Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb33c6e9-83b9-43c3-b458-53adf7b3e53d.roa
File: bb33c6e9-83b9-43c3-b458-53adf7b3e53d.roa (raw, json)
Hash identifier: 4TwtuKdlE9ov0xSP+HaAoL712O54oAVQgtJjwWFmjxE=
Subject key identifier: AA:2B:D0:74:3B:E9:05:28:46:49:E3:63:28:3F:D6:02:94:81:5D:99
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3D2E77FE9DF133D985154163EA907B913E2B9265
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb33c6e9-83b9-43c3-b458-53adf7b3e53d.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:7000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:30:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:2e:77:fe:9d:f1:33:d9:85:15:41:63:ea:90:7b:91:3e:2b:92:65
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:ec:ff:5c:80:d4:81:09:0a:52:63:d2:8f:33:
84:81:b5:97:34:af:14:4d:06:6b:64:21:01:c4:d0:
3d:b7:24:81:c8:16:f0:62:42:8b:04:89:78:ec:10:
aa:6d:66:1d:6a:24:48:60:c1:38:f3:3d:d0:01:98:
bc:88:34:e8:7c:9b:a8:4c:e4:cd:2e:7c:8b:61:fe:
ac:bc:b6:77:04:a7:2f:6f:b8:f1:73:63:8b:4b:6d:
c0:03:37:1b:8b:7d:bb:52:fe:1e:b7:ce:7b:a6:bf:
14:70:41:bf:a2:ed:ee:fd:96:8a:21:49:df:93:c2:
85:63:2a:76:62:33:c7:7f:ba:30:c2:ed:e3:57:c7:
12:e2:f4:60:d4:d1:3b:02:da:0b:56:03:0f:47:24:
8b:96:f4:55:60:56:aa:2f:4b:c5:af:ab:bb:89:10:
91:6a:8c:90:46:ca:10:32:a0:93:8b:1d:59:f0:2b:
6b:3a:a6:6c:e7:5f:28:db:d6:43:c5:2f:6d:92:ad:
a9:92:9a:a2:79:1c:12:50:2b:6d:05:54:1c:10:d5:
e2:6e:8b:21:be:a3:7d:e2:63:03:cb:8d:24:18:27:
f5:1b:08:07:a4:19:ab:da:e9:c4:c6:2d:dc:bb:8a:
6f:2b:7c:f4:dd:5c:e0:a6:6a:41:59:dd:67:64:ed:
f6:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:2B:D0:74:3B:E9:05:28:46:49:E3:63:28:3F:D6:02:94:81:5D:99
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb33c6e9-83b9-43c3-b458-53adf7b3e53d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:7000::/40
Signature Algorithm: sha256WithRSAEncryption
c4:9d:27:f3:46:f5:9f:e8:5e:fc:5d:cf:93:a0:89:15:5c:aa:
e8:60:27:77:69:24:d0:c1:ad:fc:12:96:af:df:f1:21:5a:62:
c5:e4:39:70:f1:6c:5a:16:5e:41:2d:56:c2:d5:96:10:ea:56:
d0:25:62:d8:36:e4:47:7b:15:9a:2c:77:20:f1:67:44:6e:8c:
00:cf:0d:e7:d1:74:03:7e:2c:3c:bd:81:4f:17:15:b8:9f:63:
bd:8d:48:e6:f4:db:5c:03:96:db:ca:f2:01:3b:ce:ac:4f:10:
30:f7:75:dc:af:42:92:79:8a:19:a9:7c:63:37:ef:a8:28:10:
81:99:30:a3:41:ed:92:82:5c:b9:ef:d9:20:89:ff:c6:4e:61:
08:bd:e0:ce:35:83:9c:13:46:8a:7d:f1:09:d6:2a:13:50:fc:
ea:6e:b7:5a:72:dc:5e:34:57:27:d1:da:cc:43:12:2f:a6:76:
e1:27:de:3b:c6:97:5b:54:2c:40:70:81:ea:1f:e7:45:45:d1:
13:ce:e1:b7:1a:d3:56:c9:48:97:2a:98:78:8a:68:56:92:e8:
7c:a2:6b:70:10:60:24:db:ab:b3:4f:38:a0:5d:94:88:d3:d7:
07:90:7d:72:2a:07:05:71:6b:d7:73:7f:3a:71:33:25:fc:8e:
7c:e4:78:e9
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUPS53/p3xM9mFFUFj6pB7kT4rkmUwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYWRjZjZmYzE1NjM0ZWY4OTlkNWU1
YTliMmIxMDY4ZDE5NTg5MThiZjYzYjQyY2ZmMTU5NWQ4MzY2MDE0YTMxZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuOz/XIDUgQkKUmPSjzOEgbWXNK8U
TQZrZCEBxNA9tySByBbwYkKLBIl47BCqbWYdaiRIYME48z3QAZi8iDTofJuoTOTN
LnyLYf6svLZ3BKcvb7jxc2OLS23AAzcbi327Uv4et857pr8UcEG/ou3u/ZaKIUnf
k8KFYyp2YjPHf7owwu3jV8cS4vRg1NE7AtoLVgMPRySLlvRVYFaqL0vFr6u7iRCR
aoyQRsoQMqCTix1Z8CtrOqZs518o29ZDxS9tkq2pkpqieRwSUCttBVQcENXibosh
vqN94mMDy40kGCf1GwgHpBmr2unExi3cu4pvK3z03VzgpmpBWd1nZO32mQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFKor0HQ76QUoRknjYyg/1gKUgV2ZMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JiMzNjNmU5LTgzYjktNDNjMy1iNDU4LTUzYWRmN2IzZTUzZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaAHAwDQYJKoZIhvcNAQELBQADggEBAMSdJ/NG9Z/oXvxdz5Og
iRVcquhgJ3dpJNDBrfwSlq/f8SFaYsXkOXDxbFoWXkEtVsLVlhDqVtAlYtg25Ed7
FZosdyDxZ0RujADPDefRdAN+LDy9gU8XFbifY72NSOb021wDltvK8gE7zqxPEDD3
ddyvQpJ5ihmpfGM376goEIGZMKNB7ZKCXLnv2SCJ/8ZOYQi94M41g5wTRop98QnW
KhNQ/Oput1py3F40VyfR2sxDEi+mduEn3jvGl1tULEBwgeof50VF0RPO4bca01bJ
SJcqmHiKaFaS6Hyia3AQYCTbq7NPOKBdlIjT1weQfXIqBwVxa9dzfzpxMyX8jnzk
eOk=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:01:12 2025 by rpki-client