Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8a765aa6-e0dc-4e3a-9c51-bdecadbdb8d2.roa
File: 8a765aa6-e0dc-4e3a-9c51-bdecadbdb8d2.roa (raw, json)
Hash identifier: pByK2v/tfef+k4xoHcg6gTa+/w/+Olwo72h7BDGUNQI=
Subject key identifier: 11:FB:BC:61:02:BD:DF:DD:10:02:8D:19:7C:24:12:5D:9C:8E:41:51
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1ACDDBCF3F41B9B51942CBF5A1551E18148C4CBA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8a765aa6-e0dc-4e3a-9c51-bdecadbdb8d2.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:c000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 19:10:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1a:cd:db:cf:3f:41:b9:b5:19:42:cb:f5:a1:55:1e:18:14:8c:4c:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:8c:98:fb:3a:3a:23:b5:b1:67:74:34:84:da:
37:57:ae:ff:f5:96:bc:e4:7a:61:92:ef:7a:e3:db:
e5:db:a9:35:28:25:c9:7d:42:47:87:f3:bc:e2:b8:
ae:1d:16:3a:26:4e:2d:7c:ae:57:4d:ae:49:c3:5f:
20:0b:bd:24:e7:90:0b:40:f9:ee:53:46:88:7f:9e:
a5:37:60:a4:e1:ad:31:4c:ca:a2:1f:53:38:01:ab:
18:48:53:9d:a5:e7:0c:49:87:65:fd:48:11:02:af:
e2:3f:36:79:b5:12:90:7f:3f:4a:7a:8d:0b:89:3c:
98:68:83:db:f3:bc:c9:a1:b6:79:b9:3b:fc:34:13:
c2:95:db:06:b4:9c:fc:04:54:d2:c5:7a:d0:06:4e:
49:8e:13:d5:ce:41:4f:ea:11:0f:12:01:df:60:78:
cf:64:f9:d5:c4:50:18:db:96:9d:49:0b:ec:aa:1a:
36:ce:41:ff:ce:0c:ce:97:5b:eb:24:9f:1f:34:d0:
31:8b:8d:81:2b:55:4f:5f:89:30:9e:81:c2:ac:55:
e8:a4:63:dd:da:b4:bc:70:ef:de:81:0e:72:4c:09:
f2:9d:6d:e2:99:49:73:cb:fc:46:6c:d7:33:7a:68:
d3:88:c7:ce:59:b9:99:d0:b9:f0:22:ae:74:49:da:
cc:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:FB:BC:61:02:BD:DF:DD:10:02:8D:19:7C:24:12:5D:9C:8E:41:51
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8a765aa6-e0dc-4e3a-9c51-bdecadbdb8d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:c000::/40
Signature Algorithm: sha256WithRSAEncryption
99:55:4f:40:19:df:3b:c3:58:c5:03:ad:f2:14:53:b6:1e:60:
0d:ff:5c:1b:ab:d4:52:c5:53:a2:5e:69:88:68:f5:a0:9a:9f:
5d:26:36:6d:6a:c9:57:e7:e3:10:01:f1:e8:08:44:6f:1e:05:
da:a0:20:05:3d:66:84:d4:34:f0:07:dd:72:f8:03:ed:31:d5:
7b:9e:75:28:4d:a8:a4:a0:a1:56:12:6d:c3:27:fc:08:0a:b7:
47:70:cc:a5:50:20:33:16:42:61:a2:99:c6:c3:e3:95:0b:bd:
01:36:04:d9:75:fc:b1:6c:80:1f:12:c6:00:4f:45:10:9d:2d:
c2:4a:d8:51:e7:24:2b:c0:79:4d:a1:07:f0:b7:de:d8:71:02:
d5:cf:01:fb:21:e2:f6:fc:c2:a8:dc:81:5d:94:1e:0f:66:5e:
13:fd:bc:1d:41:d1:41:5e:f8:23:86:57:86:55:cd:05:eb:66:
1e:92:e4:c0:75:de:62:c8:07:2b:9e:10:be:18:a4:f9:3f:e5:
b3:d5:bd:5c:d6:14:d3:d4:15:64:4a:17:ca:89:da:e7:a1:1e:
99:dd:13:00:88:0c:c2:6b:3c:2e:c1:74:dc:e9:fd:80:d4:74:
af:19:48:fd:08:06:94:55:c2:88:7f:5a:c4:89:e7:03:f4:62:
3b:f4:2d:f5
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUGs3bzz9BubUZQsv1oVUeGBSMTLowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYmM3ZjUxMmIzNzBmMTFlYzBlODI4
ZmYxZDEzNTZlZGIxYWFkODVhN2JjNGJkMGNjNTIxZjdiMTgwODFkMGYyNDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA24yY+zo6I7WxZ3Q0hNo3V67/9Za8
5Hphku9649vl26k1KCXJfUJHh/O84riuHRY6Jk4tfK5XTa5Jw18gC70k55ALQPnu
U0aIf56lN2Ck4a0xTMqiH1M4AasYSFOdpecMSYdl/UgRAq/iPzZ5tRKQfz9Keo0L
iTyYaIPb87zJobZ5uTv8NBPCldsGtJz8BFTSxXrQBk5JjhPVzkFP6hEPEgHfYHjP
ZPnVxFAY25adSQvsqho2zkH/zgzOl1vrJJ8fNNAxi42BK1VPX4kwnoHCrFXopGPd
2rS8cO/egQ5yTAnynW3imUlzy/xGbNczemjTiMfOWbmZ0LnwIq50SdrMLQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBH7vGECvd/dEAKNGXwkEl2cjkFRMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzhhNzY1YWE2LWUwZGMtNGUzYS05YzUxLWJkZWNhZGJkYjhkMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba98AwDQYJKoZIhvcNAQELBQADggEBAJlVT0AZ3zvDWMUDrfIU
U7YeYA3/XBur1FLFU6JeaYho9aCan10mNm1qyVfn4xAB8egIRG8eBdqgIAU9ZoTU
NPAH3XL4A+0x1XuedShNqKSgoVYSbcMn/AgKt0dwzKVQIDMWQmGimcbD45ULvQE2
BNl1/LFsgB8SxgBPRRCdLcJK2FHnJCvAeU2hB/C33thxAtXPAfsh4vb8wqjcgV2U
Hg9mXhP9vB1B0UFe+COGV4ZVzQXrZh6S5MB13mLIByueEL4YpPk/5bPVvVzWFNPU
FWRKF8qJ2uehHpndEwCIDMJrPC7BdNzp/YDUdK8ZSP0IBpRVwoh/WsSJ5wP0Yjv0
LfU=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:55:18 2025 by rpki-client