Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0d4438c-48d3-4e79-8a64-d15a4521eb7b.roa
File: c0d4438c-48d3-4e79-8a64-d15a4521eb7b.roa (raw, json)
Hash identifier: Xb4Kh8xL+IyjcGypSsI5ChUAaODxomSlvV5iAQUeYz8=
Subject key identifier: E7:D4:80:FB:27:DF:1F:A6:4E:0E:97:CD:8B:FA:BF:7E:CB:09:74:78
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 7ADAEFF2623DEB38A468C8F98C1EE07D4535B11B
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0d4438c-48d3-4e79-8a64-d15a4521eb7b.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 16:51:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7a:da:ef:f2:62:3d:eb:38:a4:68:c8:f9:8c:1e:e0:7d:45:35:b1:1b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:6f:b5:37:14:ab:8b:2c:84:24:e4:fc:de:91:
db:15:e3:53:5b:5e:bf:12:f7:09:61:74:6f:6c:88:
f8:4a:00:6f:fb:65:83:8d:a7:67:38:62:28:94:37:
39:1f:13:68:26:0d:1a:a6:2e:92:c1:5d:10:b0:26:
92:29:b8:cc:27:63:95:8d:62:03:ac:d8:d2:f3:a9:
43:48:29:58:f2:d7:03:2c:39:f5:c2:a4:8d:f7:bf:
c4:5c:e0:d6:70:27:d2:a6:53:13:ab:d3:fc:fd:0c:
04:96:22:07:fe:10:20:70:99:0e:8d:4f:b0:48:a7:
38:c1:d9:37:2c:08:9f:2a:5c:b6:68:2c:85:0c:39:
be:27:56:81:28:85:cf:7b:97:d1:52:3d:81:38:b9:
d0:16:82:c7:0d:8f:06:c9:67:52:fe:d5:2a:78:21:
a6:80:e5:49:34:41:c8:e2:b9:31:15:8b:e1:1a:c6:
e6:ef:09:af:1d:4c:21:f3:40:45:ed:63:28:ef:ee:
86:59:90:89:91:88:09:93:cf:fa:43:15:95:d4:71:
15:56:f3:bb:b5:84:2c:73:20:55:c0:b0:f2:50:14:
aa:56:b3:ea:38:f2:db:76:7f:64:44:f0:1b:12:e8:
ed:98:93:ff:e8:87:9b:0e:40:34:89:c6:91:a0:02:
7c:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D4:80:FB:27:DF:1F:A6:4E:0E:97:CD:8B:FA:BF:7E:CB:09:74:78
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c0d4438c-48d3-4e79-8a64-d15a4521eb7b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:800::/40
Signature Algorithm: sha256WithRSAEncryption
75:f1:4b:8f:01:8b:b5:52:de:21:1f:fe:13:8e:06:16:e4:4d:
28:b0:31:dd:fc:e1:e9:6d:f9:77:16:f4:37:03:50:7c:8a:b9:
eb:7e:22:d0:52:e5:39:12:b1:e3:3e:ed:31:95:02:07:3e:1e:
1a:fe:6b:22:fb:4b:4f:5e:ad:9e:91:e1:97:5c:29:11:d0:62:
53:f2:0a:4f:33:78:c5:a4:43:d1:45:58:9e:b4:a7:dd:78:02:
56:1d:f7:e9:b0:50:d4:b1:11:f7:fd:4c:e8:f8:2f:6d:05:b5:
30:d9:f2:af:af:b7:4f:4d:78:38:8b:ff:64:4c:7b:4c:fc:cb:
70:21:d5:7e:13:7d:0d:1b:60:48:09:25:be:42:bf:b8:e0:62:
c6:d0:bb:3a:b8:97:7e:58:d8:38:df:00:c9:8c:c8:9a:75:01:
5b:a2:95:5b:73:87:8d:de:3a:d7:1f:63:77:5e:86:19:f5:f1:
21:0f:b2:05:6f:15:84:f7:64:2e:eb:aa:dd:d6:71:5b:90:36:
11:e2:d8:71:6e:e4:73:38:b8:f1:ed:3a:57:be:56:b1:2e:3d:
ea:4f:02:4a:3f:19:d1:5e:e1:ca:c7:ab:be:5e:db:a8:f3:da:
45:dd:5c:85:b7:5e:2d:85:06:d9:f3:63:c8:9f:1d:c6:bf:53:
57:05:8b:ef
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUetrv8mI96zikaMj5jB7gfUU1sRswDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMmJlYWY2NTA2ZjhhMTU3ZmNlMjYz
MGYzZmNhYWJjOWE0MWJiZjE1YTA2ZGI1MTE2MDczZGVkNjBkMzE0OTU4MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxG+1NxSriyyEJOT83pHbFeNTW16/
EvcJYXRvbIj4SgBv+2WDjadnOGIolDc5HxNoJg0api6SwV0QsCaSKbjMJ2OVjWID
rNjS86lDSClY8tcDLDn1wqSN97/EXODWcCfSplMTq9P8/QwEliIH/hAgcJkOjU+w
SKc4wdk3LAifKly2aCyFDDm+J1aBKIXPe5fRUj2BOLnQFoLHDY8GyWdS/tUqeCGm
gOVJNEHI4rkxFYvhGsbm7wmvHUwh80BF7WMo7+6GWZCJkYgJk8/6QxWV1HEVVvO7
tYQscyBVwLDyUBSqVrPqOPLbdn9kRPAbEujtmJP/6IebDkA0icaRoAJ8SwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOfUgPsn3x+mTg6XzYv6v37LCXR4MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2MwZDQ0MzhjLTQ4ZDMtNGU3OS04YTY0LWQxNWE0NTIxZWI3Yi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8ggwDQYJKoZIhvcNAQELBQADggEBAHXxS48Bi7VS3iEf/hOO
BhbkTSiwMd384elt+XcW9DcDUHyKuet+ItBS5TkSseM+7TGVAgc+Hhr+ayL7S09e
rZ6R4ZdcKRHQYlPyCk8zeMWkQ9FFWJ60p914AlYd9+mwUNSxEff9TOj4L20FtTDZ
8q+vt09NeDiL/2RMe0z8y3Ah1X4TfQ0bYEgJJb5Cv7jgYsbQuzq4l35Y2DjfAMmM
yJp1AVuilVtzh43eOtcfY3dehhn18SEPsgVvFYT3ZC7rqt3WcVuQNhHi2HFu5HM4
uPHtOle+VrEuPepPAko/GdFe4crHq75e26jz2kXdXIW3Xi2FBtnzY8ifHca/U1cF
i+8=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:59:57 2025 by rpki-client