Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a78bbd2b-4153-482f-a036-7e819539104c.roa
File: a78bbd2b-4153-482f-a036-7e819539104c.roa (raw, json)
Hash identifier: v3o1MEH1j7v/ly1CAoGIM4OfJs5yPJmnXfPvZW6VJXw=
Subject key identifier: 18:9E:7B:CB:A6:4D:42:0B:FE:7E:F9:FB:00:BC:B9:5A:EF:E4:15:03
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 528DC6CBF509D0694A055D51DBD86081478AF35B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a78bbd2b-4153-482f-a036-7e819539104c.roa
Signing time: Sat 01 Feb 2025 00:00:00 +0000
ROA not before: Sat 01 Feb 2025 00:00:00 +0000
ROA not after: Sat 08 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:4800::/40 maxlen: 40
Validation: Failed, certificate revoked on Sat 01 Feb 2025 00:51:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
52:8d:c6:cb:f5:09:d0:69:4a:05:5d:51:db:d8:60:81:47:8a:f3:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 1 00:00:00 2025 GMT
Not After : Mar 8 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:c3:c1:b4:61:90:9d:1d:fc:70:02:d2:7b:a6:
f5:e9:4c:13:84:5c:d8:b7:d3:67:d7:8c:25:9b:18:
11:ae:a4:a7:48:01:06:a4:87:14:e9:3a:eb:74:25:
b3:18:5d:67:9d:55:59:71:4a:8b:70:1f:f6:3a:06:
60:1a:c7:0b:53:ce:37:96:90:e7:75:69:65:8d:ab:
eb:cc:50:b9:06:57:07:71:5c:01:b4:35:5f:a5:c8:
81:0c:ec:43:67:02:e4:0e:05:73:00:a8:14:2c:48:
ab:e6:6f:26:8d:53:97:52:9e:31:0d:6a:71:52:0f:
86:1f:1f:c6:17:fc:5e:93:3e:3c:ee:b5:5c:e3:f3:
d7:f2:8e:4b:4c:7e:fc:d9:62:b2:00:20:90:82:a7:
f1:67:6e:f4:4d:e3:07:53:58:4b:b8:d2:ac:c4:c8:
0f:1d:52:c1:51:89:5f:55:15:c2:4b:1c:0a:2d:ab:
48:c8:f1:77:23:a4:d8:b4:87:e4:ab:77:ed:0f:a8:
4c:56:6b:9b:c2:01:3b:59:b3:39:f7:32:04:be:77:
17:3f:97:b6:7f:d5:36:10:72:6d:cd:c1:5e:4f:c0:
27:d2:80:d6:b2:54:65:60:17:b2:d8:bd:6b:91:96:
7c:98:de:05:30:bb:1b:46:16:8b:11:2f:81:f0:83:
47:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:9E:7B:CB:A6:4D:42:0B:FE:7E:F9:FB:00:BC:B9:5A:EF:E4:15:03
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a78bbd2b-4153-482f-a036-7e819539104c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:4800::/40
Signature Algorithm: sha256WithRSAEncryption
c3:4c:8a:1b:80:b9:4e:3c:46:64:82:f1:65:ba:6b:b1:39:e2:
43:da:2f:d0:aa:d7:bd:35:81:6a:3a:17:a9:8c:fd:ea:61:d5:
eb:cd:b7:9b:f7:c4:65:cd:ec:76:90:8d:76:f8:0f:c6:11:45:
fb:32:15:d7:5c:54:26:12:e6:33:9d:7c:c1:c1:21:49:3e:8c:
f4:d3:05:28:4d:66:f1:b5:4c:33:70:b2:09:88:35:e2:e0:70:
60:11:8e:f8:c1:8e:0e:b0:e5:d9:05:0e:9a:16:b5:45:36:7e:
c0:78:0b:da:fc:00:8b:a8:5a:51:c8:e6:4c:1e:7e:d9:fc:19:
07:a7:f0:bb:bf:c5:8e:e3:e3:e6:80:6e:98:53:ad:33:9e:67:
8e:c1:a3:d2:90:ae:47:34:cc:5d:d8:77:b2:70:03:bc:b3:31:
ca:14:e3:dc:11:54:de:68:7f:e3:df:49:59:87:07:24:1b:56:
5c:12:3b:23:96:5a:f3:9f:62:b9:c1:51:3e:3c:59:22:4e:29:
50:ec:6d:9c:72:b8:57:17:57:a7:5d:74:32:1d:ea:7d:79:4c:
2c:e8:98:da:13:1a:53:1e:f3:e1:dd:83:1b:ee:cb:fc:dd:01:
ff:ae:e0:21:1e:4e:55:02:1e:10:fd:1d:9a:10:ee:82:71:38:
a3:6a:64:4f
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUUo3Gy/UJ0GlKBV1R29hggUeK81swDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMTAwMDAwMFoX
DTI1MDMwODIzNTk1OVowejFJMEcGA1UEBRNAYmNmOGVhYWM0MGQ1MjIxZjU2NDIz
Njg2YjkwNmMwZTllMzc3ZDdhNzBmYmIxMzMxMDkwMDU2YWE2MDcxMzJkMTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnMPBtGGQnR38cALSe6b16UwThFzY
t9Nn14wlmxgRrqSnSAEGpIcU6TrrdCWzGF1nnVVZcUqLcB/2OgZgGscLU843lpDn
dWlljavrzFC5BlcHcVwBtDVfpciBDOxDZwLkDgVzAKgULEir5m8mjVOXUp4xDWpx
Ug+GHx/GF/xekz487rVc4/PX8o5LTH782WKyACCQgqfxZ270TeMHU1hLuNKsxMgP
HVLBUYlfVRXCSxwKLatIyPF3I6TYtIfkq3ftD6hMVmubwgE7WbM59zIEvncXP5e2
f9U2EHJtzcFeT8An0oDWslRlYBey2L1rkZZ8mN4FMLsbRhaLES+B8INHKwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBiee8umTUIL/n75+wC8uVrv5BUDMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2E3OGJiZDJiLTQxNTMtNDgyZi1hMDM2LTdlODE5NTM5MTA0Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8kgwDQYJKoZIhvcNAQELBQADggEBAMNMihuAuU48RmSC8WW6
a7E54kPaL9Cq1701gWo6F6mM/eph1evNt5v3xGXN7HaQjXb4D8YRRfsyFddcVCYS
5jOdfMHBIUk+jPTTBShNZvG1TDNwsgmINeLgcGARjvjBjg6w5dkFDpoWtUU2fsB4
C9r8AIuoWlHI5kweftn8GQen8Lu/xY7j4+aAbphTrTOeZ47Bo9KQrkc0zF3Yd7Jw
A7yzMcoU49wRVN5of+PfSVmHByQbVlwSOyOWWvOfYrnBUT48WSJOKVDsbZxyuFcX
V6dddDId6n15TCzomNoTGlMe8+Hdgxvuy/zdAf+u4CEeTlUCHhD9HZoQ7oJxOKNq
ZE8=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:00:41 2025 by rpki-client