
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d360aed-98af-4b86-84d2-f1b86117b0a2.roa
File: 7d360aed-98af-4b86-84d2-f1b86117b0a2.roa (raw, json)
Hash identifier: vk5BowLwCgGBhXqlQnPe2EnfDRp90nhwTmytLgMqtPs=
Subject key identifier: 0E:7A:2D:20:E1:59:57:6D:9F:33:19:A3:1D:6B:28:61:1D:48:77:EE
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5606E1A0A086E61EF4FD90C3AEDDDEEB5668A7FC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d360aed-98af-4b86-84d2-f1b86117b0a2.roa
Signing time: Tue 29 Jul 2025 00:50:08 +0000
ROA not before: Tue 29 Jul 2025 00:50:08 +0000
ROA not after: Tue 02 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:b0c0::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Jul 2025 18:07:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:06:e1:a0:a0:86:e6:1e:f4:fd:90:c3:ae:dd:de:eb:56:68:a7:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 29 00:50:08 2025 GMT
Not After : Sep 2 23:59:59 2025 GMT
Subject: serialNumber=138bda369f2d42ede12205e61b86e3c626213d752316d22f17fa58f48e08ec3c, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:42:0d:5c:6a:ab:32:6e:dd:17:7e:95:90:bc:
bf:52:74:36:ff:83:d6:f4:d8:f1:34:d8:2f:91:dc:
a9:32:14:f1:69:86:a5:08:93:3d:41:7e:83:b9:b4:
f7:0b:35:77:23:d4:ec:fe:29:f2:0c:a3:46:be:f6:
c6:26:b7:70:bb:f4:fb:9a:ce:e8:87:0e:c0:2e:ec:
2a:a4:06:65:04:32:2c:f6:52:68:dc:d8:37:71:1b:
a6:5d:1d:d3:b9:a2:b0:3d:fc:88:6b:a2:54:9a:9e:
da:81:20:85:71:e6:eb:32:04:f5:ca:e9:ab:26:84:
a4:bf:c3:7f:b1:10:2b:c4:00:70:0e:ca:2a:91:5e:
03:6d:34:39:e9:27:ef:54:4a:25:8b:b6:91:6c:00:
4a:18:ec:3b:f1:d8:f7:83:94:6d:28:47:40:2c:3c:
62:14:f0:d0:56:be:01:37:d4:a5:63:c7:75:b0:ae:
ae:91:33:86:28:ef:a4:0d:bc:79:ce:5b:43:d9:c2:
03:d4:86:59:e5:2d:51:af:45:0c:ea:75:a1:f3:7d:
69:1a:9d:96:50:f5:c2:b2:12:fd:1d:65:d8:26:09:
a7:aa:5b:09:92:c5:4f:29:77:f6:43:67:d3:ac:98:
d0:de:46:be:90:a1:51:80:cb:bc:28:ef:f3:34:37:
5b:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:7A:2D:20:E1:59:57:6D:9F:33:19:A3:1D:6B:28:61:1D:48:77:EE
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7d360aed-98af-4b86-84d2-f1b86117b0a2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:b0c0::/46
Signature Algorithm: sha256WithRSAEncryption
8b:c1:3b:1f:e8:ba:29:3a:cf:7b:78:3b:a2:43:ff:89:73:c2:
79:02:83:a5:dc:90:8f:21:f9:de:c8:30:53:21:99:ad:0b:0b:
6c:7e:c0:49:cf:06:4d:7b:fe:db:4c:f3:73:d0:2f:5c:c3:a3:
b0:71:e5:ed:34:34:f1:19:48:13:2c:0f:f5:71:a0:f7:8a:b7:
0c:b1:b6:06:fb:ef:95:6b:05:ef:92:3e:8c:5a:6d:92:86:9f:
da:26:ce:14:5a:d6:9e:52:7d:c2:f6:a9:12:b8:ee:28:02:5a:
b4:eb:a1:5a:33:37:7a:f2:b5:bc:95:6b:cb:e5:e7:8f:1a:a3:
5b:a0:62:e5:66:2b:af:50:d4:3c:20:ea:12:16:1d:95:c6:13:
76:31:89:a3:78:94:d3:b4:d6:63:1d:2a:51:53:77:a5:87:97:
c2:bb:df:af:a4:c1:e1:ee:70:a0:a1:71:9e:ec:1a:a4:6e:14:
63:85:e7:33:55:24:4b:ed:1f:60:ab:6c:2f:6c:8f:66:4a:9a:
20:d7:61:3e:21:81:83:e5:25:cd:54:39:74:20:05:a4:f2:74:
7b:6a:da:67:0b:f8:4a:c8:27:6d:8d:ef:25:96:64:b5:29:93:
5b:b9:c9:25:a0:49:cd:31:91:57:b8:04:cc:b8:3c:b3:e5:d9:
9e:86:b9:f3
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUVgbhoKCG5h70/ZDDrt3e61Zop/wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDcyOTAwNTAwOFoX
DTI1MDkwMjIzNTk1OVowejFJMEcGA1UEBRNAMTM4YmRhMzY5ZjJkNDJlZGUxMjIw
NWU2MWI4NmUzYzYyNjIxM2Q3NTIzMTZkMjJmMTdmYTU4ZjQ4ZTA4ZWMzYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuUINXGqrMm7dF36VkLy/UnQ2/4PW
9NjxNNgvkdypMhTxaYalCJM9QX6DubT3CzV3I9Ts/inyDKNGvvbGJrdwu/T7ms7o
hw7ALuwqpAZlBDIs9lJo3Ng3cRumXR3TuaKwPfyIa6JUmp7agSCFcebrMgT1yumr
JoSkv8N/sRArxABwDsoqkV4DbTQ56SfvVEoli7aRbABKGOw78dj3g5RtKEdALDxi
FPDQVr4BN9SlY8d1sK6ukTOGKO+kDbx5zltD2cID1IZZ5S1Rr0UM6nWh831pGp2W
UPXCshL9HWXYJgmnqlsJksVPKXf2Q2fTrJjQ3ka+kKFRgMu8KO/zNDdbJwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFA56LSDhWVdtnzMZox1rKGEdSHfuMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdkMzYwYWVkLTk4YWYtNGI4Ni04NGQyLWYxYjg2MTE3YjBhMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaabDAMA0GCSqGSIb3DQEBCwUAA4IBAQCLwTsf6LopOs97eDui
Q/+Jc8J5AoOl3JCPIfneyDBTIZmtCwtsfsBJzwZNe/7bTPNz0C9cw6OwceXtNDTx
GUgTLA/1caD3ircMsbYG+++VawXvkj6MWm2Shp/aJs4UWtaeUn3C9qkSuO4oAlq0
66FaMzd68rW8lWvL5eePGqNboGLlZiuvUNQ8IOoSFh2VxhN2MYmjeJTTtNZjHSpR
U3elh5fCu9+vpMHh7nCgoXGe7BqkbhRjheczVSRL7R9gq2wvbI9mSpog12E+IYGD
5SXNVDl0IAWk8nR7atpnC/hKyCdtje8llmS1KZNbuckloEnNMZFXuATMuDyz5dme
hrnz
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:03:50 2025 by rpki-client