Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cef6b1d4-a501-46d4-b8d8-32b2f56ae196.roa
File: cef6b1d4-a501-46d4-b8d8-32b2f56ae196.roa (raw, json)
Hash identifier: Tmt/5hKlHIpg1IV/ULxNbjtUGHNX7LBtiOSlcttTQ0U=
Subject key identifier: E8:E9:C2:F3:8E:30:28:95:86:C8:82:FE:35:B7:2B:94:D1:C2:4E:56
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 19C3976DA402700438D5FBA7C9C0059B3042A098
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cef6b1d4-a501-46d4-b8d8-32b2f56ae196.roa
Signing time: Wed 30 Jul 2025 00:20:21 +0000
ROA not before: Wed 30 Jul 2025 00:20:21 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:9000::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 30 Jul 2025 17:39:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
19:c3:97:6d:a4:02:70:04:38:d5:fb:a7:c9:c0:05:9b:30:42:a0:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:20:21 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=3d3c338465c27c94e7e172c3b0ff53d8ca355aa369a2db00e39607b977b5e9e0, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:43:ee:bb:30:9b:c1:5f:62:ed:ef:c5:e5:d5:
c1:ee:34:b2:9d:0d:df:06:45:ee:a0:24:76:f5:dc:
5f:10:7e:6c:79:5b:39:8b:10:14:cd:f9:48:35:5e:
51:76:89:72:8d:b0:e6:e6:0f:72:ad:2d:f5:12:83:
f4:c6:a4:55:15:7b:b6:95:a0:ad:31:8e:e5:6b:e9:
c1:cd:68:e7:c5:bb:03:29:00:5c:47:cd:a6:13:42:
66:60:3a:a6:62:da:4c:a4:f1:81:6d:e8:e9:7a:18:
08:b9:3b:46:14:f9:1a:aa:6d:1f:87:8f:b3:8f:7a:
77:68:09:33:07:68:e3:f9:a4:4b:aa:ed:3b:a1:5a:
24:0c:33:7f:1a:b0:96:11:89:fe:c2:1e:20:20:45:
64:7e:6a:16:5a:7c:bd:31:f4:1a:64:3e:b8:27:52:
55:5a:17:ab:14:3d:71:7c:f4:29:13:16:16:c6:c4:
18:f8:d1:1e:81:9d:43:30:35:04:ab:d5:48:ed:a6:
50:4c:34:5c:65:c4:c2:b0:7f:d2:7a:79:5f:e5:40:
03:0d:8a:46:cd:d4:fb:b7:e3:4f:e0:b3:f9:9d:8b:
8d:df:1e:8b:ba:4a:58:b2:e4:07:60:d7:19:e2:ab:
e5:02:85:92:96:79:4b:33:ee:14:c0:5e:96:c5:5a:
af:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:E9:C2:F3:8E:30:28:95:86:C8:82:FE:35:B7:2B:94:D1:C2:4E:56
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/cef6b1d4-a501-46d4-b8d8-32b2f56ae196.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:9000::/40
Signature Algorithm: sha256WithRSAEncryption
28:05:9c:6d:3a:06:4b:e7:bd:2b:07:d1:83:8d:28:88:be:e3:
56:35:84:09:64:3d:7f:f7:99:e4:df:dc:ee:a3:59:5a:55:c5:
99:13:0f:c5:c6:c3:2e:c6:ba:d4:62:e0:c2:f5:85:44:47:6d:
97:fd:21:1b:f1:33:08:cf:1e:ff:57:15:5d:12:8e:e5:6a:f3:
f7:00:24:17:1c:6d:35:db:f8:5a:44:cd:90:d3:d4:73:48:ca:
1f:c7:b5:c9:fd:c5:b0:ea:a2:fb:83:b9:2e:27:b3:90:5c:7e:
4c:7c:93:33:d6:83:69:30:53:ff:59:a4:77:1a:cd:80:da:45:
09:61:c7:3c:e8:a0:55:ff:60:73:cf:ce:73:67:30:9a:8b:30:
ee:7c:36:ae:1d:ae:dc:71:8e:b8:86:ca:d6:6d:ea:2c:8c:22:
2d:71:36:76:e8:62:6d:fe:b2:6a:9a:a7:a7:78:1c:23:56:d1:
cd:3b:85:c4:f7:70:a7:c0:7e:b7:5e:f1:be:2c:b6:45:7d:db:
a2:e7:11:5c:44:23:33:74:e8:02:81:1b:34:8d:6d:07:17:65:
09:c2:53:e4:ad:0c:a1:1b:89:15:b1:5d:49:a9:fa:af:18:19:
6d:89:f5:48:b5:cb:c2:93:02:9e:95:27:79:d0:21:f9:c1:0a:
e2:18:23:f4
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUGcOXbaQCcAQ41funycAFmzBCoJgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMjAyMVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAM2QzYzMzODQ2NWMyN2M5NGU3ZTE3
MmMzYjBmZjUzZDhjYTM1NWFhMzY5YTJkYjAwZTM5NjA3Yjk3N2I1ZTllMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtkPuuzCbwV9i7e/F5dXB7jSynQ3f
BkXuoCR29dxfEH5seVs5ixAUzflINV5RdolyjbDm5g9yrS31EoP0xqRVFXu2laCt
MY7la+nBzWjnxbsDKQBcR82mE0JmYDqmYtpMpPGBbejpehgIuTtGFPkaqm0fh4+z
j3p3aAkzB2jj+aRLqu07oVokDDN/GrCWEYn+wh4gIEVkfmoWWny9MfQaZD64J1JV
WherFD1xfPQpExYWxsQY+NEegZ1DMDUEq9VI7aZQTDRcZcTCsH/Senlf5UADDYpG
zdT7t+NP4LP5nYuN3x6LukpYsuQHYNcZ4qvlAoWSlnlLM+4UwF6WxVqvewIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFOjpwvOOMCiVhsiC/jW3K5TRwk5WMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2NlZjZiMWQ0LWE1MDEtNDZkNC1iOGQ4LTMyYjJmNTZhZTE5Ni5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaZAwDQYJKoZIhvcNAQELBQADggEBACgFnG06BkvnvSsH0YON
KIi+41Y1hAlkPX/3meTf3O6jWVpVxZkTD8XGwy7GutRi4ML1hURHbZf9IRvxMwjP
Hv9XFV0SjuVq8/cAJBccbTXb+FpEzZDT1HNIyh/Htcn9xbDqovuDuS4ns5Bcfkx8
kzPWg2kwU/9ZpHcazYDaRQlhxzzooFX/YHPPznNnMJqLMO58Nq4drtxxjriGytZt
6iyMIi1xNnboYm3+smqap6d4HCNW0c07hcT3cKfAfrde8b4stkV926LnEVxEIzN0
6AKBGzSNbQcXZQnCU+StDKEbiRWxXUmp+q8YGW2J9Ui1y8KTAp6VJ3nQIfnBCuIY
I/Q=
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:59:17 2025 by rpki-client