Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92a734ef-a252-48bc-a799-25426b153989.roa
File: 92a734ef-a252-48bc-a799-25426b153989.roa (raw, json)
Hash identifier: n2FAjLBlijU02e+fkJ1+4PQVIZCLfRduM5PaXgtfMIE=
Subject key identifier: 17:4C:C4:98:CC:E2:6D:67:F1:2D:BE:7E:20:E3:D9:00:C6:01:9F:67
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 427B24604F26A330B442CE78B5BAD6C4E4D5AA26
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92a734ef-a252-48bc-a799-25426b153989.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da61:f000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 15:51:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:7b:24:60:4f:26:a3:30:b4:42:ce:78:b5:ba:d6:c4:e4:d5:aa:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ef:8a:f4:e4:7f:0c:e5:af:12:80:04:1a:94:bf:
57:a5:12:5f:ab:59:4c:cf:15:3e:45:cd:4d:9b:88:
0b:28:57:ca:62:66:a5:61:ee:68:6c:1d:da:2a:3e:
b0:c4:ec:97:65:a3:63:f3:fd:8e:21:0a:24:ca:cd:
d3:4b:11:e2:6d:30:de:fc:92:f5:76:e9:f8:81:3e:
1c:49:83:c6:c8:9c:fd:36:3c:e4:fc:43:b7:a4:cd:
89:5f:56:f6:39:a8:41:17:57:6e:85:a3:c9:32:c1:
29:e8:95:72:3d:51:14:17:15:83:02:c4:de:99:db:
ab:a6:1e:09:36:6f:73:2d:04:4d:94:87:8f:c7:3f:
ba:30:f7:25:3d:f6:1a:3a:00:f4:df:b5:ff:75:e4:
e5:4a:a1:05:32:a9:3b:3d:98:5d:4f:bf:66:ac:bd:
79:f2:a2:47:41:91:77:2c:43:d7:dc:37:a3:84:c0:
fc:eb:93:51:1f:de:e1:9f:1f:e1:33:bb:e4:a0:e2:
de:cb:7b:87:a7:c2:71:1a:68:40:df:84:e3:f3:2b:
4e:e3:ea:27:dd:84:74:2b:83:56:13:a7:7a:4d:b0:
9d:33:59:6e:56:63:54:e2:51:bc:74:ab:57:33:9e:
13:f6:6c:02:16:d9:89:2f:b0:92:ff:32:e6:83:c7:
25:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:4C:C4:98:CC:E2:6D:67:F1:2D:BE:7E:20:E3:D9:00:C6:01:9F:67
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/92a734ef-a252-48bc-a799-25426b153989.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da61:f000::/40
Signature Algorithm: sha256WithRSAEncryption
1c:8a:c5:43:2f:6c:4b:2e:42:57:7c:e6:fd:be:72:6d:57:fd:
45:2f:74:29:80:26:28:53:9b:23:0f:d7:f4:e0:5c:9f:bb:cb:
72:a3:32:60:12:1a:55:b7:0e:62:12:2a:f8:8f:c2:3b:e7:8e:
3b:68:9b:d1:76:e9:55:a1:ba:13:cd:1a:85:75:42:ee:0f:fe:
e7:9e:f5:8e:ab:02:fe:e7:e6:94:99:a9:b0:e4:75:51:42:ba:
0a:71:26:83:a7:29:ad:e0:b4:0a:26:53:b9:0b:1b:57:89:24:
47:21:a4:f0:a1:52:8b:56:28:5d:65:b4:3b:ff:8f:92:ec:0e:
ac:dd:a6:cd:dd:e7:91:63:b2:30:28:ad:a3:da:32:21:8d:bd:
74:93:57:e0:6e:14:29:c0:6d:c0:eb:99:14:1e:0c:27:c4:fe:
42:7a:87:5a:01:32:5e:4e:64:21:e9:b6:e8:c5:56:cb:1b:2f:
de:72:e6:d9:5a:22:d4:f7:ac:5c:15:ed:93:35:81:98:95:e3:
6e:12:b5:07:a4:63:79:1d:df:18:f2:46:be:e6:3a:7e:6b:1b:
10:69:82:83:00:76:8a:50:18:56:da:72:95:25:d7:f9:23:95:
37:c6:86:3c:b5:bc:db:5a:b8:f6:71:e8:05:7a:12:79:4a:ae:
94:c8:ef:47
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUQnskYE8mozC0Qs54tbrWxOTVqiYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAN2MwNTI2OGJlYmJlYjkwMjhjNTkz
MjAyN2U3N2U2MzhiMjU3NGY4N2Q2NjBlMTRmYTg4M2ZiZjI2ODNkMGNmZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA74r05H8M5a8SgAQalL9XpRJfq1lM
zxU+Rc1Nm4gLKFfKYmalYe5obB3aKj6wxOyXZaNj8/2OIQokys3TSxHibTDe/JL1
dun4gT4cSYPGyJz9Njzk/EO3pM2JX1b2OahBF1duhaPJMsEp6JVyPVEUFxWDAsTe
mdurph4JNm9zLQRNlIePxz+6MPclPfYaOgD037X/deTlSqEFMqk7PZhdT79mrL15
8qJHQZF3LEPX3DejhMD865NRH97hnx/hM7vkoOLey3uHp8JxGmhA34Tj8ytO4+on
3YR0K4NWE6d6TbCdM1luVmNU4lG8dKtXM54T9mwCFtmJL7CS/zLmg8cl2QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBdMxJjM4m1n8S2+fiDj2QDGAZ9nMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzkyYTczNGVmLWEyNTItNDhiYy1hNzk5LTI1NDI2YjE1Mzk4OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaYfAwDQYJKoZIhvcNAQELBQADggEBAByKxUMvbEsuQld85v2+
cm1X/UUvdCmAJihTmyMP1/TgXJ+7y3KjMmASGlW3DmISKviPwjvnjjtom9F26VWh
uhPNGoV1Qu4P/uee9Y6rAv7n5pSZqbDkdVFCugpxJoOnKa3gtAomU7kLG1eJJEch
pPChUotWKF1ltDv/j5LsDqzdps3d55FjsjAoraPaMiGNvXSTV+BuFCnAbcDrmRQe
DCfE/kJ6h1oBMl5OZCHptujFVssbL95y5tlaItT3rFwV7ZM1gZiV424StQekY3kd
3xjyRr7mOn5rGxBpgoMAdopQGFbacpUl1/kjlTfGhjy1vNtauPZx6AV6EnlKrpTI
70c=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:55:00 2025 by rpki-client