Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80672242-3fdf-44d8-88c6-841fcfbe1251.roa
File: 80672242-3fdf-44d8-88c6-841fcfbe1251.roa (raw, json)
Hash identifier: zhqyLMbRMCnB5sZlA3+90Jxz/xNAo9fB/JVx68jAbDg=
Subject key identifier: 33:C7:13:4C:52:18:E8:FA:73:B9:FF:89:7B:C6:47:07:F2:90:83:0D
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 2446B36D32BC38916A363280C00F747D4976A0A0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80672242-3fdf-44d8-88c6-841fcfbe1251.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:8800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 18:21:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
24:46:b3:6d:32:bc:38:91:6a:36:32:80:c0:0f:74:7d:49:76:a0:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:78:37:35:d5:57:8b:5a:8f:89:8d:17:21:fa:
9a:12:c6:6c:bd:54:84:91:70:0a:0c:91:d1:b4:fd:
6f:07:30:57:46:e7:4d:79:db:ee:83:55:80:63:c1:
44:f6:70:ed:28:10:4c:53:9c:ec:b5:e8:ba:0b:01:
23:c1:ee:12:4a:19:cd:5e:25:92:8f:42:66:0a:25:
12:e2:bf:ca:1e:7e:e5:b8:2c:0a:ae:c6:5e:88:6d:
dd:c2:3e:be:c4:a1:f8:0e:4d:a4:6c:57:d0:f9:77:
5c:e1:0d:52:d7:fe:74:d7:03:65:2e:34:b7:b8:83:
38:90:bf:bb:b7:fe:f9:87:1a:38:5b:23:18:26:a1:
33:b7:67:71:db:ed:91:c6:9b:18:67:90:74:72:2b:
9d:68:11:b1:4b:50:c7:6a:34:e3:f8:21:9d:6e:2b:
e7:44:56:91:da:c5:27:3a:90:e4:df:83:4e:ec:25:
f6:bc:db:a2:e8:01:ea:af:d2:8c:ad:88:4c:a6:42:
36:47:be:b6:e5:59:00:24:4d:d9:46:56:8f:1c:ac:
09:24:90:41:8d:f4:60:fd:c4:0d:b1:15:1e:2e:1e:
ea:6f:41:b4:0c:fd:46:4b:c9:5f:ad:5d:3b:07:cd:
29:f1:01:8e:dc:ad:54:c6:94:26:65:9e:df:19:03:
90:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C7:13:4C:52:18:E8:FA:73:B9:FF:89:7B:C6:47:07:F2:90:83:0D
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/80672242-3fdf-44d8-88c6-841fcfbe1251.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:8800::/40
Signature Algorithm: sha256WithRSAEncryption
71:2f:d4:91:b5:e3:ba:2b:05:6a:79:c6:d0:14:1a:28:0c:2c:
42:34:0f:0e:38:87:85:dc:dc:07:95:6a:31:0f:b0:f5:be:85:
68:69:ff:f0:32:2c:04:56:04:a6:67:d4:0d:df:a3:36:bf:de:
c6:c2:f8:f7:69:d0:26:dd:2d:69:a5:7a:30:c2:41:d0:70:74:
3f:54:c8:92:db:e6:92:b1:10:62:ef:96:e0:2f:41:ad:15:38:
c0:27:4a:36:d5:29:f6:2e:14:f2:76:5f:93:15:fd:83:ea:c9:
c7:e6:3d:ba:11:b1:39:c7:17:8f:ad:4c:6a:6f:ba:ef:fa:42:
7c:f6:56:5a:62:08:4f:49:f8:a6:86:e1:26:93:66:c6:a2:b7:
7b:83:b7:63:09:fc:55:21:dd:f7:0c:18:2b:96:bb:23:ed:06:
b9:67:b8:fe:77:ed:45:51:95:38:3f:4a:73:5d:38:cc:e7:6f:
fe:b6:96:50:f6:ef:97:3b:3c:63:fb:9a:2b:63:f4:dc:6b:a8:
f8:08:83:ab:7e:c2:86:91:d7:f7:24:db:06:c0:10:9b:23:7d:
50:97:aa:55:b8:d8:66:e8:a5:9f:3e:a0:1b:71:27:ab:a6:eb:
06:27:1b:0d:60:e1:9b:21:e8:fc:14:7a:a3:f0:37:2a:d5:00:
c5:33:85:b0
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUJEazbTK8OJFqNjKAwA90fUl2oKAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZjE4ZjUwMjgwMmU0ZWQwY2ExMWFi
YjkwNTY0NjNiZDRjMDQwZWU1NmU5NDRhNTRmMmQ5MDc3NzQ0ZmJhMDBmZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3g3NdVXi1qPiY0XIfqaEsZsvVSE
kXAKDJHRtP1vBzBXRudNedvug1WAY8FE9nDtKBBMU5zstei6CwEjwe4SShnNXiWS
j0JmCiUS4r/KHn7luCwKrsZeiG3dwj6+xKH4Dk2kbFfQ+Xdc4Q1S1/501wNlLjS3
uIM4kL+7t/75hxo4WyMYJqEzt2dx2+2RxpsYZ5B0ciudaBGxS1DHajTj+CGdbivn
RFaR2sUnOpDk34NO7CX2vNui6AHqr9KMrYhMpkI2R7625VkAJE3ZRlaPHKwJJJBB
jfRg/cQNsRUeLh7qb0G0DP1GS8lfrV07B80p8QGO3K1UxpQmZZ7fGQOQKwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDPHE0xSGOj6c7n/iXvGRwfykIMNMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzgwNjcyMjQyLTNmZGYtNDRkOC04OGM2LTg0MWZjZmJlMTI1MS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaYgwDQYJKoZIhvcNAQELBQADggEBAHEv1JG147orBWp5xtAU
GigMLEI0Dw44h4Xc3AeVajEPsPW+hWhp//AyLARWBKZn1A3foza/3sbC+Pdp0Cbd
LWmlejDCQdBwdD9UyJLb5pKxEGLvluAvQa0VOMAnSjbVKfYuFPJ2X5MV/YPqycfm
PboRsTnHF4+tTGpvuu/6Qnz2VlpiCE9J+KaG4SaTZsait3uDt2MJ/FUh3fcMGCuW
uyPtBrlnuP537UVRlTg/SnNdOMznb/62llD275c7PGP7mitj9NxrqPgIg6t+woaR
1/ck2wbAEJsjfVCXqlW42GbopZ8+oBtxJ6um6wYnGw1g4Zsh6PwUeqPwNyrVAMUz
hbA=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:05:52 2025 by rpki-client