6c:
0c:c8:88:5b:57:e5:73:32:ca:ee:c5:07:2a:0a:e3:
f4:26:a3:17:95:f1:ff:6c:3e:e4:45:9a:92:a0:b1:
34:0c:10:1b:ed:07:19:38:38:1e:34:0b:19:f3:96:
8e:0f:5c:64:5c:23:3d:56:cd:9a:b2:43:88:a1:73:
70:01:2a:89:34:40:96:a4:64:47:58:8c:6c:8e:e8:
de:d7:02:09:4a:b4:03:02:e7:5b:aa:61:96:68:53:
e8:ae:d0:9e:73:c8:69:af:bc:bb:7a:04:89:72:88:
50:d1:c0:28:aa:e7:d5:d6:d6:5a:f0:95:6f:7d:51:
fa:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:7A:76:22:DB:8B:16:C2:0B:5D:FE:8D:32:7B:9A:D6:3D:75:C0:31
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/78dbe2c4-99f7-4127-860b-674617546e1b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab9:4840::/48
Signature Algorithm: sha256WithRSAEncryption
3d:b7:9d:6f:5d:d1:c7:80:46:94:8c:94:d0:a2:bf:c1:ad:2e:
23:1c:3c:60:ce:72:c0:e9:56:60:20:d5:92:f3:0c:f3:68:df:
f7:94:5c:e6:da:8f:f9:2e:d3:a2:46:41:e2:9e:11:2b:1a:35:
97:37:ab:e6:8e:f5:f6:72:30:0f:b1:fd:4d:99:d9:d7:c1:c9:
f4:43:36:9a:2f:05:62:a4:cd:09:b2:c5:31:cf:16:f6:c1:92:
b9:4a:44:80:78:b6:6b:0c:bd:37:76:b1:8f:e3:a6:38:dc:be:
3d:15:9a:61:ed:61:76:b2:1f:66:b8:bb:33:5e:c0:83:1d:f8:
8e:56:58:80:c4:b6:9d:49:c9:58:ab:2d:d1:22:af:70:7a:72:
ef:86:1b:c7:34:9e:9c:c7:c7:97:28:91:64:ea:62:5a:e3:dc:
bc:67:a0:5b:26:72:81:b9:e3:3f:e4:33:82:a3:51:db:0b:f5:
c2:70:78:5d:44:d4:7e:a9:77:1d:15:df:53:de:ed:7a:ad:da:
0a:2c:30:50:3b:07:50:d0:34:b0:54:5e:cd:37:1a:67:25:32:
9b:44:e8:6d:f9:81:02:96:5a:8b:91:e3:9c:ee:f5:55:ee:24:
4f:09:e3:b0:b4:3b:58:0c:8e:bb:6c:db:d2:6b:c7:ec:05:2f:
55:9f:3f:56
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUcZF/wIiLdr+JJnHiPzn1Cy+5JpcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMjAwMzgxOVoX
DTI1MDYyNjIzNTk1OVowejFJMEcGA1UEBRNAZjExNDI2NTllYzczZDNiNWIwMTQ2
M2FkODZmYWFkZmY4YzhhOWQ0MzU5NWY3N2FjNzJiYTAwMmFjNzQxOTEwOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu0vHsK0C3g8z2x5Bmf8J06cqnxfI
z6ypNm14q19VxPZMhxdWwsJg19Hzej0g8ERq6LygYP0vJVIGs6Ug36LmTNo/TDbM
6/W/ZAsBSF9NJ4F13xqx+SbP7/paW8IZbXlOTXPBrC5rX6y5LaevLGR/DZEwO80t
zsH81tf6ulOpieA15nyD7GwMyIhbV+VzMsruxQcqCuP0JqMXlfH/bD7kRZqSoLE0
DBAb7QcZODgeNAsZ85aOD1xkXCM9Vs2askOIoXNwASqJNECWpGRHWIxsjuje1wIJ
SrQDAudbqmGWaFPortCec8hpr7y7egSJcohQ0cAoqufV1tZa8JVvfVH6NwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFAx6diLbixbCC13+jTJ7mtY9dcAxMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzc4ZGJlMmM0LTk5ZjctNDEyNy04NjBiLTY3NDYxNzU0NmUxYi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbauUhAMA0GCSqGSIb3DQEBCwUAA4IBAQA9t51vXdHHgEaUjJTQ
or/BrS4jHDxgznLA6VZgINWS8wzzaN/3lFzm2o/5LtOiRkHinhErGjWXN6vmjvX2
cjAPsf1NmdnXwcn0QzaaLwVipM0JssUxzxb2wZK5SkSAeLZrDL03drGP46Y43L49
FZph7WF2sh9muLszXsCDHfiOVliAxLadSclYqy3RIq9wenLvhhvHNJ6cx8eXKJFk
6mJa49y8Z6BbJnKBueM/5DOCo1HbC/XCcHhdRNR+qXcdFd9T3u16rdoKLDBQOwdQ
0DSwVF7NNxpnJTKbROht+YECllqLkeOc7vVV7iRPCeOwtDtYDI67bNvSa8fsBS9V
nz9W
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:28:57 2025 by rpki-client