Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/857d996d-a66c-48d8-8669-f36141564a43.roa
File: 857d996d-a66c-48d8-8669-f36141564a43.roa (raw, json)
Hash identifier: DsZj8sXuLk/E9ab9tcE7e45wW2vp9jL+yG3LhVWznH8=
Subject key identifier: FE:AF:A3:7E:4A:ED:FB:B6:FB:30:5B:ED:2E:CB:98:C3:0F:C6:43:DB
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 32A73A8A4F9379818D47B3F47F641164D990BE67
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/857d996d-a66c-48d8-8669-f36141564a43.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:4800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 16:20:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
32:a7:3a:8a:4f:93:79:81:8d:47:b3:f4:7f:64:11:64:d9:90:be:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:df:c6:64:c4:aa:7a:60:bf:43:8e:b2:c2:4a:
55:85:7e:61:0e:c2:bb:b8:92:de:5e:29:87:5d:9b:
6a:a3:6b:1e:cf:20:86:63:59:4b:2a:8c:7e:6d:78:
59:56:4e:c0:86:c1:86:98:75:4a:e1:24:49:3b:8d:
6b:2b:d3:ab:10:cc:d5:b3:3d:c9:9a:36:7e:6a:f2:
54:87:c0:f9:d3:39:ef:14:23:27:61:18:f5:4e:6f:
ba:4c:bb:d3:4e:ce:30:3f:af:8b:fa:58:9e:bb:38:
dd:6d:cc:7a:2f:09:c7:9e:71:7b:eb:cb:2f:0e:f4:
4c:37:88:44:17:e4:74:12:ba:fc:1e:0b:8a:61:ad:
47:32:79:ec:b6:a3:f0:6d:56:22:c4:b8:cb:b9:89:
cd:12:f7:eb:f7:40:41:98:d2:cb:ec:33:ea:38:59:
0a:81:d8:3c:37:8b:db:8b:25:99:47:b6:33:df:d1:
a5:eb:a7:5a:7d:e8:43:78:bd:24:12:44:8c:d1:c0:
da:c7:6d:1f:ea:f4:52:2f:f2:9a:ab:63:ea:24:58:
69:dc:98:f7:ce:29:0d:2e:63:b5:d1:1a:94:6c:98:
35:52:50:58:f8:ec:4d:cf:4d:30:20:65:5f:97:49:
31:ec:cb:ce:da:52:e4:25:d9:43:b9:57:f9:ae:06:
af:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:AF:A3:7E:4A:ED:FB:B6:FB:30:5B:ED:2E:CB:98:C3:0F:C6:43:DB
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/857d996d-a66c-48d8-8669-f36141564a43.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:4800::/40
Signature Algorithm: sha256WithRSAEncryption
14:bb:af:f0:03:e9:c3:14:97:59:bb:ca:36:33:c6:e9:5b:d1:
cf:ef:c3:b4:b2:65:90:da:01:db:30:99:0a:53:62:8f:66:85:
06:55:50:bd:aa:89:cb:35:94:47:88:1f:06:ad:29:63:42:e2:
ee:dd:25:dd:7e:97:f6:14:9a:f0:ac:c2:9b:36:96:d1:1e:9b:
e9:d4:19:85:c4:fe:dc:6e:2c:26:a3:85:95:c7:60:3f:72:3e:
0b:2a:25:2b:f5:a0:43:87:90:db:8e:b3:12:7a:24:e5:e8:fa:
a5:ee:cc:b6:0c:32:aa:fc:9a:c0:c7:b1:b7:f2:54:6a:9a:0e:
8d:9e:17:7f:79:7a:b5:39:0a:ad:c8:04:a5:5a:1a:e7:fa:d1:
92:85:25:fc:e3:af:9d:e4:c8:14:d5:74:67:24:25:ff:75:9d:
d3:e2:cb:c6:2b:8c:be:7d:a8:36:95:82:f8:cb:50:90:e4:06:
12:a2:5c:f0:5d:92:6e:6a:2b:9e:90:d4:7d:c6:46:c7:1e:13:
57:ca:db:04:93:43:0c:2e:bb:88:97:d6:68:38:10:ad:ad:7e:
10:ed:af:f0:aa:f9:a8:18:da:77:6a:7b:b9:72:7f:65:7d:34:
47:af:c2:e6:13:dc:13:75:09:45:92:85:f7:3c:a6:13:8c:29:
58:dc:1e:7d
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUMqc6ik+TeYGNR7P0f2QRZNmQvmcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAOWNmMWYzNGQ3MTMxYzk5OTRjNWU0
ZWM2YjlmYTFjNWVlMGJmMjhkNDY3Y2Q1ODgwMTE2MjYyYWU4NGQ5MThhZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnN/GZMSqemC/Q46ywkpVhX5hDsK7
uJLeXimHXZtqo2sezyCGY1lLKox+bXhZVk7AhsGGmHVK4SRJO41rK9OrEMzVsz3J
mjZ+avJUh8D50znvFCMnYRj1Tm+6TLvTTs4wP6+L+lieuzjdbcx6LwnHnnF768sv
DvRMN4hEF+R0Err8HguKYa1HMnnstqPwbVYixLjLuYnNEvfr90BBmNLL7DPqOFkK
gdg8N4vbiyWZR7Yz39Gl66dafehDeL0kEkSM0cDax20f6vRSL/Kaq2PqJFhp3Jj3
zikNLmO10RqUbJg1UlBY+OxNz00wIGVfl0kx7MvO2lLkJdlDuVf5rgav5QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFP6vo35K7fu2+zBb7S7LmMMPxkPbMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzg1N2Q5OTZkLWE2NmMtNDhkOC04NjY5LWYzNjE0MTU2NGE0My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/0gwDQYJKoZIhvcNAQELBQADggEBABS7r/AD6cMUl1m7yjYz
xulb0c/vw7SyZZDaAdswmQpTYo9mhQZVUL2qics1lEeIHwatKWNC4u7dJd1+l/YU
mvCswps2ltEem+nUGYXE/txuLCajhZXHYD9yPgsqJSv1oEOHkNuOsxJ6JOXo+qXu
zLYMMqr8msDHsbfyVGqaDo2eF395erU5Cq3IBKVaGuf60ZKFJfzjr53kyBTVdGck
Jf91ndPiy8YrjL59qDaVgvjLUJDkBhKiXPBdkm5qK56Q1H3GRsceE1fK2wSTQwwu
u4iX1mg4EK2tfhDtr/Cq+agY2ndqe7lyf2V9NEevwuYT3BN1CUWShfc8phOMKVjc
Hn0=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:46:30 2025 by rpki-client