Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c534d2c-91ca-45f7-8ffc-81e4ca7f473f.roa
File: 7c534d2c-91ca-45f7-8ffc-81e4ca7f473f.roa (raw, json)
Hash identifier: oJeUSDGFOu28lYiGtE5/8epdfJVrMeUSrlk/VFXjeKs=
Subject key identifier: 3D:7F:D0:F0:99:81:14:DB:2E:F2:E0:74:06:78:AA:BC:43:79:F8:74
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1CF9DB9E73B96B406D431B49538F56C89C584AEC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c534d2c-91ca-45f7-8ffc-81e4ca7f473f.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:c800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:20:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:f9:db:9e:73:b9:6b:40:6d:43:1b:49:53:8f:56:c8:9c:58:4a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:53:b5:7e:1c:96:4a:49:fb:14:2a:30:a9:77:
28:ea:a8:e2:9b:a7:01:d2:7f:e0:14:a6:43:73:91:
2e:ec:90:49:6d:44:12:db:1e:50:ab:48:fa:3a:9d:
f8:77:29:22:48:7a:aa:db:f4:0c:0f:63:2c:6c:0b:
35:22:5a:fe:38:44:67:36:40:e7:1e:d6:db:ed:41:
ea:42:2a:62:4a:1e:11:b9:15:95:72:a1:7f:8e:1c:
2d:53:bc:82:09:c7:15:66:59:c5:3b:9c:a4:db:c2:
d5:29:7a:5d:56:a4:a3:5c:bf:39:d8:18:2a:1b:ab:
d9:88:7d:0a:7b:67:da:a2:33:16:90:e5:7b:bd:62:
cf:57:64:43:1b:d9:c1:cb:0f:66:ec:82:b7:a3:73:
89:04:24:ea:cb:1e:40:c6:b9:e7:ff:4a:c1:68:6c:
17:78:46:6b:2d:62:0f:34:09:a2:19:2a:75:2d:d7:
6a:09:9a:c8:fd:c8:03:3d:68:78:b5:f7:9c:5d:c6:
e0:9a:f1:d5:78:23:41:7b:48:6b:25:1e:df:c7:cd:
a5:a3:f9:6e:5d:70:78:89:44:02:49:e3:c4:13:a4:
27:d7:ec:8c:6d:7d:8c:e0:ab:83:74:f0:26:9d:80:
1d:ef:51:9d:fc:d5:72:7c:78:d2:c8:4e:5b:36:0d:
1c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:7F:D0:F0:99:81:14:DB:2E:F2:E0:74:06:78:AA:BC:43:79:F8:74
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7c534d2c-91ca-45f7-8ffc-81e4ca7f473f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:c800::/40
Signature Algorithm: sha256WithRSAEncryption
88:9e:a8:c6:f5:17:cd:b0:6c:d1:d4:56:62:d4:e9:84:20:31:
90:bb:ed:43:d1:41:27:2f:28:82:cf:29:47:49:63:a7:07:53:
0b:42:c7:3a:0b:8a:2f:74:f1:59:c5:41:df:c8:a4:d0:a3:8e:
d4:eb:bb:ad:4c:4a:a5:61:70:82:77:26:7b:f6:93:40:eb:be:
d5:a2:c2:96:87:26:13:f4:a8:c5:4c:37:af:e5:3e:37:00:bc:
9b:1e:46:a2:3d:3d:35:a8:c9:5b:e9:20:bb:ca:79:a3:df:0c:
74:d8:bd:04:28:d9:fd:0c:88:cf:dc:ee:28:ba:23:a8:9f:d6:
1b:a4:7e:65:bd:c7:89:90:89:21:f4:b4:40:93:ec:7a:53:a0:
9a:a1:c0:9f:07:98:c1:9a:a6:54:24:c7:ea:e4:52:bc:5b:13:
c6:65:b2:c6:a4:7b:71:5d:7a:0b:cc:03:bb:fd:52:1e:4b:f5:
3e:d7:c3:af:af:42:69:88:df:74:78:92:73:cc:13:56:1f:ec:
61:12:68:1e:14:02:3d:42:a6:1f:35:ba:c7:83:16:df:2f:df:
12:0a:dc:2e:f1:a2:ae:ff:d7:9e:64:9a:51:80:a4:6f:73:8f:
2c:03:75:34:38:d5:7e:ff:a4:b7:fb:30:94:f1:ac:50:c3:14:
71:c1:fb:90
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUHPnbnnO5a0BtQxtJU49WyJxYSuwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANGU0ZDdjMDhjZDQyZDg5NzQ1OTA5
NzUzZmI0YmUwYTNlZDBkNGU5NWQ3YWVmNmY5Y2E4NjUwYjFmNTBlOTBmMzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu1O1fhyWSkn7FCowqXco6qjim6cB
0n/gFKZDc5Eu7JBJbUQS2x5Qq0j6Op34dykiSHqq2/QMD2MsbAs1Ilr+OERnNkDn
Htbb7UHqQipiSh4RuRWVcqF/jhwtU7yCCccVZlnFO5yk28LVKXpdVqSjXL852Bgq
G6vZiH0Ke2faojMWkOV7vWLPV2RDG9nByw9m7IK3o3OJBCTqyx5Axrnn/0rBaGwX
eEZrLWIPNAmiGSp1LddqCZrI/cgDPWh4tfecXcbgmvHVeCNBe0hrJR7fx82lo/lu
XXB4iUQCSePEE6Qn1+yMbX2M4KuDdPAmnYAd71Gd/NVyfHjSyE5bNg0cmwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFD1/0PCZgRTbLvLgdAZ4qrxDefh0MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdjNTM0ZDJjLTkxY2EtNDVmNy04ZmZjLTgxZTRjYTdmNDczZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/8gwDQYJKoZIhvcNAQELBQADggEBAIieqMb1F82wbNHUVmLU
6YQgMZC77UPRQScvKILPKUdJY6cHUwtCxzoLii908VnFQd/IpNCjjtTru61MSqVh
cIJ3Jnv2k0DrvtWiwpaHJhP0qMVMN6/lPjcAvJseRqI9PTWoyVvpILvKeaPfDHTY
vQQo2f0MiM/c7ii6I6if1hukfmW9x4mQiSH0tECT7HpToJqhwJ8HmMGaplQkx+rk
UrxbE8Zlssake3FdegvMA7v9Uh5L9T7Xw6+vQmmI33R4knPME1Yf7GESaB4UAj1C
ph81useDFt8v3xIK3C7xoq7/155kmlGApG9zjywDdTQ41X7/pLf7MJTxrFDDFHHB
+5A=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:50:33 2025 by rpki-client