Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b95465ac-2cc6-42c1-aab8-02c168f374a7.roa
File: b95465ac-2cc6-42c1-aab8-02c168f374a7.roa (raw, json)
Hash identifier: AUuG7QKbtcvO0oA+RpHu7Eg2JmmUBiMH0H95+VS2APE=
Subject key identifier: 35:CB:EC:9B:ED:C8:A7:66:2E:82:1C:C6:00:53:74:CB:58:8C:8B:8E
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 56C997DAE4C276539CB19D3BDF5FC9564DC5436B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b95465ac-2cc6-42c1-aab8-02c168f374a7.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 19:31:06 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
56:c9:97:da:e4:c2:76:53:9c:b1:9d:3b:df:5f:c9:56:4d:c5:43:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:cf:39:c6:53:83:27:b4:d5:65:ac:21:e3:4d:
02:14:51:f1:88:8d:27:2f:36:4b:7d:bb:79:3d:f3:
e3:73:26:34:e1:54:46:2f:28:74:bd:f2:4b:b7:c4:
33:68:55:41:9d:91:cb:39:e4:1f:ee:e6:1c:9e:42:
c2:29:bd:f7:7a:57:ce:70:38:3d:8f:df:2e:5c:70:
7b:01:25:68:3e:de:b7:63:e8:57:35:1e:ef:2d:01:
1d:d1:55:8c:8e:78:1b:47:17:43:ba:e4:31:f5:f1:
bd:ff:cd:3f:40:77:67:f4:f1:10:fd:47:cd:82:d7:
b8:ec:bf:47:35:b5:90:18:f1:40:dc:9d:3f:58:0f:
a5:17:30:33:ed:ce:3c:30:01:99:68:63:53:83:da:
80:c4:29:b5:6e:6f:38:21:f0:cf:8e:e1:76:bb:42:
a5:1e:47:49:59:96:ed:c2:9d:5e:67:91:63:4a:44:
02:20:e6:46:7a:e8:9f:0e:72:c7:dc:9d:ef:ec:20:
52:37:04:6b:3b:a3:b8:6a:73:17:08:8f:87:f6:02:
9c:08:97:9e:96:5b:31:bc:86:62:dd:e3:43:18:35:
8e:4d:59:c1:b3:94:25:67:65:f5:a6:0e:48:09:93:
9b:f0:08:c1:c3:4b:2c:8b:de:bd:92:42:eb:45:ec:
dd:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:CB:EC:9B:ED:C8:A7:66:2E:82:1C:C6:00:53:74:CB:58:8C:8B:8E
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b95465ac-2cc6-42c1-aab8-02c168f374a7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:800::/40
Signature Algorithm: sha256WithRSAEncryption
79:46:37:c8:03:64:e5:5a:07:fb:cb:aa:a2:0c:bc:9e:b0:4f:
aa:7b:2c:cb:1c:60:73:7b:62:db:65:18:6d:3b:86:2c:2a:06:
ff:da:30:14:d9:56:15:13:b0:c2:bb:71:6f:59:ba:1a:86:d3:
9e:58:90:19:4a:bb:39:6d:1d:47:9e:d3:fd:fe:c2:7c:3c:30:
2e:13:70:7d:0d:48:4f:45:36:68:6c:83:d4:61:70:f8:00:ce:
ae:66:38:d5:e7:50:f0:f3:97:9a:81:e8:8d:07:3d:d9:68:3f:
b1:5c:aa:e6:14:28:30:80:df:49:76:62:36:ed:45:ee:b4:c9:
36:8e:85:7a:65:68:23:67:2a:8d:81:58:5b:47:1d:2a:1a:f6:
6f:9a:ed:a1:76:d1:6f:35:f8:bf:a5:30:9b:ea:5e:d6:2e:d3:
f0:bc:c9:e0:9e:fa:71:26:43:7b:c8:9c:23:01:92:dc:14:33:
ce:34:65:cd:59:3f:27:b5:ae:c4:16:35:5f:93:cc:26:20:e4:
ea:49:c1:2a:2d:bc:d5:a2:7e:ee:90:eb:e0:8f:67:89:ca:68:
27:50:c5:7b:c1:57:37:6b:ab:e0:9b:91:f1:0b:62:f1:5c:09:
38:97:0d:39:38:c6:cc:4c:01:64:22:9c:72:fa:4b:76:77:96:
1e:6f:c4:f8
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUVsmX2uTCdlOcsZ0731/JVk3FQ2swDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZjRiYzVlZTZjMDAzNzZiYzBjZTQz
ODczOTkwMmYzNzIwYTBlMDg0Mjg5NTBkNGFjOGRhZjVlZGYyMDVlYjcyZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvM85xlODJ7TVZawh400CFFHxiI0n
LzZLfbt5PfPjcyY04VRGLyh0vfJLt8QzaFVBnZHLOeQf7uYcnkLCKb33elfOcDg9
j98uXHB7ASVoPt63Y+hXNR7vLQEd0VWMjngbRxdDuuQx9fG9/80/QHdn9PEQ/UfN
gte47L9HNbWQGPFA3J0/WA+lFzAz7c48MAGZaGNTg9qAxCm1bm84IfDPjuF2u0Kl
HkdJWZbtwp1eZ5FjSkQCIOZGeuifDnLH3J3v7CBSNwRrO6O4anMXCI+H9gKcCJee
llsxvIZi3eNDGDWOTVnBs5QlZ2X1pg5ICZOb8AjBw0ssi969kkLrRezdQwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFDXL7JvtyKdmLoIcxgBTdMtYjIuOMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2I5NTQ2NWFjLTJjYzYtNDJjMS1hYWI4LTAyYzE2OGYzNzRhNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+wgwDQYJKoZIhvcNAQELBQADggEBAHlGN8gDZOVaB/vLqqIM
vJ6wT6p7LMscYHN7YttlGG07hiwqBv/aMBTZVhUTsMK7cW9ZuhqG055YkBlKuzlt
HUee0/3+wnw8MC4TcH0NSE9FNmhsg9RhcPgAzq5mONXnUPDzl5qB6I0HPdloP7Fc
quYUKDCA30l2YjbtRe60yTaOhXplaCNnKo2BWFtHHSoa9m+a7aF20W81+L+lMJvq
XtYu0/C8yeCe+nEmQ3vInCMBktwUM840Zc1ZPye1rsQWNV+TzCYg5OpJwSotvNWi
fu6Q6+CPZ4nKaCdQxXvBVzdrq+CbkfELYvFcCTiXDTk4xsxMAWQinHL6S3Z3lh5v
xPg=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:10:13 2025 by rpki-client