Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d556f79f-de8a-493d-809b-ec9169e28385.roa
File: d556f79f-de8a-493d-809b-ec9169e28385.roa (raw, json)
Hash identifier: qmqpQ3aKSUmQC5DtZd+clp233tcptfJLN/h6WRZ0nB8=
Subject key identifier: 43:7A:5C:F5:79:2F:8D:92:65:5E:87:AA:99:59:42:AC:52:6D:12:8D
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3DC2E3E269D3DD0754702E42CA3C64A12AA17743
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d556f79f-de8a-493d-809b-ec9169e28385.roa
Signing time: Mon 12 May 2025 15:10:48 +0000
ROA not before: Mon 12 May 2025 15:10:48 +0000
ROA not after: Mon 16 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daee:6000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 20:08:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:c2:e3:e2:69:d3:dd:07:54:70:2e:42:ca:3c:64:a1:2a:a1:77:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: May 12 15:10:48 2025 GMT
Not After : Jun 16 23:59:59 2025 GMT
Subject: serialNumber=959b5eed6ec870b2ab5c675e089993aa2cba19ec8d6d523d9166834c688d0b4a, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:e2:0a:ee:14:2b:bd:4a:d3:7a:1f:b1:5e:79:
f6:b4:7e:b3:a1:14:3e:cc:cf:2e:fc:a5:0c:99:1f:
6f:41:5a:ed:4e:b0:cd:55:d9:4c:58:49:2d:ae:9a:
96:c4:b8:8a:a5:c6:f8:67:59:62:51:98:f8:03:94:
38:ec:ea:2e:31:50:6c:8b:4e:e7:a1:58:5b:bc:52:
b5:df:69:c1:4d:99:08:bb:21:b6:63:ec:12:7a:7c:
96:bd:37:bb:1e:62:ef:1f:e8:09:2b:e4:07:6e:5e:
3e:2c:9d:3f:fe:b4:93:69:78:78:e8:b6:29:4d:90:
39:92:be:c2:53:be:39:ae:6a:92:cc:7f:0e:e3:ff:
3f:d7:87:15:82:23:9e:3b:6e:d2:aa:0c:84:9a:16:
1b:e3:ac:64:63:52:fd:ee:a0:1a:86:ce:cd:46:7b:
63:49:b7:08:b6:f2:d5:ae:ff:7a:06:15:29:cd:1f:
d1:35:67:2b:2d:2b:98:ce:fa:77:13:63:3c:4d:74:
ff:25:f9:77:40:e3:f2:31:84:af:49:44:06:ef:a0:
13:0f:94:f3:c6:fd:90:a4:62:51:cc:d1:61:c3:ac:
d9:98:f6:e8:5e:50:27:9b:03:9c:dd:ee:0f:eb:2c:
5e:7e:9f:74:16:5e:69:20:74:48:99:57:8c:31:fb:
01:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:7A:5C:F5:79:2F:8D:92:65:5E:87:AA:99:59:42:AC:52:6D:12:8D
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d556f79f-de8a-493d-809b-ec9169e28385.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daee:6000::/40
Signature Algorithm: sha256WithRSAEncryption
55:cc:16:82:da:19:19:1c:63:c8:ea:a3:db:c7:38:37:67:43:
e7:2a:6b:34:f9:ff:ba:0d:95:f7:9a:9e:3e:da:f8:54:00:42:
bc:68:61:01:da:e1:fc:3b:b0:63:72:3a:98:77:bc:ba:97:34:
10:cf:d4:90:7d:15:29:45:a2:28:63:96:83:c4:7f:71:b3:74:
02:28:8e:ee:c0:3a:9f:e8:41:2a:85:7a:7b:f5:b0:6d:d6:f5:
59:c8:0a:2a:91:cc:e3:93:9d:61:3a:fa:88:d2:fd:c5:b6:0a:
70:33:49:e1:0c:f2:f2:27:d5:08:3c:de:4e:c1:14:55:bf:0b:
8d:6b:2c:12:d3:a1:b8:5f:92:23:09:33:6f:30:f2:c2:28:4e:
f9:89:96:71:f1:67:b9:a6:48:c6:c5:25:28:61:f7:90:c8:d9:
d1:8b:cf:b5:0b:77:e7:6c:5c:af:97:9e:79:15:e8:69:0e:d9:
6a:38:d4:c2:5a:37:43:40:c7:21:b0:b2:13:dc:75:9c:8f:c0:
a7:f4:a1:c9:b1:e5:39:0c:5c:dc:20:85:35:32:f8:44:dd:1b:
e8:cd:c7:f2:c6:b0:8a:60:eb:a4:a2:c3:12:0c:97:8e:39:9a:
19:6f:d1:9d:20:48:21:6b:25:2b:f5:10:10:e1:01:64:b8:f1:
28:53:13:31
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUPcLj4mnT3QdUcC5CyjxkoSqhd0MwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDUxMjE1MTA0OFoX
DTI1MDYxNjIzNTk1OVowejFJMEcGA1UEBRNAOTU5YjVlZWQ2ZWM4NzBiMmFiNWM2
NzVlMDg5OTkzYWEyY2JhMTllYzhkNmQ1MjNkOTE2NjgzNGM2ODhkMGI0YTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsOIK7hQrvUrTeh+xXnn2tH6zoRQ+
zM8u/KUMmR9vQVrtTrDNVdlMWEktrpqWxLiKpcb4Z1liUZj4A5Q47OouMVBsi07n
oVhbvFK132nBTZkIuyG2Y+wSenyWvTe7HmLvH+gJK+QHbl4+LJ0//rSTaXh46LYp
TZA5kr7CU745rmqSzH8O4/8/14cVgiOeO27SqgyEmhYb46xkY1L97qAahs7NRntj
SbcItvLVrv96BhUpzR/RNWcrLSuYzvp3E2M8TXT/Jfl3QOPyMYSvSUQG76ATD5Tz
xv2QpGJRzNFhw6zZmPboXlAnmwOc3e4P6yxefp90Fl5pIHRImVeMMfsBswIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEN6XPV5L42SZV6HqplZQqxSbRKNMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Q1NTZmNzlmLWRlOGEtNDkzZC04MDliLWVjOTE2OWUyODM4NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba7mAwDQYJKoZIhvcNAQELBQADggEBAFXMFoLaGRkcY8jqo9vH
ODdnQ+cqazT5/7oNlfeanj7a+FQAQrxoYQHa4fw7sGNyOph3vLqXNBDP1JB9FSlF
oihjloPEf3GzdAIoju7AOp/oQSqFenv1sG3W9VnICiqRzOOTnWE6+ojS/cW2CnAz
SeEM8vIn1Qg83k7BFFW/C41rLBLTobhfkiMJM28w8sIoTvmJlnHxZ7mmSMbFJShh
95DI2dGLz7ULd+dsXK+XnnkV6GkO2Wo41MJaN0NAxyGwshPcdZyPwKf0ocmx5TkM
XNwghTUy+ETdG+jNx/LGsIpg66SiwxIMl445mhlv0Z0gSCFrJSv1EBDhAWS48ShT
EzE=
-----END CERTIFICATE-----
Generated at Tue Jun 3 23:29:06 2025 by rpki-client