Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bc8bdf04-5d66-490b-aecc-00ee9f42096c.roa
File: bc8bdf04-5d66-490b-aecc-00ee9f42096c.roa (raw, json)
Hash identifier: Au/C5YVNEalWpd/FnD+s2nL2SieHpjIlk7joIJ+8qC4=
Subject key identifier: 9F:80:28:9F:F4:B8:D1:41:DE:C6:9F:D1:71:9A:89:6B:5D:33:6E:56
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 665C72671CB1DE5A5BF5E403E592633BDB3B755B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bc8bdf04-5d66-490b-aecc-00ee9f42096c.roa
Signing time: Thu 22 May 2025 00:38:26 +0000
ROA not before: Thu 22 May 2025 00:38:26 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dab9:70c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 19:38:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
66:5c:72:67:1c:b1:de:5a:5b:f5:e4:03:e5:92:63:3b:db:3b:75:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: May 22 00:38:26 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=4d733d9447b56c1e022f86a1db9e78cc3456c968b26e54a2b1c94b3a28141c3d, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:a0:b8:30:b6:60:f2:46:0d:eb:2f:99:e2:78:
d3:43:a6:ab:60:6a:80:0e:15:bc:b5:fc:6f:6c:59:
63:3d:dd:0b:36:9a:f4:db:9a:0b:f4:e9:1b:01:94:
9c:cd:03:d7:56:a9:e1:44:42:36:ce:2e:1d:d4:03:
df:8f:e7:6a:da:73:71:43:e3:1f:5e:b6:41:93:8f:
bb:ac:fb:6a:f1:8e:f0:0f:88:e0:dd:37:2d:6b:e3:
0d:a1:de:fe:67:06:ff:31:d2:3a:b1:09:db:bf:22:
5c:9f:f3:fe:b8:0f:31:14:9c:43:a2:71:ff:69:b6:
52:cf:63:c7:ea:29:d9:df:b4:cb:1e:09:08:9f:0f:
9b:1c:a8:0c:68:8f:3f:10:a0:4d:3b:ae:33:f8:43:
46:ff:4e:e7:9e:dc:35:84:a6:89:1f:09:11:a1:2e:
ad:d6:03:17:86:41:60:30:f7:6e:e9:32:85:fd:05:
53:8e:71:5a:4e:0b:9b:00:db:7d:b5:f4:7a:fc:1c:
b6:e6:c1:7a:41:9e:f6:63:1b:e7:a8:6c:2c:59:c2:
7f:b1:4b:3c:10:34:28:a7:84:3b:72:f4:ff:63:6d:
a6:a6:23:6b:6a:34:a9:f6:f8:a2:53:04:65:e6:6d:
4f:df:34:b4:e2:e5:69:bb:8b:d8:c8:61:20:88:dd:
17:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:80:28:9F:F4:B8:D1:41:DE:C6:9F:D1:71:9A:89:6B:5D:33:6E:56
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/bc8bdf04-5d66-490b-aecc-00ee9f42096c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dab9:70c0::/48
Signature Algorithm: sha256WithRSAEncryption
9c:cb:5a:2d:5e:9c:01:e9:e9:11:d7:ac:f8:49:73:01:80:46:
29:d3:de:54:b0:79:3c:ae:3c:79:62:12:60:d6:5b:28:30:ef:
fb:97:a5:7a:a9:62:66:49:cf:77:a9:f5:02:e5:c2:f3:08:a7:
5c:57:b4:96:51:a1:10:6e:29:b3:4c:26:dc:33:87:46:bc:f0:
0e:15:24:b4:9e:98:82:fe:45:9c:bf:f7:e6:c3:6f:11:c0:48:
bf:3f:f4:33:99:49:3c:8e:2c:79:3c:09:a5:08:11:11:b7:8a:
9a:1b:cb:3a:24:55:32:01:65:38:2a:81:e8:74:46:15:8e:c8:
a9:2d:03:6e:81:b4:ff:32:4d:19:e7:e6:27:de:49:e3:c3:0e:
11:62:56:fd:03:8e:30:a6:45:60:3d:e3:7c:0e:97:07:d9:7b:
f4:66:16:5b:63:bd:c3:7d:55:b4:1a:f1:90:50:2e:cd:8e:b4:
1f:23:81:07:df:40:8c:14:75:b9:31:08:62:72:bf:5e:63:40:
43:6e:d1:e1:30:98:bf:ba:bd:2e:38:39:42:57:74:78:54:f5:
ca:c3:4e:b3:d5:1a:72:0e:72:6f:92:93:33:0b:84:88:5f:d2:
c7:6f:95:0c:20:86:36:d5:b9:d6:cc:e9:87:1e:6f:d6:47:70:
c4:c2:30:2c
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUZlxyZxyx3lpb9eQD5ZJjO9s7dVswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUyMjAwMzgyNloX
DTI1MDYyNjIzNTk1OVowejFJMEcGA1UEBRNANGQ3MzNkOTQ0N2I1NmMxZTAyMmY4
NmExZGI5ZTc4Y2MzNDU2Yzk2OGIyNmU1NGEyYjFjOTRiM2EyODE0MWMzZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqC4MLZg8kYN6y+Z4njTQ6arYGqA
DhW8tfxvbFljPd0LNpr025oL9OkbAZSczQPXVqnhREI2zi4d1APfj+dq2nNxQ+Mf
XrZBk4+7rPtq8Y7wD4jg3Tcta+MNod7+Zwb/MdI6sQnbvyJcn/P+uA8xFJxDonH/
abZSz2PH6inZ37TLHgkInw+bHKgMaI8/EKBNO64z+ENG/07nntw1hKaJHwkRoS6t
1gMXhkFgMPdu6TKF/QVTjnFaTgubANt9tfR6/By25sF6QZ72YxvnqGwsWcJ/sUs8
EDQop4Q7cvT/Y22mpiNrajSp9viiUwRl5m1P3zS04uVpu4vYyGEgiN0XAwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFJ+AKJ/0uNFB3saf0XGaiWtdM25WMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2JjOGJkZjA0LTVkNjYtNDkwYi1hZWNjLTAwZWU5ZjQyMDk2Yy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAbauXDAMA0GCSqGSIb3DQEBCwUAA4IBAQCcy1otXpwB6ekR16z4
SXMBgEYp095UsHk8rjx5YhJg1lsoMO/7l6V6qWJmSc93qfUC5cLzCKdcV7SWUaEQ
bimzTCbcM4dGvPAOFSS0npiC/kWcv/fmw28RwEi/P/QzmUk8jix5PAmlCBERt4qa
G8s6JFUyAWU4KoHodEYVjsipLQNugbT/Mk0Z5+Yn3knjww4RYlb9A44wpkVgPeN8
DpcH2Xv0ZhZbY73DfVW0GvGQUC7NjrQfI4EH30CMFHW5MQhicr9eY0BDbtHhMJi/
ur0uODlCV3R4VPXKw06z1RpyDnJvkpMzC4SIX9LHb5UMIIY21bnWzOmHHm/WR3DE
wjAs
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:17:16 2025 by rpki-client