Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b95465ac-2cc6-42c1-aab8-02c168f374a7.roa
File: b95465ac-2cc6-42c1-aab8-02c168f374a7.roa (raw, json)
Hash identifier: DGk5QH4s9GBdG3NL3nfzjclVDuUOmRpcZFyUOs2RQ+A=
Subject key identifier: 82:52:43:46:8C:05:74:94:38:42:3C:88:EA:31:34:A2:0F:96:52:08
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3179B1BA956DB1E88B24E12953C9ABA6860593DD
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b95465ac-2cc6-42c1-aab8-02c168f374a7.roa
Signing time: Wed 30 Jul 2025 00:31:10 +0000
ROA not before: Wed 30 Jul 2025 00:31:10 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:800::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 30 Jul 2025 17:52:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
31:79:b1:ba:95:6d:b1:e8:8b:24:e1:29:53:c9:ab:a6:86:05:93:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:31:10 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=0b24cd11fe9005648e5bfd716a1eed60e12e84ff121b52f80499952983ea4e1b, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:f1:cd:91:f7:07:d0:56:2c:e2:af:a3:d6:dd:
97:a0:b4:ea:ed:68:6b:09:86:fd:f5:f3:06:ed:95:
f3:8d:21:c3:19:2f:f7:14:05:e0:d6:85:6b:ab:c0:
27:aa:59:67:cc:66:8e:33:8a:54:80:06:2a:b2:a7:
58:cd:d3:48:54:9d:a7:ee:fd:71:52:ca:57:80:5f:
8d:5e:e5:91:f4:32:de:f6:ba:9f:d5:d6:2b:90:ea:
d4:77:bf:31:93:d5:5e:99:ed:05:c4:96:a7:61:fc:
c4:84:d5:ac:49:7e:a2:87:8f:3b:2d:d3:b6:22:90:
54:9b:de:c4:0e:7c:a3:b6:44:5a:03:b8:de:45:cf:
5c:5a:1a:30:b7:a2:8b:1f:f8:7a:b3:8a:14:fb:99:
ce:0e:d4:17:de:1c:8e:8d:7a:a3:36:2c:85:b8:72:
ee:77:d0:b4:0b:28:19:69:35:d4:b4:f7:65:89:72:
77:bd:ba:9a:40:81:96:31:da:3b:63:2a:af:a4:ee:
08:48:10:d9:79:08:ea:3b:0c:e7:6a:5f:c2:9b:00:
66:8e:a1:67:51:d3:f0:36:46:8a:39:cb:5c:a6:11:
a4:44:49:4f:1c:09:70:62:9c:12:90:db:b4:66:c8:
ff:d4:69:52:13:19:ac:99:1f:33:d5:f1:4f:dd:0b:
be:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
82:52:43:46:8C:05:74:94:38:42:3C:88:EA:31:34:A2:0F:96:52:08
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/b95465ac-2cc6-42c1-aab8-02c168f374a7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:800::/40
Signature Algorithm: sha256WithRSAEncryption
ac:a5:a9:03:64:86:2e:09:71:cf:9c:b7:a3:a2:08:eb:9f:fc:
26:a0:89:29:0b:e8:05:3f:a5:55:02:62:dc:5e:54:05:f0:07:
5c:68:0f:ca:e8:84:d8:66:f6:96:f6:00:89:24:2d:75:f8:03:
6d:be:eb:4b:19:26:24:64:6d:9e:77:51:c4:8c:a1:b8:49:6e:
e9:64:8c:c0:3b:2a:0b:77:7a:0b:19:e3:9c:ec:ef:2d:f1:13:
69:7c:d2:5a:44:bc:39:95:68:55:01:b4:c9:44:82:44:19:58:
ab:9d:d3:2b:f1:f9:b2:93:fa:f6:fa:e2:93:02:2b:66:19:4a:
ae:a7:0b:43:77:f4:5e:6b:bf:92:04:be:cc:79:0f:a8:00:3d:
6a:89:01:92:54:96:fb:37:78:81:cb:bd:a7:cf:ce:f0:a9:c7:
2e:b8:3c:a9:65:50:62:0e:54:c4:97:36:ee:af:6b:1c:c2:84:
f0:39:13:3f:9a:bc:77:cc:41:bb:e1:e4:c7:5c:89:3a:ba:fc:
d6:6d:e9:d8:27:83:77:ab:49:b4:26:78:2c:24:b7:d5:be:55:
81:89:b3:24:13:64:2b:28:ad:36:6d:c2:3c:44:1d:13:cc:64:
5f:ba:b9:95:9b:86:fb:be:73:ff:a0:b9:04:ce:6b:02:d9:39:
96:99:b9:9a
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUMXmxupVtseiLJOEpU8mrpoYFk90wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMzExMFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAMGIyNGNkMTFmZTkwMDU2NDhlNWJm
ZDcxNmExZWVkNjBlMTJlODRmZjEyMWI1MmY4MDQ5OTk1Mjk4M2VhNGUxYjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlPHNkfcH0FYs4q+j1t2XoLTq7Whr
CYb99fMG7ZXzjSHDGS/3FAXg1oVrq8AnqllnzGaOM4pUgAYqsqdYzdNIVJ2n7v1x
UspXgF+NXuWR9DLe9rqf1dYrkOrUd78xk9Veme0FxJanYfzEhNWsSX6ih487LdO2
IpBUm97EDnyjtkRaA7jeRc9cWhowt6KLH/h6s4oU+5nODtQX3hyOjXqjNiyFuHLu
d9C0CygZaTXUtPdliXJ3vbqaQIGWMdo7YyqvpO4ISBDZeQjqOwznal/CmwBmjqFn
UdPwNkaKOctcphGkRElPHAlwYpwSkNu0Zsj/1GlSExmsmR8z1fFP3Qu+ZQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFIJSQ0aMBXSUOEI8iOoxNKIPllIIMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2I5NTQ2NWFjLTJjYzYtNDJjMS1hYWI4LTAyYzE2OGYzNzRhNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+wgwDQYJKoZIhvcNAQELBQADggEBAKylqQNkhi4Jcc+ct6Oi
COuf/CagiSkL6AU/pVUCYtxeVAXwB1xoD8rohNhm9pb2AIkkLXX4A22+60sZJiRk
bZ53UcSMobhJbulkjMA7Kgt3egsZ45zs7y3xE2l80lpEvDmVaFUBtMlEgkQZWKud
0yvx+bKT+vb64pMCK2YZSq6nC0N39F5rv5IEvsx5D6gAPWqJAZJUlvs3eIHLvafP
zvCpxy64PKllUGIOVMSXNu6vaxzChPA5Ez+avHfMQbvh5MdciTq6/NZt6dgng3er
SbQmeCwkt9W+VYGJsyQTZCsorTZtwjxEHRPMZF+6uZWbhvu+c/+guQTOawLZOZaZ
uZo=
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:59:18 2025 by rpki-client