Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8926995e-bde5-49af-a989-17dd351a253f.roa
File: 8926995e-bde5-49af-a989-17dd351a253f.roa (raw, json)
Hash identifier: wPBQteEo7+kXFKfTIH/Ty5tPcW9QiWmSYwju/U3TZHQ=
Subject key identifier: BA:60:03:02:E1:A3:FA:BB:65:81:E3:FF:95:3B:52:74:E2:22:A4:D9
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 604BDB32A76F267D424A6916BED1C9387DFF9552
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8926995e-bde5-49af-a989-17dd351a253f.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:8000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 19:20:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:4b:db:32:a7:6f:26:7d:42:4a:69:16:be:d1:c9:38:7d:ff:95:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:fe:21:e4:92:63:bc:e8:78:47:1e:44:b0:3d:
53:8b:3b:f5:39:bd:08:af:df:a2:c7:1b:a5:5a:6f:
19:e9:a1:2a:57:c3:fe:3e:6b:7d:7a:97:b5:da:bf:
21:d7:25:ae:65:35:16:bb:a1:29:bd:ff:37:0f:0a:
42:0a:93:38:96:97:97:2d:af:8a:20:ab:68:8a:7a:
21:32:26:c4:7e:9e:2e:e8:4a:bc:b3:55:b3:8a:99:
1e:80:0e:cc:1a:78:d7:5b:17:69:a5:75:d6:74:61:
ed:d7:7d:29:09:14:b4:9e:68:a1:0d:d3:9a:1d:11:
da:02:46:39:e2:09:09:17:ca:83:ac:eb:d3:93:44:
c8:18:c7:35:7a:eb:da:ed:7d:85:60:8f:47:13:93:
62:16:da:d7:57:dc:7a:6c:1a:29:3c:b7:fc:10:79:
a0:67:75:0f:bc:66:70:4e:b2:1e:f0:9a:3d:09:e1:
f0:2b:ab:fe:da:d3:3b:af:c3:69:5c:31:2e:b5:bb:
fc:40:54:49:51:e3:6e:63:26:0b:7a:9b:57:e1:4c:
3c:d6:10:fd:0a:02:66:ae:28:8c:b4:cc:51:45:72:
5a:f9:e1:2a:13:54:f6:31:7d:2b:23:0f:4e:86:fb:
43:57:50:aa:69:f1:2e:75:74:81:a1:7c:c5:d9:fa:
77:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:60:03:02:E1:A3:FA:BB:65:81:E3:FF:95:3B:52:74:E2:22:A4:D9
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8926995e-bde5-49af-a989-17dd351a253f.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:8000::/40
Signature Algorithm: sha256WithRSAEncryption
26:c4:d4:19:38:14:66:7a:3f:f7:b1:95:cc:a3:be:00:54:e0:
b9:b9:92:61:b8:1e:93:ec:6e:51:73:d1:c4:99:bb:cb:53:9c:
0e:fe:5c:9b:dd:af:95:25:99:ca:a6:d8:55:df:65:03:a4:c5:
2a:20:33:f3:1b:9b:95:5e:c3:e2:a4:08:d2:56:1f:3b:35:ce:
91:c7:f5:b4:34:80:ba:86:aa:4c:74:5a:0e:18:24:c1:b8:78:
30:64:63:b1:74:d9:87:53:af:ff:70:0b:1f:dc:ee:49:82:df:
e0:cf:f3:1e:42:a7:ae:fa:be:a0:d8:4f:a3:51:46:e4:9d:ca:
99:ff:02:22:b9:a2:84:15:b6:39:6d:80:3d:7f:c3:2d:57:3c:
20:a0:ff:23:61:2f:9b:37:ab:f3:6b:31:d7:e4:8a:9d:28:c6:
79:c3:71:e4:f5:10:e3:68:b4:ac:30:ca:5d:93:a8:c8:d6:2d:
d1:c1:f5:1a:93:25:ba:77:7a:12:df:d9:73:df:c2:ba:10:12:
73:c3:38:ff:cc:d0:65:0d:86:a9:e1:28:3d:0b:ca:d1:0b:3e:
54:71:63:6c:2d:0b:32:8d:7c:43:ab:94:49:aa:67:f3:54:f8:
85:b3:0b:30:40:e1:6b:83:51:73:2d:05:02:40:90:2a:f3:8d:
e4:03:46:b7
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUYEvbMqdvJn1CSmkWvtHJOH3/lVIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYzNmNWQ5NTk1MGYxMzNjZTE3YjQ5
M2JmOTQ1YmVkMDYyMzExMzQwMjhlMzE4YzY1N2MzMmE2MjQwOTkzZGIyMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuv4h5JJjvOh4Rx5EsD1Tizv1Ob0I
r9+ixxulWm8Z6aEqV8P+Pmt9epe12r8h1yWuZTUWu6Epvf83DwpCCpM4lpeXLa+K
IKtoinohMibEfp4u6Eq8s1WzipkegA7MGnjXWxdppXXWdGHt130pCRS0nmihDdOa
HRHaAkY54gkJF8qDrOvTk0TIGMc1euva7X2FYI9HE5NiFtrXV9x6bBopPLf8EHmg
Z3UPvGZwTrIe8Jo9CeHwK6v+2tM7r8NpXDEutbv8QFRJUeNuYyYLeptX4Uw81hD9
CgJmriiMtMxRRXJa+eEqE1T2MX0rIw9OhvtDV1CqafEudXSBoXzF2fp3JwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLpgAwLho/q7ZYHj/5U7UnTiIqTZMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
Lzg5MjY5OTVlLWJkZTUtNDlhZi1hOTg5LTE3ZGQzNTFhMjUzZi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+4AwDQYJKoZIhvcNAQELBQADggEBACbE1Bk4FGZ6P/exlcyj
vgBU4Lm5kmG4HpPsblFz0cSZu8tTnA7+XJvdr5Ulmcqm2FXfZQOkxSogM/Mbm5Ve
w+KkCNJWHzs1zpHH9bQ0gLqGqkx0Wg4YJMG4eDBkY7F02YdTr/9wCx/c7kmC3+DP
8x5Cp676vqDYT6NRRuSdypn/AiK5ooQVtjltgD1/wy1XPCCg/yNhL5s3q/NrMdfk
ip0oxnnDceT1EONotKwwyl2TqMjWLdHB9RqTJbp3ehLf2XPfwroQEnPDOP/M0GUN
hqnhKD0LytELPlRxY2wtCzKNfEOrlEmqZ/NU+IWzCzBA4WuDUXMtBQJAkCrzjeQD
Rrc=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:06:28 2025 by rpki-client