Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa
File: d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa (raw, json)
Hash identifier: yq7HWio6sDHUtfi6tQuB502UvKfI7OH4j/ZRQBEd5ME=
Subject key identifier: C4:AF:32:F8:C3:98:6F:B0:5D:E2:54:B7:E0:4D:09:E2:91:8E:E2:3A
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 757BACAFB414E5381FA14A097A6C1A06E1E2D5FA
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da20::/28 maxlen: 28
Validation: Failed, certificate revoked on Mon 03 Feb 2025 21:30:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:7b:ac:af:b4:14:e5:38:1f:a1:4a:09:7a:6c:1a:06:e1:e2:d5:fa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:9a:70:e8:16:b7:f5:d3:5e:a3:ea:09:ab:51:
d3:73:45:6d:8d:40:19:82:26:87:53:39:c5:79:ea:
f4:9d:d1:d2:5b:de:bb:89:c5:f9:05:2b:b8:c0:02:
c4:3e:7c:64:81:17:29:01:63:03:95:ba:42:3e:81:
fb:5d:38:41:c9:74:dd:68:fb:aa:34:ec:99:3c:87:
95:9e:2e:0b:16:a6:cd:8b:46:f7:2a:07:3f:bb:8c:
55:17:ba:bb:ca:9e:cb:e2:f1:93:ac:d8:16:b5:ba:
1e:ee:4c:cd:e9:99:38:ca:a7:e0:8e:f2:e7:b9:4d:
56:a6:71:69:85:2d:49:8b:30:e3:05:5a:c0:27:d4:
66:f6:61:d1:45:48:a4:80:db:a1:3c:de:20:53:7d:
24:b2:01:45:1f:81:54:a2:0b:aa:a8:50:4f:c7:49:
4d:3b:b0:75:29:ea:9e:a1:e3:15:33:bf:d8:d1:ea:
f1:37:0d:ba:1b:6b:60:be:df:32:88:3c:08:a8:bc:
4f:cb:8e:b5:77:8c:ef:fe:ea:5e:d7:a6:42:59:1f:
f5:c3:e3:cc:5f:cb:1b:41:f7:4d:ae:10:60:81:ed:
d3:6e:e0:33:ba:df:f3:39:e9:9d:92:89:ba:29:b5:
e5:2f:a1:da:c3:9e:e3:20:ef:c3:48:a4:ac:8a:1c:
85:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C4:AF:32:F8:C3:98:6F:B0:5D:E2:54:B7:E0:4D:09:E2:91:8E:E2:3A
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/d73c0a51-ab7b-4878-bdff-e08b6181edbd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da20::/28
Signature Algorithm: sha256WithRSAEncryption
6e:2e:6f:b5:e9:d7:a9:52:90:4d:05:a5:85:b1:34:76:1e:ee:
67:0c:9f:86:b7:cd:2b:d3:f0:3c:22:0d:f4:53:98:82:b3:d2:
dd:6c:f6:b4:5f:33:f7:64:d4:e0:40:e5:a3:ad:87:55:d6:fa:
f0:f1:3c:8e:76:a0:91:7d:9d:a3:a8:5d:c2:fe:e4:0d:23:07:
db:df:67:99:16:e7:0b:df:0f:9f:02:7f:07:a8:70:cd:ab:78:
a6:da:f0:d1:2b:f6:54:ee:b6:25:be:1f:89:2c:bd:26:11:bf:
16:97:0c:2c:ef:67:eb:68:f8:6e:43:93:b8:23:18:c3:d4:6d:
4d:b3:9a:0a:99:b4:c3:c6:66:6b:ee:43:45:ed:76:d1:95:a4:
58:f0:b2:e4:7c:bf:88:ee:47:e6:aa:4a:4e:21:88:22:ee:ca:
76:3a:af:e6:db:0d:06:98:03:c6:7e:86:05:e6:96:39:cf:cf:
69:a2:2f:2f:0a:50:d0:9a:6e:c7:ca:53:86:3e:28:92:21:f7:
05:bd:f2:b2:f0:18:c1:90:05:b6:b4:fa:93:d5:49:48:5a:e3:
65:2a:57:bf:c3:24:ad:42:23:d2:bc:37:b9:39:8a:4d:5f:a7:
75:e1:58:4c:19:a7:84:a5:46:2f:0f:2c:c8:a2:21:92:72:e8:
9e:5a:6f:43
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgIUdXusr7QU5TgfoUoJemwaBuHi1fowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMTM4YWNiZDlmNzI4YTFjNjYwYzIy
NmFjMDQ5YWZlNTk4NzZkZWQyNTVkNWVlOWZiNTg4MzMwODBjZjQwNDljMDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Jpw6Ba39dNeo+oJq1HTc0VtjUAZ
giaHUznFeer0ndHSW967icX5BSu4wALEPnxkgRcpAWMDlbpCPoH7XThByXTdaPuq
NOyZPIeVni4LFqbNi0b3Kgc/u4xVF7q7yp7L4vGTrNgWtboe7kzN6Zk4yqfgjvLn
uU1WpnFphS1JizDjBVrAJ9Rm9mHRRUikgNuhPN4gU30ksgFFH4FUoguqqFBPx0lN
O7B1KeqeoeMVM7/Y0erxNw26G2tgvt8yiDwIqLxPy461d4zv/upe16ZCWR/1w+PM
X8sbQfdNrhBgge3TbuAzut/zOemdkom6KbXlL6Haw57jIO/DSKSsihyFwwIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFMSvMvjDmG+wXeJUt+BNCeKRjuI6MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Q3M2MwYTUxLWFiN2ItNDg3OC1iZGZmLWUwOGI2MTgxZWRiZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzAN
BAIAAjAHAwUEJAbaIDANBgkqhkiG9w0BAQsFAAOCAQEAbi5vtenXqVKQTQWlhbE0
dh7uZwyfhrfNK9PwPCIN9FOYgrPS3Wz2tF8z92TU4EDlo62HVdb68PE8jnagkX2d
o6hdwv7kDSMH299nmRbnC98PnwJ/B6hwzat4ptrw0Sv2VO62Jb4fiSy9JhG/FpcM
LO9n62j4bkOTuCMYw9RtTbOaCpm0w8Zma+5DRe120ZWkWPCy5Hy/iO5H5qpKTiGI
Iu7Kdjqv5tsNBpgDxn6GBeaWOc/PaaIvLwpQ0Jpux8pThj4okiH3Bb3ysvAYwZAF
trT6k9VJSFrjZSpXv8MkrUIj0rw3uTmKTV+ndeFYTBmnhKVGLw8syKIhknLonlpv
Qw==
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:57:18 2025 by rpki-client