Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa
File: b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa (raw, json)
Hash identifier: UuaHST73f7C/8/uTuYafeHgX/zHc2Fqtx8LBFAJGQss=
Subject key identifier: 70:BF:71:C7:68:B0:8F:3E:CC:66:C2:8E:5B:02:29:4D:B2:A0:AD:AC
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6822C0366E97BC9A5DCD438BBBBD629ECB25BB5E
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daff:1000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:21:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:22:c0:36:6e:97:bc:9a:5d:cd:43:8b:bb:bd:62:9e:cb:25:bb:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d3:e2:7f:e3:c8:b9:9c:b4:78:b5:73:10:f2:
42:d6:9b:f0:e8:8e:80:02:f4:ab:51:3c:9b:f7:ff:
8d:f7:76:4d:14:20:40:bc:92:06:5b:7a:ea:90:45:
b0:eb:f3:f5:27:14:07:56:d5:0d:c8:f5:df:0b:3d:
5b:4b:f7:d8:03:9a:57:8e:17:65:18:94:43:6c:67:
73:11:11:60:a0:48:f4:2f:24:94:39:78:8f:b8:aa:
30:75:bf:67:36:58:1c:cd:7d:d8:61:61:c2:f3:1a:
1f:39:9d:3d:72:60:41:4b:29:13:8a:29:44:cd:38:
b4:4b:db:c6:66:aa:82:0a:ba:0d:68:56:9c:92:18:
8b:28:4b:b5:76:ab:ca:a9:fc:7f:87:9e:b7:cb:17:
48:58:4a:96:35:29:6d:8e:7f:13:66:8d:20:df:c6:
9d:6e:9a:3e:f3:6a:98:ef:1c:4d:0f:bf:38:dd:0e:
6e:6f:b5:5e:b0:94:69:5e:74:88:6b:1d:e9:dc:15:
e2:54:36:15:e6:a5:bc:99:bc:a2:0e:10:c0:d5:ab:
64:72:28:f2:ec:33:b4:39:8f:3e:ee:82:42:28:2d:
cc:00:c2:46:f7:92:b4:82:5f:3c:a6:13:4e:e9:a7:
f9:82:c2:5c:cb:49:06:10:64:5b:84:e1:99:4b:34:
a7:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:BF:71:C7:68:B0:8F:3E:CC:66:C2:8E:5B:02:29:4D:B2:A0:AD:AC
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b3ed934e-b507-4d1e-8108-d901f3b37b6d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daff:1000::/40
Signature Algorithm: sha256WithRSAEncryption
09:36:ac:e0:77:92:0a:e8:b2:47:37:00:79:b9:51:cb:72:76:
05:ea:3b:79:c0:9b:61:7a:b0:3e:9b:de:0c:18:c2:db:ef:5a:
fc:2f:66:74:62:ef:cd:8c:8a:f3:92:0b:9d:ed:5d:7b:45:60:
b4:47:84:f3:9c:b0:84:07:3b:91:7d:64:38:e0:88:9b:67:7a:
79:4c:c4:71:ab:d7:e2:6d:86:28:b0:29:83:76:3c:61:08:6e:
71:6b:c1:3f:92:de:bf:8f:3d:18:ec:d6:ae:fc:9a:eb:27:f5:
af:bf:fc:7f:d4:ce:6d:99:b3:c9:af:7a:e4:30:f5:f9:df:09:
ff:c3:1c:a0:f4:55:3a:df:bb:0e:6d:19:11:fa:e2:0b:b4:6c:
96:98:3d:90:7c:2f:b2:6c:62:89:ca:88:6d:9a:9b:21:3b:2a:
4a:39:c8:bc:2d:b4:66:53:15:04:ab:03:71:d1:02:3d:df:00:
f8:08:97:ef:98:9d:e8:81:07:21:8f:db:50:84:64:8f:7a:b8:
30:b9:bc:33:ea:de:e6:05:66:86:59:c3:e4:cc:31:23:af:25:
50:ca:6a:4d:40:21:39:ed:ba:70:ea:f7:36:3f:f0:64:fe:7b:
3a:13:5a:f2:fd:3d:0d:1c:88:63:d8:9e:da:bb:11:1f:3e:24:
bf:18:60:a9
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUaCLANm6XvJpdzUOLu71insslu14wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMTE0MTVmYzNjMzNhOWE4YWU0ZDM2
MWVlNThlYjU2NDgyMDM5NzczMjI3Mjk2OTdlZDE4ODUwZGVjOTVjNjMwYTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutPif+PIuZy0eLVzEPJC1pvw6I6A
AvSrUTyb9/+N93ZNFCBAvJIGW3rqkEWw6/P1JxQHVtUNyPXfCz1bS/fYA5pXjhdl
GJRDbGdzERFgoEj0LySUOXiPuKowdb9nNlgczX3YYWHC8xofOZ09cmBBSykTiilE
zTi0S9vGZqqCCroNaFackhiLKEu1dqvKqfx/h563yxdIWEqWNSltjn8TZo0g38ad
bpo+82qY7xxND7843Q5ub7VesJRpXnSIax3p3BXiVDYV5qW8mbyiDhDA1atkcijy
7DO0OY8+7oJCKC3MAMJG95K0gl88phNO6af5gsJcy0kGEGRbhOGZSzSnowIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFHC/ccdosI8+zGbCjlsCKU2yoK2sMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2IzZWQ5MzRlLWI1MDctNGQxZS04MTA4LWQ5MDFmM2IzN2I2ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba/xAwDQYJKoZIhvcNAQELBQADggEBAAk2rOB3kgroskc3AHm5
UctydgXqO3nAm2F6sD6b3gwYwtvvWvwvZnRi782MivOSC53tXXtFYLRHhPOcsIQH
O5F9ZDjgiJtnenlMxHGr1+JthiiwKYN2PGEIbnFrwT+S3r+PPRjs1q78musn9a+/
/H/Uzm2Zs8mveuQw9fnfCf/DHKD0VTrfuw5tGRH64gu0bJaYPZB8L7JsYonKiG2a
myE7Kko5yLwttGZTFQSrA3HRAj3fAPgIl++YneiBByGP21CEZI96uDC5vDPq3uYF
ZoZZw+TMMSOvJVDKak1AITntunDq9zY/8GT+ezoTWvL9PQ0ciGPYntq7ER8+JL8Y
YKk=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:06:06 2025 by rpki-client