Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb43d920-c136-469d-a403-965ad7c2d9d2.roa
File: bb43d920-c136-469d-a403-965ad7c2d9d2.roa (raw, json)
Hash identifier: N0TFNWMr3COwaSsTAcj9LZcoXZhx1s8Xmf4DN9wX8Dk=
Subject key identifier: F7:85:42:EE:CF:31:34:B0:5A:29:94:8D:C9:76:66:41:C5:2D:02:BC
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3B24A24A300D98188B833EF3653FF2E057DD0B27
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb43d920-c136-469d-a403-965ad7c2d9d2.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:a000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 18:50:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3b:24:a2:4a:30:0d:98:18:8b:83:3e:f3:65:3f:f2:e0:57:dd:0b:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:4f:79:d1:37:13:d1:45:01:4d:26:91:0d:c1:
0d:37:19:6f:cd:cf:0d:af:b9:7c:c4:ce:44:fe:9b:
9f:38:21:53:b7:c1:d1:8a:c1:00:78:87:3d:67:dc:
41:39:ca:0b:f7:cf:8e:28:4d:e7:1d:12:d1:7d:78:
e3:5e:9b:8e:9a:39:6f:71:d2:03:5e:2c:3b:de:84:
49:4e:a1:50:b2:0b:bb:3d:de:da:ee:ab:9a:26:4c:
1a:62:28:ce:37:65:88:ce:c8:20:ec:2a:5a:1d:a6:
39:8c:02:ce:bd:c2:90:a3:70:d5:bb:a7:74:87:67:
c6:f6:c4:f3:a2:09:24:67:84:07:a9:5a:05:14:5e:
22:65:e8:a9:a3:47:8c:60:41:a8:17:ae:14:8a:ea:
c4:8d:67:6f:15:3b:0a:7e:24:d8:ca:04:aa:0d:6c:
63:1e:1f:c7:66:d7:74:28:53:58:62:95:0f:10:40:
6d:9a:44:15:23:9d:2c:82:1d:1a:ba:3c:2a:f0:0d:
ec:ad:fc:0c:4d:7f:f6:1f:06:09:10:96:62:08:e0:
00:af:61:7e:0c:02:0f:5b:fa:55:98:cb:3a:bf:98:
43:8f:54:bf:1f:c3:00:94:10:c1:bf:98:ab:60:46:
3d:78:14:d5:c3:58:65:69:ab:03:9d:4f:62:1e:25:
55:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F7:85:42:EE:CF:31:34:B0:5A:29:94:8D:C9:76:66:41:C5:2D:02:BC
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bb43d920-c136-469d-a403-965ad7c2d9d2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:a000::/40
Signature Algorithm: sha256WithRSAEncryption
bd:d0:f8:04:7e:db:fb:a1:f3:60:70:d4:0c:dd:55:93:d7:2d:
36:a0:21:16:7c:20:d0:c8:a8:c6:25:5b:93:61:f5:00:af:96:
d2:88:1d:70:00:58:d2:33:1e:74:7b:42:44:68:1f:10:6e:63:
e2:b5:cf:ea:5d:02:e2:02:02:9c:6d:8b:ee:c9:0a:40:6f:2f:
6e:f9:b7:0c:a8:fe:1f:4c:46:d4:d9:ac:fd:61:68:9e:a8:71:
28:b0:3e:1b:3f:d6:88:53:e2:b1:e1:64:02:45:47:b6:0b:9b:
a8:0b:d9:c4:fb:93:36:53:f0:2a:f0:23:7d:e7:0e:7e:13:ae:
b2:70:a4:3c:e2:6b:48:43:fe:27:39:bb:a4:7d:b7:02:aa:83:
2e:91:ea:2b:5b:6c:1b:f3:01:4d:f2:42:c0:ec:40:ad:4f:0e:
d6:b1:5c:6e:90:52:85:e3:64:bd:a8:fe:a5:22:4c:ac:3c:dc:
c8:be:d3:dc:4f:f3:af:2e:ec:4a:a1:3e:a0:bf:60:dd:d9:b9:
fa:f2:fe:a4:45:42:45:17:53:3f:01:7f:f4:6d:4f:00:ad:7a:
d6:90:25:bd:85:82:f7:c8:bc:10:4c:ec:d2:e3:94:e1:05:1a:
14:fb:8d:10:b9:1b:9e:f1:1c:7a:3c:6b:1a:47:4c:10:c7:52:
80:d4:f4:d6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUOySiSjANmBiLgz7zZT/y4FfdCycwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAZmI0OTQ4ZTE0NWNiNDFiYzNmNWY3
NDlkN2U2NjZiM2FlOWFmMzgwMzBlZTdhOWEyMTg1MjlhNTRmOWZjMzk0ODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs0950TcT0UUBTSaRDcENNxlvzc8N
r7l8xM5E/pufOCFTt8HRisEAeIc9Z9xBOcoL98+OKE3nHRLRfXjjXpuOmjlvcdID
Xiw73oRJTqFQsgu7Pd7a7quaJkwaYijON2WIzsgg7CpaHaY5jALOvcKQo3DVu6d0
h2fG9sTzogkkZ4QHqVoFFF4iZeipo0eMYEGoF64UiurEjWdvFTsKfiTYygSqDWxj
Hh/HZtd0KFNYYpUPEEBtmkQVI50sgh0aujwq8A3srfwMTX/2HwYJEJZiCOAAr2F+
DAIPW/pVmMs6v5hDj1S/H8MAlBDBv5irYEY9eBTVw1hlaasDnU9iHiVVfwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPeFQu7PMTSwWimUjcl2ZkHFLQK8MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JiNDNkOTIwLWMxMzYtNDY5ZC1hNDAzLTk2NWFkN2MyZDlkMi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaaAwDQYJKoZIhvcNAQELBQADggEBAL3Q+AR+2/uh82Bw1Azd
VZPXLTagIRZ8INDIqMYlW5Nh9QCvltKIHXAAWNIzHnR7QkRoHxBuY+K1z+pdAuIC
Apxti+7JCkBvL275twyo/h9MRtTZrP1haJ6ocSiwPhs/1ohT4rHhZAJFR7YLm6gL
2cT7kzZT8CrwI33nDn4TrrJwpDzia0hD/ic5u6R9twKqgy6R6itbbBvzAU3yQsDs
QK1PDtaxXG6QUoXjZL2o/qUiTKw83Mi+09xP868u7EqhPqC/YN3Zufry/qRFQkUX
Uz8Bf/RtTwCtetaQJb2FgvfIvBBM7NLjlOEFGhT7jRC5G57xHHo8axpHTBDHUoDU
9NY=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:53:39 2025 by rpki-client