Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2f81107-168c-46e7-b297-ef3e9d0b49d6.roa
File: a2f81107-168c-46e7-b297-ef3e9d0b49d6.roa (raw, json)
Hash identifier: uVcKric4pOQTQEb8akPTSHsckfnRCAgSP3s+ktrihJk=
Subject key identifier: 88:5F:D7:98:E8:29:A3:3A:9A:58:4B:38:08:00:36:EC:F8:51:D9:4A
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 1D32D05F1A01C97CEC97ADD6DFC87EDA856F0951
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2f81107-168c-46e7-b297-ef3e9d0b49d6.roa
Signing time: Mon 12 May 2025 15:10:43 +0000
ROA not before: Mon 12 May 2025 15:10:43 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dabb:4000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 20:07:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1d:32:d0:5f:1a:01:c9:7c:ec:97:ad:d6:df:c8:7e:da:85:6f:09:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: May 12 15:10:43 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=a5bf2b7c42e1ca579e9ee67f76885ee3534045e1d04913b23bd2a30e92ae96ae, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:45:8d:71:ef:a4:9e:3a:c8:3b:b1:4d:97:9e:
c1:89:09:60:d2:71:60:cc:8b:94:29:6d:d2:c8:5f:
44:fa:aa:7f:9e:a4:9d:9f:75:6e:2c:03:3c:71:46:
2e:e5:53:4a:e0:3d:9e:f3:e0:1d:64:38:35:a5:5e:
28:4b:be:03:cb:bf:c2:b2:63:86:8a:8b:f9:a8:01:
f5:6b:6a:8c:7a:88:ed:24:0f:cf:df:0a:70:c6:3b:
17:b4:94:b0:d5:02:3b:03:16:16:1f:4e:68:c9:ac:
19:cf:53:95:19:d4:63:f6:91:ce:11:af:df:2b:46:
c1:c2:87:01:02:07:d4:48:f9:64:95:59:17:5d:78:
d1:33:c7:ba:11:e7:0a:46:e2:c0:ad:6b:0c:0a:91:
5d:3a:1d:eb:21:33:70:38:12:98:6a:f1:20:3d:a3:
c8:d4:60:99:3a:6d:50:d1:e8:c0:d9:3f:a3:6d:8c:
41:d4:88:ae:f5:63:e4:62:ad:e6:65:5d:71:4f:67:
83:90:ec:1d:1c:e7:7b:f8:77:fa:2a:f8:80:aa:f4:
ed:3f:1c:16:b2:59:54:f0:44:48:8c:97:08:63:06:
e4:b0:e4:a7:bc:1e:2b:8e:54:70:f8:b4:f3:37:48:
0a:78:98:cf:12:bc:90:67:ee:b5:2b:40:07:2e:6a:
a6:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:5F:D7:98:E8:29:A3:3A:9A:58:4B:38:08:00:36:EC:F8:51:D9:4A
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a2f81107-168c-46e7-b297-ef3e9d0b49d6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dabb:4000::/40
Signature Algorithm: sha256WithRSAEncryption
40:81:66:2a:fb:90:19:86:7c:93:f0:52:61:98:69:a0:ca:72:
9b:46:16:8b:da:57:4e:0b:3f:5c:bc:eb:38:1c:64:58:70:f7:
38:e1:50:53:0b:a0:a7:16:48:26:a3:47:13:fe:30:eb:1f:0f:
4c:f5:48:3b:6d:3a:7d:b0:e7:5f:eb:50:27:aa:4d:b6:47:01:
8d:08:b2:98:b0:98:ec:b4:1e:58:02:a9:ed:63:da:26:d8:0f:
40:b5:14:57:09:5d:00:bb:9d:09:97:36:1d:ed:d1:bb:73:20:
bf:43:01:a8:65:90:d1:e2:dd:c3:28:8a:4d:61:12:09:bc:4c:
a1:d0:9d:ed:f1:92:3f:3d:dd:a8:a7:b6:d7:29:00:d2:de:0e:
3b:e9:dc:72:52:8e:04:60:f2:dd:72:ae:ca:a8:64:ce:83:25:
7f:11:cb:f6:ad:dd:70:46:cd:b1:f1:53:58:c2:8b:78:aa:82:
d9:f3:a2:9d:90:8f:6d:77:84:fa:31:f4:ee:ae:fb:9d:da:44:
d1:b8:92:43:8e:83:21:34:bb:5f:e1:71:eb:77:15:8d:00:25:
50:3b:00:09:06:f1:ba:53:20:30:4e:10:d1:61:83:28:30:fd:
e7:f8:cb:d4:ef:4b:aa:3c:4b:00:3e:b0:9f:06:ff:29:e7:63:
99:23:4f:bd
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUHTLQXxoByXzsl63W38h+2oVvCVEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MTA0M1oX
DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNAYTViZjJiN2M0MmUxY2E1NzllOWVl
NjdmNzY4ODVlZTM1MzQwNDVlMWQwNDkxM2IyM2JkMmEzMGU5MmFlOTZhZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA80WNce+knjrIO7FNl57BiQlg0nFg
zIuUKW3SyF9E+qp/nqSdn3VuLAM8cUYu5VNK4D2e8+AdZDg1pV4oS74Dy7/CsmOG
iov5qAH1a2qMeojtJA/P3wpwxjsXtJSw1QI7AxYWH05oyawZz1OVGdRj9pHOEa/f
K0bBwocBAgfUSPlklVkXXXjRM8e6EecKRuLArWsMCpFdOh3rITNwOBKYavEgPaPI
1GCZOm1Q0ejA2T+jbYxB1Iiu9WPkYq3mZV1xT2eDkOwdHOd7+Hf6KviAqvTtPxwW
sllU8ERIjJcIYwbksOSnvB4rjlRw+LTzN0gKeJjPEryQZ+61K0AHLmqmVQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIhf15joKaM6mlhLOAgANuz4UdlKMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2EyZjgxMTA3LTE2OGMtNDZlNy1iMjk3LWVmM2U5ZDBiNDlkNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbau0AwDQYJKoZIhvcNAQELBQADggEBAECBZir7kBmGfJPwUmGY
aaDKcptGFovaV04LP1y86zgcZFhw9zjhUFMLoKcWSCajRxP+MOsfD0z1SDttOn2w
51/rUCeqTbZHAY0IspiwmOy0HlgCqe1j2ibYD0C1FFcJXQC7nQmXNh3t0btzIL9D
AahlkNHi3cMoik1hEgm8TKHQne3xkj893ainttcpANLeDjvp3HJSjgRg8t1yrsqo
ZM6DJX8Ry/at3XBGzbHxU1jCi3iqgtnzop2Qj213hPox9O6u+53aRNG4kkOOgyE0
u1/hcet3FY0AJVA7AAkG8bpTIDBOENFhgygw/ef4y9TvS6o8SwA+sJ8G/ynnY5kj
T70=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:19:26 2025 by rpki-client