Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa
File: d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa (raw, json)
Hash identifier: 4BOJ7kNlpadiFfsBVmVjidffAUhVcDoNUS/PZkItL7U=
Subject key identifier: F0:6A:A0:2A:73:2A:A1:80:CE:4B:F7:51:12:93:8D:1A:27:BB:DA:C4
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 02B8282D613F83ADD67D48515283D10183ADDFC0
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da00:4000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 15:30:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
02:b8:28:2d:61:3f:83:ad:d6:7d:48:51:52:83:d1:01:83:ad:df:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:87:73:de:7b:17:43:36:92:fd:59:a7:e4:c8:
74:1a:59:12:0d:8e:d6:37:bb:81:5e:21:e4:ba:80:
35:13:4e:b6:53:52:65:3a:ca:c8:c8:c9:14:d3:4f:
16:49:10:90:67:db:0a:74:68:d1:d3:10:54:5a:c6:
5a:a9:eb:54:49:2c:46:ef:9c:3e:d6:b6:fb:54:cc:
89:ed:89:29:75:fa:05:fb:de:00:c3:a0:63:0f:04:
2c:95:15:87:c6:16:03:51:fd:86:98:d7:b6:18:4d:
dc:59:14:16:ed:4d:0f:84:83:42:1d:dc:f0:db:4f:
85:fe:72:36:28:cb:04:89:94:e6:3d:2e:07:96:d2:
93:cc:7d:67:5d:90:f1:56:02:e7:63:22:dc:fa:26:
b4:ab:8f:b9:92:5d:31:c5:d2:f8:62:3a:5f:d9:6b:
91:f0:1e:37:c5:f4:84:8a:d3:c1:3f:19:5a:4b:d2:
df:23:39:68:cb:dd:f3:61:e4:2e:dd:7f:05:d2:da:
fe:7d:70:06:53:2d:57:a3:8e:71:c6:52:97:d1:4d:
97:3b:ad:66:db:59:d5:78:5c:7a:60:d1:8a:44:08:
56:96:cb:83:3d:07:29:80:6f:c2:65:72:00:06:1e:
ab:1c:3c:8f:e3:f1:4c:08:d5:8c:00:a7:8f:5b:a1:
4a:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:6A:A0:2A:73:2A:A1:80:CE:4B:F7:51:12:93:8D:1A:27:BB:DA:C4
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d3bae790-01d7-4b6e-a0f0-9305bcbd4a37.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da00:4000::/40
Signature Algorithm: sha256WithRSAEncryption
3c:6f:be:3d:9f:29:43:63:b5:83:e2:62:bc:13:4f:d0:fa:d6:
d7:0f:8a:a5:f7:e1:b2:7f:d5:6f:0a:57:d9:86:6d:71:6a:4a:
7d:17:7f:7b:f6:95:ca:cb:9d:38:ef:bf:26:44:79:0b:ac:6e:
5b:df:7a:75:b9:d1:f0:1e:c1:6c:b0:d7:c7:aa:ff:9a:b5:e3:
eb:fb:c9:ee:7b:f0:37:ac:92:b1:6c:0d:ee:ff:ae:66:66:7b:
ea:98:52:2e:09:c2:9b:ad:54:12:9b:72:26:57:50:74:f2:cc:
14:83:0a:77:1f:b5:ae:27:a6:0a:39:ea:f3:82:c4:ef:3a:05:
a6:bb:c0:a8:d1:1d:de:ae:4f:99:7a:f0:46:07:1a:76:20:34:
fe:fe:ac:bd:20:dd:ad:c3:98:7b:74:f9:95:94:e9:f4:f7:48:
5a:42:15:84:d9:b6:3c:b4:ac:6f:83:a1:1a:ec:8f:99:11:72:
c9:48:7e:6d:b0:b0:b3:64:c7:6c:6f:b8:b2:ab:7d:0c:65:d3:
19:bb:51:e9:c8:bb:a5:da:ad:4e:23:6f:36:c1:bb:fa:d5:00:
81:b7:b6:79:34:9c:ff:55:aa:a8:18:66:ad:8a:86:20:4a:a5:
fb:30:48:3d:13:9e:58:ba:55:ed:db:6d:a4:a9:5e:d5:ff:7b:
7e:7f:ad:ef
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUArgoLWE/g63WfUhRUoPRAYOt38AwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAM2UwMTZiNzBiYTM5YTA5ZWQzZGM3
MDBiZDUzZDZjOGUyN2Y5YjdiZjYyNWJlMjZlOTQ1MjQ5YWEzYzYxN2E1MTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4odz3nsXQzaS/Vmn5Mh0GlkSDY7W
N7uBXiHkuoA1E062U1JlOsrIyMkU008WSRCQZ9sKdGjR0xBUWsZaqetUSSxG75w+
1rb7VMyJ7YkpdfoF+94Aw6BjDwQslRWHxhYDUf2GmNe2GE3cWRQW7U0PhINCHdzw
20+F/nI2KMsEiZTmPS4HltKTzH1nXZDxVgLnYyLc+ia0q4+5kl0xxdL4Yjpf2WuR
8B43xfSEitPBPxlaS9LfIzloy93zYeQu3X8F0tr+fXAGUy1Xo45xxlKX0U2XO61m
21nVeFx6YNGKRAhWlsuDPQcpgG/CZXIABh6rHDyP4/FMCNWMAKePW6FKPQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPBqoCpzKqGAzkv3URKTjRonu9rEMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2QzYmFlNzkwLTAxZDctNGI2ZS1hMGYwLTkzMDViY2JkNGEzNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaAEAwDQYJKoZIhvcNAQELBQADggEBADxvvj2fKUNjtYPiYrwT
T9D61tcPiqX34bJ/1W8KV9mGbXFqSn0Xf3v2lcrLnTjvvyZEeQusblvfenW50fAe
wWyw18eq/5q14+v7ye578DeskrFsDe7/rmZme+qYUi4JwputVBKbciZXUHTyzBSD
Cncfta4npgo56vOCxO86Baa7wKjRHd6uT5l68EYHGnYgNP7+rL0g3a3DmHt0+ZWU
6fT3SFpCFYTZtjy0rG+DoRrsj5kRcslIfm2wsLNkx2xvuLKrfQxl0xm7UenIu6Xa
rU4jbzbBu/rVAIG3tnk0nP9VqqgYZq2KhiBKpfswSD0Tnli6Ve3bbaSpXtX/e35/
re8=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:54:29 2025 by rpki-client