Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e573a93-0df9-4209-b0ce-0c793b0859d9.roa
File: 7e573a93-0df9-4209-b0ce-0c793b0859d9.roa (raw, json)
Hash identifier: 3m+xHtT6YGt1yJEJM7EqZRib0mKyB5ZDhsOYoABDagQ=
Subject key identifier: 66:C1:DA:64:1F:44:AF:10:19:8B:15:79:A7:55:9F:D7:49:55:A8:23
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5132864F739EDBBF0D31070BD22F0D0FBA201537
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e573a93-0df9-4209-b0ce-0c793b0859d9.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:a000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 16:11:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
51:32:86:4f:73:9e:db:bf:0d:31:07:0b:d2:2f:0d:0f:ba:20:15:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:ae:72:2f:f2:f6:fc:6a:b4:4c:bd:be:d9:2b:
72:34:8d:da:f4:b0:86:60:b6:b0:6b:f9:24:78:14:
f6:28:df:23:3c:42:13:a4:f4:a7:9a:63:b4:19:33:
3f:13:71:58:a9:be:db:8e:29:c2:63:bb:df:5a:45:
7c:19:d5:cb:82:c3:fd:f9:49:a9:7c:6d:e6:b9:aa:
b8:24:b2:c7:74:e4:1c:57:1d:d7:69:f7:a7:53:a8:
35:a8:66:a9:1e:18:73:64:b8:7f:d4:7b:bc:2a:e2:
79:13:48:83:22:e2:19:ff:4d:d1:b3:15:b5:bc:64:
5c:dd:f7:06:7f:4f:58:0c:8f:69:a5:e6:d4:86:36:
6d:99:08:ce:52:8a:58:91:da:5d:b7:c6:9e:eb:16:
c7:68:5c:ad:6b:d0:4f:92:0b:c8:9c:25:7b:d9:56:
e4:1d:4c:f8:88:47:f1:39:d2:56:75:bb:1b:fd:e4:
81:4c:5c:b8:ca:20:61:f8:64:0f:6d:eb:cf:6d:8d:
02:e2:3a:3d:96:04:c7:60:ab:e3:b4:61:fc:c4:47:
00:43:5a:c1:8b:d8:4f:d6:d9:b9:34:46:2b:a7:a0:
2e:dd:6e:07:66:0a:23:eb:d5:a3:d1:9d:97:73:aa:
c9:4e:e7:ab:79:e6:75:cb:6b:6b:85:f3:46:44:f0:
3e:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:C1:DA:64:1F:44:AF:10:19:8B:15:79:A7:55:9F:D7:49:55:A8:23
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7e573a93-0df9-4209-b0ce-0c793b0859d9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:a000::/40
Signature Algorithm: sha256WithRSAEncryption
c2:57:4a:07:59:63:09:7d:37:84:a8:e7:6a:dd:2a:ac:0d:60:
6f:cd:0b:85:fe:28:a1:ed:29:5b:3a:52:af:a6:dc:38:95:8e:
1e:8e:a0:73:c6:4e:9e:fc:c6:50:18:1c:18:65:22:51:f1:bc:
bf:0a:12:db:fe:84:80:fc:fc:63:ed:06:f8:54:77:1f:6c:29:
7a:d5:08:7e:3d:4e:1a:71:8d:bb:db:3d:a8:da:53:bd:35:34:
85:b8:19:24:b9:9a:20:4c:e2:c1:d0:6c:ce:1d:73:9b:19:70:
e5:22:22:17:12:f0:26:ed:3c:4c:b4:00:0d:fb:c0:2e:be:98:
42:29:55:37:f1:c4:6d:ec:75:34:13:e9:5b:a2:80:a5:48:12:
a8:f5:bd:33:92:b4:8a:80:1a:d2:e0:da:e4:3b:e0:6c:1f:d1:
cb:d4:4a:e2:c4:9a:f4:99:c1:59:0c:0a:13:96:11:29:98:a3:
97:e6:cc:05:57:4c:99:24:48:5e:f2:db:59:a3:22:b1:f2:88:
28:a6:4a:cb:fc:20:9f:de:11:22:c6:98:f3:a4:96:47:b0:5c:
43:3b:7e:31:0e:86:9a:6c:cf:75:dd:82:a8:1e:70:07:2e:a8:
74:9c:62:b8:b1:8b:fd:02:c5:e3:25:f8:fb:57:0f:87:af:46:
d4:c1:f5:de
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUUTKGT3Oe278NMQcL0i8ND7ogFTcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAY2M5MDFiNzg4NDZlYzQyOTlkZmFh
NTYyMDY2Y2E2ZmYyMGVhYjQ4OWQ0YTVkMjZiN2E5ZDMzMzBlM2Y0Njg0ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqa5yL/L2/Gq0TL2+2StyNI3a9LCG
YLawa/kkeBT2KN8jPEITpPSnmmO0GTM/E3FYqb7bjinCY7vfWkV8GdXLgsP9+Ump
fG3muaq4JLLHdOQcVx3XafenU6g1qGapHhhzZLh/1Hu8KuJ5E0iDIuIZ/03RsxW1
vGRc3fcGf09YDI9ppebUhjZtmQjOUopYkdpdt8ae6xbHaFyta9BPkgvInCV72Vbk
HUz4iEfxOdJWdbsb/eSBTFy4yiBh+GQPbevPbY0C4jo9lgTHYKvjtGH8xEcAQ1rB
i9hP1tm5NEYrp6Au3W4HZgoj69Wj0Z2Xc6rJTuereeZ1y2trhfNGRPA+TQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFGbB2mQfRK8QGYsVeadVn9dJVagjMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzdlNTczYTkzLTBkZjktNDIwOS1iMGNlLTBjNzkzYjA4NTlkOS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9KAwDQYJKoZIhvcNAQELBQADggEBAMJXSgdZYwl9N4So52rd
KqwNYG/NC4X+KKHtKVs6Uq+m3DiVjh6OoHPGTp78xlAYHBhlIlHxvL8KEtv+hID8
/GPtBvhUdx9sKXrVCH49ThpxjbvbPajaU701NIW4GSS5miBM4sHQbM4dc5sZcOUi
IhcS8CbtPEy0AA37wC6+mEIpVTfxxG3sdTQT6VuigKVIEqj1vTOStIqAGtLg2uQ7
4Gwf0cvUSuLEmvSZwVkMChOWESmYo5fmzAVXTJkkSF7y21mjIrHyiCimSsv8IJ/e
ESLGmPOklkewXEM7fjEOhppsz3XdgqgecAcuqHScYrixi/0CxeMl+PtXD4evRtTB
9d4=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:01:37 2025 by rpki-client