Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91b902a-3780-4e0a-8062-46df71087b57.roa
File: a91b902a-3780-4e0a-8062-46df71087b57.roa (raw, json)
Hash identifier: RRYlvxpRmGIMbZ9FexUw94kINh6oqDUv27VGyJXnjpE=
Subject key identifier: 75:34:24:57:1C:4F:AF:1D:39:DF:1A:58:0F:1D:D2:28:68:C7:60:C2
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 0EB6749F44AE9A9BF142302F58BA46193804FC7C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91b902a-3780-4e0a-8062-46df71087b57.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:b000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:21:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0e:b6:74:9f:44:ae:9a:9b:f1:42:30:2f:58:ba:46:19:38:04:fc:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:b5:d3:4f:9d:b8:c8:97:48:ec:0a:9b:3a:43:
56:34:8f:f6:b9:46:e3:32:3a:64:35:1f:c6:bb:61:
6c:35:76:24:16:df:70:71:73:a8:0d:c3:d0:46:70:
79:d2:94:14:11:90:35:27:fd:fc:04:a0:ae:21:46:
f0:17:59:d1:49:8e:ac:64:24:01:ab:7e:fe:af:99:
8f:0b:17:16:49:3a:ee:16:38:22:5f:d0:7f:44:53:
79:78:56:84:ea:a1:34:9b:28:df:6b:73:81:01:49:
88:65:71:9c:d9:b5:01:eb:c6:13:19:2b:52:33:a3:
04:2f:db:91:2c:e0:75:20:56:b4:0d:06:fe:02:a2:
a0:6d:9c:3d:55:03:50:94:ee:82:1f:91:1d:6d:d3:
91:b0:91:c5:69:6c:4f:a3:5b:f2:3c:10:ae:90:9f:
7b:ad:99:c2:2f:f2:bc:12:6d:bf:05:1a:06:47:a0:
52:d2:a5:4b:9a:15:eb:04:f0:5b:ff:ee:c1:f8:dd:
53:db:03:96:7a:da:3e:4b:65:c3:0f:3d:56:d3:59:
f3:88:37:63:ee:b8:c5:ae:ef:95:e5:58:1c:e8:9c:
a9:e9:20:6b:74:45:e0:aa:a7:71:58:9f:f2:9f:04:
1f:87:c0:bb:e2:7e:4d:ea:7c:0d:fc:bd:4e:bf:b6:
cc:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:34:24:57:1C:4F:AF:1D:39:DF:1A:58:0F:1D:D2:28:68:C7:60:C2
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/a91b902a-3780-4e0a-8062-46df71087b57.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:b000::/40
Signature Algorithm: sha256WithRSAEncryption
a8:74:3a:34:bb:c3:77:cb:9f:fa:32:b6:2f:bf:99:40:3c:5c:
51:e8:d3:16:03:ca:79:97:bc:1d:16:fd:44:24:94:dd:e7:3a:
71:3d:4e:98:94:e8:0e:38:c6:39:34:02:95:6c:94:b4:fe:85:
87:bd:d9:de:9a:eb:03:7e:33:59:86:b7:9d:97:37:ff:00:5c:
33:7d:34:d4:a9:52:67:35:2d:1e:a7:f1:7e:03:1b:0a:6b:e4:
e2:84:d6:43:5b:04:c6:e2:04:a6:c0:c0:3b:88:dd:60:7a:dc:
4d:2c:1f:57:d0:c0:98:92:71:da:15:0d:74:32:0c:c8:99:f5:
52:d8:1c:75:6b:d0:9d:89:ab:f3:96:dd:66:b0:6c:34:8c:29:
90:70:a0:b7:c9:99:5b:86:2b:5a:77:dd:59:4d:13:8e:fb:92:
c9:d5:4c:5b:cd:70:4a:59:c8:ec:f8:f8:7d:b3:6f:50:91:66:
4d:e8:13:03:b7:ab:40:d8:c2:48:4f:cc:c4:ee:4b:29:12:f5:
01:7f:d6:ae:05:03:38:bf:f6:58:96:5f:2c:dd:fb:1a:60:cb:
f4:a7:48:d7:ec:a6:71:51:fb:73:65:66:32:37:d5:82:ca:44:
28:76:6d:a5:3b:a8:f0:cf:42:a7:fe:db:28:74:4d:c6:3f:50:
27:a1:88:2c
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUDrZ0n0SumpvxQjAvWLpGGTgE/HwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANjA4MTk2ZGIwYmI0YzljNTg2NmMx
OWVmMDY2ODczMWJhN2YxNDUyNzA1NzI2ZTBjNDVlOTllYzQ2Y2Y0YTE1MzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0bXTT524yJdI7AqbOkNWNI/2uUbj
MjpkNR/Gu2FsNXYkFt9wcXOoDcPQRnB50pQUEZA1J/38BKCuIUbwF1nRSY6sZCQB
q37+r5mPCxcWSTruFjgiX9B/RFN5eFaE6qE0myjfa3OBAUmIZXGc2bUB68YTGStS
M6MEL9uRLOB1IFa0DQb+AqKgbZw9VQNQlO6CH5EdbdORsJHFaWxPo1vyPBCukJ97
rZnCL/K8Em2/BRoGR6BS0qVLmhXrBPBb/+7B+N1T2wOWeto+S2XDDz1W01nziDdj
7rjFru+V5Vgc6Jyp6SBrdEXgqqdxWJ/ynwQfh8C74n5N6nwN/L1Ov7bMPwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHU0JFccT68dOd8aWA8d0ihox2DCMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2E5MWI5MDJhLTM3ODAtNGUwYS04MDYyLTQ2ZGY3MTA4N2I1Ny5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/7AwDQYJKoZIhvcNAQELBQADggEBAKh0OjS7w3fLn/oyti+/
mUA8XFHo0xYDynmXvB0W/UQklN3nOnE9TpiU6A44xjk0ApVslLT+hYe92d6a6wN+
M1mGt52XN/8AXDN9NNSpUmc1LR6n8X4DGwpr5OKE1kNbBMbiBKbAwDuI3WB63E0s
H1fQwJiScdoVDXQyDMiZ9VLYHHVr0J2Jq/OW3WawbDSMKZBwoLfJmVuGK1p33VlN
E477ksnVTFvNcEpZyOz4+H2zb1CRZk3oEwO3q0DYwkhPzMTuSykS9QF/1q4FAzi/
9liWXyzd+xpgy/SnSNfspnFR+3NlZjI31YLKRCh2baU7qPDPQqf+2yh0TcY/UCeh
iCw=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:09:26 2025 by rpki-client