
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afcac07a-e6ca-4152-9a24-ce75f3f5d110.roa
File: afcac07a-e6ca-4152-9a24-ce75f3f5d110.roa (raw, json)
Hash identifier: 14+vA/ooCmt41tnZB0Tsc1ilelNXysiTX5rn24zvXCs=
Subject key identifier: 63:BC:4E:C4:45:A4:D3:2C:20:0E:0B:BF:49:E1:BC:B2:3F:C7:20:E2
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7682B3404A9DB72F200576BEA251B4B9251B7F62
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afcac07a-e6ca-4152-9a24-ce75f3f5d110.roa
Signing time: Wed 30 Jul 2025 00:21:02 +0000
ROA not before: Wed 30 Jul 2025 00:21:02 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:f080::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Jul 2025 18:52:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
76:82:b3:40:4a:9d:b7:2f:20:05:76:be:a2:51:b4:b9:25:1b:7f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:21:02 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=0793b5d1e7bf39aa1410965c35870b5ea5786f9cc10d501fe677f086db56f3bd, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:9e:a3:13:85:cd:dc:a4:56:73:16:a8:b0:8b:
8d:ed:95:97:49:c8:36:d6:2c:ef:db:ed:f7:1c:a6:
0c:11:d4:fd:af:ae:84:0f:f5:bd:94:2e:3d:e4:ee:
79:b0:51:a9:8e:35:f3:07:af:87:b9:b4:8a:74:d8:
31:ee:21:05:ae:d5:74:07:80:81:28:3f:d3:ef:db:
34:b3:64:9b:b0:b2:c7:63:a7:a6:2f:fb:3c:29:10:
5c:fd:ff:65:1e:91:fb:c3:3b:06:cd:36:37:f2:79:
22:c2:d1:9e:09:48:c7:ea:2e:03:7f:bf:93:2c:a8:
1f:e4:58:2a:26:0b:05:0f:8e:53:72:83:d3:ab:58:
05:d0:70:df:ff:1e:1b:97:88:8f:11:4b:48:bf:6d:
dc:c1:29:bb:12:7c:10:43:cb:34:7e:1a:30:8d:ed:
44:41:31:56:8b:a6:22:1c:eb:5c:a7:94:ff:4b:a7:
d3:79:d3:35:41:75:21:78:8e:3b:7c:bb:7b:44:04:
2f:61:a4:62:70:c4:a5:43:b0:8b:e9:12:b7:d8:bf:
d0:0d:f7:c8:c8:7d:b9:2f:2e:a0:40:3f:bc:de:6d:
e2:2b:6e:23:b8:fa:eb:90:8e:7e:1a:87:3d:4b:38:
44:79:45:1d:4c:3c:79:24:7b:30:d6:5f:53:7d:12:
f0:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:BC:4E:C4:45:A4:D3:2C:20:0E:0B:BF:49:E1:BC:B2:3F:C7:20:E2
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/afcac07a-e6ca-4152-9a24-ce75f3f5d110.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:f080::/46
Signature Algorithm: sha256WithRSAEncryption
b6:3c:f2:ab:c9:4b:2a:db:82:7f:56:ae:8a:60:fa:a4:a6:98:
94:37:f3:ba:2e:a8:29:a2:45:90:4f:56:09:87:bc:f3:15:89:
b8:87:ad:92:47:2d:0d:c7:75:84:55:0c:ff:40:51:cc:7c:e8:
cd:2e:f0:b1:56:3c:43:24:62:d7:f0:fe:18:5a:3a:06:59:38:
ef:55:a9:6c:3b:62:c5:4b:9e:f0:2d:7e:84:b7:f1:b0:b3:c0:
57:c5:dc:22:8f:09:a6:83:53:d7:c6:50:64:62:eb:45:3b:bf:
d7:a5:fe:3f:2a:ef:99:f1:62:d0:e0:7c:4f:c2:c6:c2:7a:33:
bd:b7:e5:62:bc:16:69:f8:32:30:9d:68:40:b8:81:b6:b9:78:
53:f6:0b:75:d3:ca:01:51:79:3c:b7:cc:b5:79:4a:56:57:b5:
80:e4:b0:79:dc:7f:99:9c:6e:23:37:83:42:5d:8d:a7:3c:8c:
7e:39:d1:66:33:38:1b:b5:0f:97:19:63:78:38:91:fd:40:73:
56:78:4f:60:94:a4:d2:58:06:1d:72:aa:04:9a:be:73:91:ba:
e4:ea:a7:57:30:c6:1d:86:96:5a:3b:c0:ab:7a:ed:36:93:d5:
13:24:95:62:6c:cf:54:90:03:b8:44:1b:0d:bc:38:cb:bf:f3:
4c:03:0b:1c
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUdoKzQEqdty8gBXa+olG0uSUbf2IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMjEwMloX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMDc5M2I1ZDFlN2JmMzlhYTE0MTA5
NjVjMzU4NzBiNWVhNTc4NmY5Y2MxMGQ1MDFmZTY3N2YwODZkYjU2ZjNiZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx56jE4XN3KRWcxaosIuN7ZWXScg2
1izv2+33HKYMEdT9r66ED/W9lC495O55sFGpjjXzB6+HubSKdNgx7iEFrtV0B4CB
KD/T79s0s2SbsLLHY6emL/s8KRBc/f9lHpH7wzsGzTY38nkiwtGeCUjH6i4Df7+T
LKgf5FgqJgsFD45TcoPTq1gF0HDf/x4bl4iPEUtIv23cwSm7EnwQQ8s0fhowje1E
QTFWi6YiHOtcp5T/S6fTedM1QXUheI47fLt7RAQvYaRicMSlQ7CL6RK32L/QDffI
yH25Ly6gQD+83m3iK24juPrrkI5+Goc9SzhEeUUdTDx5JHsw1l9TfRLwEwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFGO8TsRFpNMsIA4Lv0nhvLI/xyDiMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2FmY2FjMDdhLWU2Y2EtNDE1Mi05YTI0LWNlNzVmM2Y1ZDExMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+/CAMA0GCSqGSIb3DQEBCwUAA4IBAQC2PPKryUsq24J/Vq6K
YPqkppiUN/O6LqgpokWQT1YJh7zzFYm4h62SRy0Nx3WEVQz/QFHMfOjNLvCxVjxD
JGLX8P4YWjoGWTjvValsO2LFS57wLX6Et/Gws8BXxdwijwmmg1PXxlBkYutFO7/X
pf4/Ku+Z8WLQ4HxPwsbCejO9t+VivBZp+DIwnWhAuIG2uXhT9gt108oBUXk8t8y1
eUpWV7WA5LB53H+ZnG4jN4NCXY2nPIx+OdFmMzgbtQ+XGWN4OJH9QHNWeE9glKTS
WAYdcqoEmr5zkbrk6qdXMMYdhpZaO8Creu02k9UTJJVibM9UkAO4RBsNvDjLv/NM
Awsc
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:03:57 2025 by rpki-client