Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b355bf84-223a-40db-b012-87ca07f79405.roa
File: b355bf84-223a-40db-b012-87ca07f79405.roa (raw, json)
Hash identifier: Njg2vHgVcu+Xns1YPbFXd1nI22om1+0LJwkYq7GYtyM=
Subject key identifier: 50:2D:90:2E:F3:B9:32:00:F8:25:6A:46:C5:56:3A:C2:59:FF:3A:CD
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 54ADAE7AC0B66AFA852C753DD0E0C119A6E2ABDC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b355bf84-223a-40db-b012-87ca07f79405.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:c800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 19:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
54:ad:ae:7a:c0:b6:6a:fa:85:2c:75:3d:d0:e0:c1:19:a6:e2:ab:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:17:cb:f2:cf:6c:29:9c:f2:57:cb:59:56:ac:
bb:9e:b1:33:bd:17:20:b4:ea:6f:53:cb:41:cb:3f:
b8:7d:e4:96:fa:c4:9f:99:2e:23:a6:8d:ec:28:c1:
f8:b4:fe:c6:7b:0d:7a:8e:0c:b1:16:59:a0:f2:78:
2a:f4:74:e4:75:df:d8:2c:0e:43:e0:bd:22:70:e9:
a1:eb:d8:b8:b5:81:5b:4d:31:e8:37:c2:43:38:ca:
c9:1e:0c:13:06:2d:8c:31:46:7b:a9:6f:bf:01:de:
e5:ac:e5:17:1e:84:f5:f5:5e:43:dd:a5:fd:9d:80:
b6:9b:c3:f6:fd:10:df:97:29:ff:f4:d2:a4:21:19:
b7:df:2c:39:79:4c:a4:f4:72:19:ed:32:79:1a:4b:
9b:22:99:9a:74:f5:be:15:e7:af:a8:3a:90:a6:dc:
c3:8b:d1:93:1f:c2:0c:ca:5b:f5:26:ac:c9:36:eb:
91:0e:8a:3a:56:a6:09:79:24:07:5d:cd:c4:79:68:
7c:90:53:99:8a:a0:e3:54:44:56:d1:9b:86:cc:3c:
cc:86:58:b9:26:b7:0e:4e:07:36:72:5a:71:f2:7b:
8e:fa:ab:94:fa:aa:dc:27:86:12:62:df:af:c9:d4:
fe:b6:9f:df:a4:8b:6f:a4:a3:2d:42:82:f9:9a:09:
1e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:2D:90:2E:F3:B9:32:00:F8:25:6A:46:C5:56:3A:C2:59:FF:3A:CD
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b355bf84-223a-40db-b012-87ca07f79405.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:c800::/40
Signature Algorithm: sha256WithRSAEncryption
29:de:f6:9a:59:04:08:cd:64:1d:18:48:41:15:58:99:86:9a:
57:d9:27:28:bd:76:89:bd:76:ef:c5:97:81:f0:fd:5a:d9:9d:
fb:3f:b1:bb:78:d9:93:8f:64:29:dd:75:18:6a:af:33:8f:2a:
11:af:b0:6e:8c:91:af:43:aa:87:2b:43:65:60:c3:45:5b:89:
35:b4:a1:77:92:7f:3b:70:97:f2:c5:b9:23:38:6e:5a:57:f1:
98:73:cb:24:00:31:79:d8:38:e8:23:b1:ce:d5:bb:e2:a0:d6:
1c:f3:d8:94:2b:0b:ff:d3:95:de:ac:14:02:62:41:b2:3d:15:
8f:d7:b9:d6:50:c1:3f:2d:ab:97:b0:1e:64:d2:ed:bf:66:8c:
20:19:62:a7:c4:cb:ae:f8:6c:9e:07:1a:76:44:e1:17:dd:13:
d7:51:14:a4:03:f2:39:5d:9b:cd:27:55:26:33:0c:dc:46:85:
c0:55:0e:80:64:74:10:7f:5e:48:d1:fd:9f:78:a5:f7:60:be:
8e:ca:c9:5d:eb:ef:74:4a:6c:1d:d8:7f:76:c4:67:79:80:8f:
fd:d6:df:7a:cd:e3:65:ea:6b:3e:72:81:53:0b:45:d5:49:b4:
55:3d:2e:02:3e:44:ab:5e:d0:ca:e1:cf:1f:55:95:94:2b:a6:
c4:59:c8:70
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUVK2uesC2avqFLHU90ODBGabiq9wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZWU2MWY3MmQ5ZWVkNTdkOTU1NTVl
OTAwOGU0Yjk4M2NiZTJjMzUyM2IyODJlZDE3YmMyODYwMjFhOTJlNDY4OTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlRfL8s9sKZzyV8tZVqy7nrEzvRcg
tOpvU8tByz+4feSW+sSfmS4jpo3sKMH4tP7Gew16jgyxFlmg8ngq9HTkdd/YLA5D
4L0icOmh69i4tYFbTTHoN8JDOMrJHgwTBi2MMUZ7qW+/Ad7lrOUXHoT19V5D3aX9
nYC2m8P2/RDflyn/9NKkIRm33yw5eUyk9HIZ7TJ5GkubIpmadPW+FeevqDqQptzD
i9GTH8IMylv1JqzJNuuRDoo6VqYJeSQHXc3EeWh8kFOZiqDjVERW0ZuGzDzMhli5
JrcOTgc2clpx8nuO+quU+qrcJ4YSYt+vydT+tp/fpItvpKMtQoL5mgke5QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFFAtkC7zuTIA+CVqRsVWOsJZ/zrNMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2IzNTViZjg0LTIyM2EtNDBkYi1iMDEyLTg3Y2EwN2Y3OTQwNS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaacgwDQYJKoZIhvcNAQELBQADggEBACne9ppZBAjNZB0YSEEV
WJmGmlfZJyi9dom9du/Fl4Hw/VrZnfs/sbt42ZOPZCnddRhqrzOPKhGvsG6Mka9D
qocrQ2Vgw0VbiTW0oXeSfztwl/LFuSM4blpX8ZhzyyQAMXnYOOgjsc7Vu+Kg1hzz
2JQrC//Tld6sFAJiQbI9FY/XudZQwT8tq5ewHmTS7b9mjCAZYqfEy674bJ4HGnZE
4RfdE9dRFKQD8jldm80nVSYzDNxGhcBVDoBkdBB/XkjR/Z94pfdgvo7KyV3r73RK
bB3Yf3bEZ3mAj/3W33rN42Xqaz5ygVMLRdVJtFU9LgI+RKte0Mrhzx9VlZQrpsRZ
yHA=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:01:28 2025 by rpki-client