Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/869e5c68-564f-4aa0-a84a-56dac3c414a5.roa
File: 869e5c68-564f-4aa0-a84a-56dac3c414a5.roa (raw, json)
Hash identifier: t0rDj9i1mqlIhtfUEPlZemx1VRlDHXc27ntumkFsRrI=
Subject key identifier: A1:4E:33:1F:E7:03:CE:60:8E:95:E9:77:0F:AF:AB:88:2D:7E:78:2B
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 44302E85F02FAFDC22B5594B48A9EAB84BB27001
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/869e5c68-564f-4aa0-a84a-56dac3c414a5.roa
Signing time: Wed 30 Jul 2025 00:11:29 +0000
ROA not before: Wed 30 Jul 2025 00:11:29 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:90c0::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Jul 2025 18:07:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:30:2e:85:f0:2f:af:dc:22:b5:59:4b:48:a9:ea:b8:4b:b2:70:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:11:29 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=da167d477aeaf27240c1b486e34177e9f0b0c28908e111dc2421fc06edf38ecc, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:5d:50:7f:8f:a4:07:7d:f4:c2:c4:da:a3:03:
ad:59:c1:33:32:31:75:cf:03:75:84:6c:7c:3c:b0:
8f:92:16:72:2a:62:34:9c:f7:17:f9:66:42:6f:f7:
41:d6:8c:8b:f4:f8:5d:16:c1:9a:bd:d7:04:c4:e9:
26:4e:32:93:a7:b9:d8:b1:7b:72:5a:04:af:54:14:
04:72:af:3f:67:ff:94:8f:d0:2b:61:98:84:8b:09:
fc:69:74:b7:82:80:9a:69:28:79:24:e4:7b:94:d8:
1e:cc:7a:13:c7:bb:f1:9e:1b:12:60:c7:52:c0:a3:
a4:45:dc:b7:1b:07:5b:fa:53:25:72:97:f8:54:cc:
86:e9:7d:40:e5:c1:2f:6d:40:f7:8b:aa:30:be:d5:
dd:5f:40:38:1e:ee:1b:e4:20:d4:29:3a:1b:86:b8:
9a:9b:8d:71:17:49:00:14:1f:6c:33:a2:1d:f5:aa:
e6:00:cc:28:c5:d1:5e:89:36:1c:73:9b:97:3a:55:
a7:e5:90:e0:c3:62:18:78:32:3a:7c:8e:7c:e8:53:
d3:94:a7:36:0d:7f:91:bb:7e:90:64:fc:6d:01:b7:
08:65:91:a7:36:db:e3:33:cb:5b:ba:2a:5b:ec:14:
f6:eb:92:60:d9:16:c1:1a:52:2e:0d:5a:c5:fe:d8:
c2:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:4E:33:1F:E7:03:CE:60:8E:95:E9:77:0F:AF:AB:88:2D:7E:78:2B
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/869e5c68-564f-4aa0-a84a-56dac3c414a5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:90c0::/46
Signature Algorithm: sha256WithRSAEncryption
b2:2d:e7:35:16:6c:db:7b:ca:c4:4f:8a:92:0a:c4:7a:ac:64:
ad:ed:8c:a9:18:51:68:47:d2:31:94:23:a2:12:d4:7f:24:a3:
f7:1e:0c:68:1a:3b:78:fd:93:f2:12:c9:84:c8:3d:e5:89:12:
b5:d0:c9:93:e6:0c:70:1c:51:6b:e1:ae:c8:9b:38:45:d8:1f:
f4:62:fe:28:98:d1:f0:63:c7:c2:30:82:4e:a8:76:d8:69:ae:
d3:80:29:b0:a7:52:4e:04:e1:f2:18:8c:a2:f4:8a:49:1a:9c:
7c:b5:8a:48:c2:f2:a1:c7:90:5b:8e:13:1a:21:00:f6:b2:79:
fc:2d:cf:97:63:d4:0a:03:58:92:c1:6a:ee:5f:09:bb:e3:ce:
c7:e0:64:30:61:08:5e:bc:6c:33:85:7f:a1:f0:27:81:7f:f7:
e1:73:2f:36:50:ce:1e:35:68:7f:ae:c7:67:fc:51:f3:b1:a4:
16:df:59:32:a0:7b:2c:23:22:bc:aa:ca:5a:02:36:6c:5a:0b:
81:ab:df:1d:e9:3c:9d:71:2e:a9:96:e6:3d:8d:3f:01:d5:41:
f1:8b:ff:72:a2:e9:37:2f:6a:75:a6:08:8a:80:2c:b9:47:a9:
73:09:d5:f0:49:34:ed:08:21:4e:ab:36:a9:eb:f6:15:65:df:
2f:2f:67:4f
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIURDAuhfAvr9witVlLSKnquEuycAEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMTEyOVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZGExNjdkNDc3YWVhZjI3MjQwYzFi
NDg2ZTM0MTc3ZTlmMGIwYzI4OTA4ZTExMWRjMjQyMWZjMDZlZGYzOGVjYzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4V1Qf4+kB330wsTaowOtWcEzMjF1
zwN1hGx8PLCPkhZyKmI0nPcX+WZCb/dB1oyL9PhdFsGavdcExOkmTjKTp7nYsXty
WgSvVBQEcq8/Z/+Uj9ArYZiEiwn8aXS3goCaaSh5JOR7lNgezHoTx7vxnhsSYMdS
wKOkRdy3Gwdb+lMlcpf4VMyG6X1A5cEvbUD3i6owvtXdX0A4Hu4b5CDUKTobhria
m41xF0kAFB9sM6Id9armAMwoxdFeiTYcc5uXOlWn5ZDgw2IYeDI6fI586FPTlKc2
DX+Ru36QZPxtAbcIZZGnNtvjM8tbuipb7BT265Jg2RbBGlIuDVrF/tjCFwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKFOMx/nA85gjpXpdw+vq4gtfngrMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzg2OWU1YzY4LTU2NGYtNGFhMC1hODRhLTU2ZGFjM2M0MTRhNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaZDAMA0GCSqGSIb3DQEBCwUAA4IBAQCyLec1Fmzbe8rET4qS
CsR6rGSt7YypGFFoR9IxlCOiEtR/JKP3HgxoGjt4/ZPyEsmEyD3liRK10MmT5gxw
HFFr4a7ImzhF2B/0Yv4omNHwY8fCMIJOqHbYaa7TgCmwp1JOBOHyGIyi9IpJGpx8
tYpIwvKhx5BbjhMaIQD2snn8Lc+XY9QKA1iSwWruXwm7487H4GQwYQhevGwzhX+h
8CeBf/fhcy82UM4eNWh/rsdn/FHzsaQW31kyoHssIyK8qspaAjZsWguBq98d6Tyd
cS6pluY9jT8B1UHxi/9youk3L2p1pgiKgCy5R6lzCdXwSTTtCCFOqzap6/YVZd8v
L2dP
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:02:16 2025 by rpki-client