Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8a765aa6-e0dc-4e3a-9c51-bdecadbdb8d2.roa
File: 8a765aa6-e0dc-4e3a-9c51-bdecadbdb8d2.roa (raw, json)
Hash identifier: WgBi914Lg2A5V48u9BTyuZzABqN53cU4ZY/oRuscGDE=
Subject key identifier: 00:1E:48:88:3B:27:F6:53:B8:E2:E5:1E:F2:FB:4D:67:17:03:E3:D1
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 082AA874F6DF9079B11540D04702374CB2A7A59C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8a765aa6-e0dc-4e3a-9c51-bdecadbdb8d2.roa
Signing time: Wed 30 Jul 2025 00:51:25 +0000
ROA not before: Wed 30 Jul 2025 00:51:25 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf7:c000::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 30 Jul 2025 18:53:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:2a:a8:74:f6:df:90:79:b1:15:40:d0:47:02:37:4c:b2:a7:a5:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:51:25 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=ab24b6e9a31a3f461230d0f446890a27d3a9538a410fd9d39ea2aac0882009c0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:fd:44:44:3c:7b:ba:2f:52:62:ac:0f:2a:97:
46:48:73:8a:03:0f:4a:84:d9:38:87:6e:13:ee:47:
7d:bb:bb:83:0f:47:c9:0a:e7:d4:f1:12:7e:7e:18:
7d:6c:95:7e:44:05:3e:9b:4b:3b:58:1b:af:25:c3:
6d:8b:b9:7f:b3:8f:21:72:5a:0a:0c:80:b5:e0:04:
ac:8f:55:e5:36:5d:31:cc:a5:f2:c6:e7:6e:d1:14:
93:c8:8b:1d:7e:32:d7:9f:06:8d:92:3d:8d:59:43:
21:27:cf:dc:57:62:41:e1:09:8a:78:d2:7b:79:c8:
b5:73:3e:eb:9f:f2:76:8b:2a:2f:00:47:f1:e1:d0:
e2:fb:40:aa:e4:27:2c:0b:eb:86:4b:8c:f2:d8:ae:
91:78:7e:5c:a2:68:0e:93:36:e1:1a:81:5b:a4:8a:
96:8d:03:78:b3:7a:39:83:24:ba:7f:6a:75:3b:80:
26:33:34:fd:a3:25:01:65:2c:65:a2:4c:6a:d8:17:
f8:83:33:2d:24:ae:fe:67:cc:b3:4c:ca:9d:8d:80:
f1:ba:5c:14:e1:fc:56:9f:32:72:b8:d7:d3:72:cd:
48:f8:b1:03:67:b1:71:0f:85:20:00:fe:96:ee:97:
4c:0a:8d:f1:6e:b5:f0:00:3e:34:64:b9:a1:8f:cd:
9e:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:1E:48:88:3B:27:F6:53:B8:E2:E5:1E:F2:FB:4D:67:17:03:E3:D1
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/8a765aa6-e0dc-4e3a-9c51-bdecadbdb8d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf7:c000::/40
Signature Algorithm: sha256WithRSAEncryption
ac:d6:ad:e5:13:94:9c:d9:1f:e2:6c:bb:65:32:96:1a:cc:07:
a0:d9:ae:9c:9a:ed:58:a4:97:4c:4e:c8:a9:1e:ae:31:48:c9:
06:a4:b9:ec:f2:7d:93:fe:a0:29:2b:e8:a3:cf:e6:51:5b:5a:
a6:bf:32:5d:85:ac:b8:b4:07:ef:ca:8f:a8:48:19:0e:fa:fd:
bf:f7:b0:5d:a3:e4:6d:00:fb:71:8b:0c:ad:f6:80:4c:6f:25:
f3:73:7e:76:7b:b3:14:f0:57:c0:05:39:5b:2e:75:4d:c9:5c:
2f:39:12:dc:5a:1a:e2:0b:33:ac:59:d1:cf:ba:b9:7b:88:25:
29:bc:13:2d:cd:31:4d:99:64:ab:9b:9e:dc:77:ac:e9:7f:6f:
5c:7f:1e:bf:5b:a7:86:de:d1:7b:11:4b:f5:1e:cd:9a:eb:f1:
78:39:7f:32:df:ff:12:71:f6:42:2d:1a:ca:81:b8:e7:f7:ca:
00:8f:41:ea:00:ee:04:28:29:f0:ea:72:78:b7:e6:e3:c7:52:
a0:7a:65:6b:67:c4:ac:97:34:68:fa:2e:f9:85:0d:25:8c:b7:
29:bc:8e:78:17:67:39:c4:45:b9:78:24:07:01:72:f2:10:3b:
27:fb:5c:8c:b5:98:4e:61:de:5a:69:a6:d6:e8:e0:77:bc:97:
9e:3c:65:de
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUCCqodPbfkHmxFUDQRwI3TLKnpZwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNTEyNVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAYWIyNGI2ZTlhMzFhM2Y0NjEyMzBk
MGY0NDY4OTBhMjdkM2E5NTM4YTQxMGZkOWQzOWVhMmFhYzA4ODIwMDljMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6f1ERDx7ui9SYqwPKpdGSHOKAw9K
hNk4h24T7kd9u7uDD0fJCufU8RJ+fhh9bJV+RAU+m0s7WBuvJcNti7l/s48hcloK
DIC14ASsj1XlNl0xzKXyxudu0RSTyIsdfjLXnwaNkj2NWUMhJ8/cV2JB4QmKeNJ7
eci1cz7rn/J2iyovAEfx4dDi+0Cq5CcsC+uGS4zy2K6ReH5comgOkzbhGoFbpIqW
jQN4s3o5gyS6f2p1O4AmMzT9oyUBZSxlokxq2Bf4gzMtJK7+Z8yzTMqdjYDxulwU
4fxWnzJyuNfTcs1I+LEDZ7FxD4UgAP6W7pdMCo3xbrXwAD40ZLmhj82eLQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFAAeSIg7J/ZTuOLlHvL7TWcXA+PRMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzhhNzY1YWE2LWUwZGMtNGUzYS05YzUxLWJkZWNhZGJkYjhkMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba98AwDQYJKoZIhvcNAQELBQADggEBAKzWreUTlJzZH+Jsu2Uy
lhrMB6DZrpya7Vikl0xOyKkerjFIyQakuezyfZP+oCkr6KPP5lFbWqa/Ml2FrLi0
B+/Kj6hIGQ76/b/3sF2j5G0A+3GLDK32gExvJfNzfnZ7sxTwV8AFOVsudU3JXC85
EtxaGuILM6xZ0c+6uXuIJSm8Ey3NMU2ZZKubntx3rOl/b1x/Hr9bp4be0XsRS/Ue
zZrr8Xg5fzLf/xJx9kItGsqBuOf3ygCPQeoA7gQoKfDqcni35uPHUqB6ZWtnxKyX
NGj6LvmFDSWMtym8jngXZznERbl4JAcBcvIQOyf7XIy1mE5h3lppptbo4He8l548
Zd4=
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:59:13 2025 by rpki-client