Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d2fd8734-3950-4090-9359-e2baa68e90e6.roa
File: d2fd8734-3950-4090-9359-e2baa68e90e6.roa (raw, json)
Hash identifier: XGXS6ycheObKFICLNuYm4sW1iMgCJDFmfpyUdiP+vWw=
Subject key identifier: 37:D9:0F:F7:B1:4F:FF:70:3F:CA:5D:78:24:15:4C:E4:4D:6B:DF:19
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5357B3178504A8B59ECDDED216B11136698D2BBC
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d2fd8734-3950-4090-9359-e2baa68e90e6.roa
Signing time: Wed 30 Jul 2025 00:40:19 +0000
ROA not before: Wed 30 Jul 2025 00:40:19 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:4840::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Jul 2025 18:37:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
53:57:b3:17:85:04:a8:b5:9e:cd:de:d2:16:b1:11:36:69:8d:2b:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:40:19 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=f3e832c8eb0be3a1504f81c1bb40eafdda0906c26ea821623d7c4dbf07d97ff8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:a8:47:b7:1c:85:c2:63:77:9a:bb:dd:f6:12:
4f:16:b5:1b:e9:f4:c5:72:8f:d3:48:75:27:19:98:
6a:9a:0a:63:9e:c9:45:3c:57:bc:c2:84:8b:8f:85:
8b:d4:8f:b0:5b:5b:e7:4b:21:62:b4:89:4e:a9:f7:
99:25:b3:a5:73:eb:ad:f3:5d:3a:b2:1a:0b:87:aa:
70:e5:08:00:28:a3:5f:12:2c:24:fb:a7:af:57:3b:
4c:fe:fd:83:de:f4:7e:a7:80:7c:33:b3:12:b7:cf:
29:9b:e8:9f:ab:51:e1:e8:f9:e8:e4:3f:bd:b3:62:
1f:95:5e:b0:ef:c1:d5:80:4b:79:96:45:a7:ff:7a:
9b:b6:51:79:5b:3d:4d:67:c4:0c:ba:10:12:fe:6a:
07:c7:52:e4:1e:d9:69:3d:11:48:2b:06:48:2b:d7:
10:96:6d:1e:2a:ae:31:6e:36:80:9d:e7:d1:b0:9f:
2f:10:8b:38:e8:0c:39:ad:b2:b4:cd:06:8d:ee:c5:
35:41:40:e9:a2:c5:f2:11:d4:b0:4c:eb:9d:31:61:
74:61:fd:47:7e:b7:95:d4:19:d8:74:46:50:e3:b9:
e0:cd:74:0f:33:62:32:dd:fb:f1:50:ee:2a:c4:be:
f9:8e:12:ad:6f:1d:26:d8:23:d5:a6:5e:e0:d1:4e:
2b:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:D9:0F:F7:B1:4F:FF:70:3F:CA:5D:78:24:15:4C:E4:4D:6B:DF:19
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d2fd8734-3950-4090-9359-e2baa68e90e6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:4840::/46
Signature Algorithm: sha256WithRSAEncryption
2a:2d:02:17:0f:db:60:f9:8e:7f:ff:80:7a:8d:95:8d:d3:ba:
1d:d0:52:38:59:03:f2:b3:65:23:3e:6a:41:14:7e:7c:8e:56:
61:3c:8c:9c:d3:04:ab:10:36:b4:bf:a0:bd:11:af:19:e3:e1:
d3:30:fd:6c:cf:dd:50:c1:22:f8:ea:36:5c:ae:9d:9c:12:ce:
da:f0:45:ba:85:0b:a7:fc:ad:6f:de:b3:a8:76:07:e0:16:b4:
1b:c2:79:f1:33:ef:5b:e3:b6:f6:35:55:3d:ec:c7:f1:7b:55:
c8:e4:3c:8a:f2:d6:d6:07:f1:75:bc:e2:f6:93:dc:f5:5e:81:
41:58:e2:28:95:f6:50:7f:ef:21:9b:4d:25:1d:62:76:3f:b4:
66:16:19:4c:12:7b:c6:60:37:13:82:9d:d1:1d:57:b4:d7:b9:
0c:21:fc:f5:d0:f1:0d:ab:d2:89:42:b6:c6:08:44:fc:74:a6:
04:59:55:f2:1e:be:0a:8d:61:e7:b4:1f:54:50:82:fd:42:bf:
75:5e:74:bb:70:d0:5b:36:e3:7c:5f:84:cd:0e:b1:a6:8a:8a:
68:56:94:f5:ca:32:75:6a:9a:88:78:07:bc:b5:e2:25:5b:b4:
8b:9d:56:4c:ed:8e:d4:27:e0:a9:f7:48:c6:69:ee:38:06:48:
43:c0:f7:02
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUU1ezF4UEqLWezd7SFrERNmmNK7wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDAxOVoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZjNlODMyYzhlYjBiZTNhMTUwNGY4
MWMxYmI0MGVhZmRkYTA5MDZjMjZlYTgyMTYyM2Q3YzRkYmYwN2Q5N2ZmODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApKhHtxyFwmN3mrvd9hJPFrUb6fTF
co/TSHUnGZhqmgpjnslFPFe8woSLj4WL1I+wW1vnSyFitIlOqfeZJbOlc+ut8106
shoLh6pw5QgAKKNfEiwk+6evVztM/v2D3vR+p4B8M7MSt88pm+ifq1Hh6Pno5D+9
s2IflV6w78HVgEt5lkWn/3qbtlF5Wz1NZ8QMuhAS/moHx1LkHtlpPRFIKwZIK9cQ
lm0eKq4xbjaAnefRsJ8vEIs46Aw5rbK0zQaN7sU1QUDposXyEdSwTOudMWF0Yf1H
freV1BnYdEZQ47ngzXQPM2Iy3fvxUO4qxL75jhKtbx0m2CPVpl7g0U4rmwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDfZD/exT/9wP8pdeCQVTORNa98ZMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2QyZmQ4NzM0LTM5NTAtNDA5MC05MzU5LWUyYmFhNjhlOTBlNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+0hAMA0GCSqGSIb3DQEBCwUAA4IBAQAqLQIXD9tg+Y5//4B6
jZWN07od0FI4WQPys2UjPmpBFH58jlZhPIyc0wSrEDa0v6C9Ea8Z4+HTMP1sz91Q
wSL46jZcrp2cEs7a8EW6hQun/K1v3rOodgfgFrQbwnnxM+9b47b2NVU97Mfxe1XI
5DyK8tbWB/F1vOL2k9z1XoFBWOIolfZQf+8hm00lHWJ2P7RmFhlMEnvGYDcTgp3R
HVe017kMIfz10PENq9KJQrbGCET8dKYEWVXyHr4KjWHntB9UUIL9Qr91XnS7cNBb
NuN8X4TNDrGmiopoVpT1yjJ1apqIeAe8teIlW7SLnVZM7Y7UJ+Cp90jGae44BkhD
wPcC
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:05:23 2025 by rpki-client