Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa
File: cebc5290-288e-4f33-9035-a2d651433cdd.roa (raw, json)
Hash identifier: O+b6hUoX7DZcX/3RodpIBMWIcAZ7pVhE3nBWIzcujV4=
Subject key identifier: 10:5C:90:30:CD:04:35:ED:40:9C:D4:64:E6:39:DF:3F:79:92:45:B3
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 787D0EE280F45C0A56B7046DD9890425E38C59E6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:c000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 15:41:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:7d:0e:e2:80:f4:5c:0a:56:b7:04:6d:d9:89:04:25:e3:8c:59:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:77:8c:a7:52:14:6e:20:13:b4:0b:b7:31:e8:
8b:93:e4:68:c3:11:fd:93:aa:94:21:dc:23:ea:e0:
4b:d4:7e:2b:f3:ce:63:2c:06:e6:c3:0d:11:76:a9:
02:c5:78:cf:32:da:38:1c:45:3b:38:8d:8f:98:ad:
fb:71:63:f3:3c:ae:84:16:16:a9:b1:2e:df:c4:45:
c0:a1:b5:18:09:cd:74:8b:18:1f:c8:7f:02:c9:8f:
9c:0e:45:f4:7f:75:c0:72:1b:99:5c:28:38:be:a3:
bb:91:5b:5a:28:32:18:89:0b:a6:3e:78:4d:9a:c7:
56:12:40:21:8c:da:35:38:02:93:48:dd:95:08:9a:
3a:5d:e8:99:81:76:b8:5d:3a:35:5d:6a:77:29:b8:
69:64:00:6b:4f:68:7a:0f:e8:55:c9:e7:3d:8e:e4:
90:77:da:fb:38:d5:37:a1:ed:6b:fe:ea:10:85:41:
80:00:48:a3:74:8b:64:56:14:bc:e8:30:49:5c:f8:
2d:7b:f0:b0:8e:24:1d:0c:19:02:f3:5c:30:f0:02:
30:51:2c:c9:48:0a:a9:bc:5d:d8:81:e3:3d:d8:76:
ea:e7:ce:c8:d7:41:09:2c:f9:c8:30:84:70:f7:7c:
99:0e:1e:6f:f1:cc:03:cf:f7:03:99:e3:89:7d:88:
c4:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:5C:90:30:CD:04:35:ED:40:9C:D4:64:E6:39:DF:3F:79:92:45:B3
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cebc5290-288e-4f33-9035-a2d651433cdd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:c000::/40
Signature Algorithm: sha256WithRSAEncryption
a6:41:f3:14:6f:f9:7f:a6:9d:67:7d:38:0d:67:4c:12:6d:21:
cb:5b:08:10:96:b7:12:65:91:46:de:61:2d:18:97:e3:0a:6b:
b5:f6:94:93:73:f9:e0:69:05:c4:fd:4f:df:22:78:f8:a3:cd:
04:39:d0:2f:7a:ed:6a:86:5d:92:32:0e:18:b3:67:24:e2:a0:
bd:b8:c7:43:e5:14:3b:c7:49:b1:bf:4a:26:46:eb:f4:1c:a8:
1b:08:66:8e:a4:33:bc:80:06:64:1d:c9:9b:e2:ef:16:5e:76:
f1:b4:ae:50:22:f3:ca:20:d1:b7:52:72:3e:e2:98:64:a1:7c:
96:60:4a:ff:43:6b:cb:67:82:20:bd:8b:1f:cc:3b:29:19:89:
ce:f0:fe:a5:4a:e9:b3:a6:eb:85:5c:00:f5:a3:9b:9c:bf:fc:
61:6e:c5:bc:2f:82:74:08:74:ca:b6:ac:9e:31:be:b1:55:10:
c8:8e:14:88:c1:ff:42:30:37:3a:5c:8d:4e:69:1e:f0:ca:bb:
e1:75:cd:de:6d:da:2f:e8:e8:e0:6f:b5:58:15:4d:e9:60:f5:
f1:19:68:ce:5d:1e:67:cc:c9:7a:dd:51:c2:9b:78:a8:0e:d1:
78:63:9e:d8:b2:01:3b:c8:9f:2a:8c:5b:38:c0:6d:21:a5:e3:
ed:1f:36:b1
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUeH0O4oD0XApWtwRt2YkEJeOMWeYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMTljN2M5NmFkZTllZDk3NjRiZmQ0
NTFjNWNmOTdkMmU2YjQ4MDMwY2FmNjcyNzZiNGFjY2Q1OWQzMGI5MTAzZTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzneMp1IUbiATtAu3MeiLk+RowxH9
k6qUIdwj6uBL1H4r885jLAbmww0RdqkCxXjPMto4HEU7OI2PmK37cWPzPK6EFhap
sS7fxEXAobUYCc10ixgfyH8CyY+cDkX0f3XAchuZXCg4vqO7kVtaKDIYiQumPnhN
msdWEkAhjNo1OAKTSN2VCJo6XeiZgXa4XTo1XWp3KbhpZABrT2h6D+hVyec9juSQ
d9r7ONU3oe1r/uoQhUGAAEijdItkVhS86DBJXPgte/CwjiQdDBkC81ww8AIwUSzJ
SAqpvF3YgeM92Hbq587I10EJLPnIMIRw93yZDh5v8cwDz/cDmeOJfYjE7QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBBckDDNBDXtQJzUZOY53z95kkWzMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2NlYmM1MjkwLTI4OGUtNGYzMy05MDM1LWEyZDY1MTQzM2NkZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaAMAwDQYJKoZIhvcNAQELBQADggEBAKZB8xRv+X+mnWd9OA1n
TBJtIctbCBCWtxJlkUbeYS0Yl+MKa7X2lJNz+eBpBcT9T98iePijzQQ50C967WqG
XZIyDhizZyTioL24x0PlFDvHSbG/SiZG6/QcqBsIZo6kM7yABmQdyZvi7xZedvG0
rlAi88og0bdScj7imGShfJZgSv9Da8tngiC9ix/MOykZic7w/qVK6bOm64VcAPWj
m5y//GFuxbwvgnQIdMq2rJ4xvrFVEMiOFIjB/0IwNzpcjU5pHvDKu+F1zd5t2i/o
6OBvtVgVTelg9fEZaM5dHmfMyXrdUcKbeKgO0XhjntiyATvInyqMWzjAbSGl4+0f
NrE=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:07:18 2025 by rpki-client