Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c9ce333f-f82f-4bb6-b248-800fa459c6e7.roa
File: c9ce333f-f82f-4bb6-b248-800fa459c6e7.roa (raw, json)
Hash identifier: wyTe2URJ/6p7obaSSUS6xf8RBV60BArDqk99q8aEOx4=
Subject key identifier: A6:60:15:59:91:6C:32:9C:4C:18:47:FD:12:B6:92:86:AA:A2:BA:E3
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5B70FAA43926D2A5027F72A551B918E68DE44AC1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c9ce333f-f82f-4bb6-b248-800fa459c6e7.roa
Signing time: Wed 30 Jul 2025 00:11:27 +0000
ROA not before: Wed 30 Jul 2025 00:11:27 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:8080::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Jul 2025 17:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5b:70:fa:a4:39:26:d2:a5:02:7f:72:a5:51:b9:18:e6:8d:e4:4a:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:11:27 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=804b7048ab743efd7d295ae3ce614349dbd54363cb02e0063b12bf74edf03dc8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:15:18:24:78:48:ec:cc:86:49:7e:e8:0f:7c:
4d:7a:e1:67:f2:e2:87:ba:4c:ba:d3:de:dc:0d:3a:
68:06:20:3c:38:e1:07:2c:9e:67:45:64:07:12:b2:
73:f0:3c:12:5d:2b:44:9e:99:13:c1:4c:17:81:3c:
23:e5:03:1c:34:8f:10:74:e8:c3:9e:7a:52:a2:9a:
18:02:44:06:8a:17:a1:71:1b:b8:9b:92:92:86:a8:
34:eb:9b:b2:a9:3b:f2:02:ba:8b:ae:4a:ba:a6:0b:
d3:d0:06:e3:ba:24:17:97:47:1b:5b:55:2c:bd:41:
c6:e2:3c:85:f5:c8:15:eb:d4:34:00:3c:6d:7b:28:
66:28:3c:4c:18:80:10:a4:0a:0d:87:44:cc:9b:d1:
0c:4d:d5:3e:88:5b:d7:61:aa:2d:cf:90:c6:3c:f7:
f6:23:dc:80:f5:96:22:49:ec:08:a6:f8:97:0d:d9:
84:9d:be:4c:3d:90:90:85:8d:03:8a:97:50:99:b6:
67:80:80:c4:1f:e3:b9:23:76:2b:a9:5e:a3:da:34:
cf:38:a0:c0:f0:6e:de:b5:71:50:4c:f3:98:c6:d4:
8f:27:20:21:f4:b6:a6:a3:31:ff:58:f2:54:0f:15:
25:fb:ea:2a:7c:84:e1:46:92:c1:e1:aa:73:32:ab:
ca:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:60:15:59:91:6C:32:9C:4C:18:47:FD:12:B6:92:86:AA:A2:BA:E3
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/c9ce333f-f82f-4bb6-b248-800fa459c6e7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:8080::/46
Signature Algorithm: sha256WithRSAEncryption
0e:8b:cb:b1:15:85:9f:8a:71:a2:b7:e3:ee:e9:9e:85:54:12:
c4:bc:ce:40:0e:82:7c:be:39:74:a3:93:aa:cd:0f:32:ba:0e:
79:ff:38:71:55:2e:ca:73:55:b6:82:6d:1f:14:17:45:cf:e8:
d5:c9:c9:a5:10:33:81:b0:56:67:a0:2d:72:40:b1:cc:8e:af:
50:c7:98:d4:b8:55:a5:58:29:b9:bf:49:e4:92:4b:0a:80:19:
ea:c3:18:41:0b:97:fb:ca:17:07:65:b5:dc:6b:c7:a2:77:fd:
51:51:28:69:32:a5:97:d4:28:96:ef:b0:84:ac:1c:a8:d3:77:
6d:dc:03:26:e5:5e:c2:5f:57:4b:65:77:4e:bb:56:58:ed:36:
7a:cd:ee:61:97:81:64:1d:40:a5:a2:66:2c:05:f7:7f:03:31:
d0:f3:eb:37:dd:79:f1:42:b4:b4:35:51:1d:0e:bf:d1:bd:1a:
17:b6:70:a6:5a:7b:5b:35:6b:ed:51:d1:75:29:ab:9c:75:3f:
da:20:4d:30:3a:64:95:25:9a:f8:a8:a1:af:bd:d9:26:48:31:
1d:02:b8:d6:75:d9:df:23:84:fb:47:43:f6:12:fa:1f:29:78:
f8:7e:de:71:40:ed:c6:c4:b6:2f:f8:af:91:2b:bf:47:ab:ab:
66:10:8c:87
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUW3D6pDkm0qUCf3KlUbkY5o3kSsEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMTEyN1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAODA0YjcwNDhhYjc0M2VmZDdkMjk1
YWUzY2U2MTQzNDlkYmQ1NDM2M2NiMDJlMDA2M2IxMmJmNzRlZGYwM2RjODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmBUYJHhI7MyGSX7oD3xNeuFn8uKH
uky6097cDTpoBiA8OOEHLJ5nRWQHErJz8DwSXStEnpkTwUwXgTwj5QMcNI8QdOjD
nnpSopoYAkQGihehcRu4m5KShqg065uyqTvyArqLrkq6pgvT0AbjuiQXl0cbW1Us
vUHG4jyF9cgV69Q0ADxteyhmKDxMGIAQpAoNh0TMm9EMTdU+iFvXYaotz5DGPPf2
I9yA9ZYiSewIpviXDdmEnb5MPZCQhY0DipdQmbZngIDEH+O5I3YrqV6j2jTPOKDA
8G7etXFQTPOYxtSPJyAh9LamozH/WPJUDxUl++oqfIThRpLB4apzMqvK7wIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFKZgFVmRbDKcTBhH/RK2koaqorrjMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2M5Y2UzMzNmLWY4MmYtNGJiNi1iMjQ4LTgwMGZhNDU5YzZlNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAbaaYCAMA0GCSqGSIb3DQEBCwUAA4IBAQAOi8uxFYWfinGit+Pu
6Z6FVBLEvM5ADoJ8vjl0o5OqzQ8yug55/zhxVS7Kc1W2gm0fFBdFz+jVycmlEDOB
sFZnoC1yQLHMjq9Qx5jUuFWlWCm5v0nkkksKgBnqwxhBC5f7yhcHZbXca8eid/1R
UShpMqWX1CiW77CErByo03dt3AMm5V7CX1dLZXdOu1ZY7TZ6ze5hl4FkHUClomYs
Bfd/AzHQ8+s33XnxQrS0NVEdDr/RvRoXtnCmWntbNWvtUdF1KaucdT/aIE0wOmSV
JZr4qKGvvdkmSDEdArjWddnfI4T7R0P2EvofKXj4ft5xQO3GxLYv+K+RK79Hq6tm
EIyH
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:00:15 2025 by rpki-client