Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da22e8df-40cd-402b-b04f-8b5954d0b173.roa
File: da22e8df-40cd-402b-b04f-8b5954d0b173.roa (raw, json)
Hash identifier: F2KY5sBSrU82MtUnspbEiKLS1HqDUW6HsexU1qhb7iA=
Subject key identifier: 6F:46:EA:56:3C:58:46:9C:EC:FE:97:E3:7A:BF:F0:6F:0D:FA:0F:16
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4E9563A2A36362F4B43D2AF0CF5D8C6F131111D6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da22e8df-40cd-402b-b04f-8b5954d0b173.roa
Signing time: Wed 30 Jul 2025 00:21:27 +0000
ROA not before: Wed 30 Jul 2025 00:21:27 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:a040::/46 maxlen: 48
Validation: Failed, certificate revoked on Wed 30 Jul 2025 18:38:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4e:95:63:a2:a3:63:62:f4:b4:3d:2a:f0:cf:5d:8c:6f:13:11:11:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:21:27 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=a99b7fd106df86d3e09d0b97e6f83363d927dea9088875d27c3d3a26b3188b27, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:8a:c7:d4:70:cb:70:db:8c:c4:44:b6:ff:a2:
25:2f:eb:c0:0f:e3:91:b0:80:6c:3c:0a:df:95:af:
64:f3:15:ca:b4:ba:47:9c:55:87:96:b1:31:79:44:
5e:2e:d1:8b:1f:2c:b8:99:4a:a5:a3:37:47:05:5f:
49:a1:6f:b2:09:3e:41:18:9b:50:1e:09:b5:eb:e1:
92:e5:b9:b4:ba:21:fd:39:d3:9a:fb:aa:d0:ba:4a:
a1:02:43:33:d0:c8:fa:b4:7e:eb:76:28:08:36:ae:
57:ad:88:f9:14:7c:b1:b9:a6:a7:e4:e0:a0:dd:2f:
f5:26:0f:8f:c5:e0:2d:53:8c:5e:90:98:7f:77:8d:
30:36:2c:43:12:fd:cd:bf:59:37:52:f6:38:5f:ec:
1f:11:4c:80:81:da:dd:43:88:b6:99:6e:58:15:b1:
77:e6:26:0c:b3:57:b6:ee:97:ff:85:29:9a:ab:1f:
19:8d:6c:eb:31:d1:75:ea:2f:80:33:6e:59:43:d1:
fc:5f:bd:78:03:94:de:07:64:cf:81:24:56:22:12:
29:60:6e:d9:81:bc:c2:99:ef:98:e5:d4:3f:43:22:
d1:22:ea:a8:ca:4d:73:8d:a3:b1:67:fb:fa:ce:96:
ca:48:49:31:a3:60:82:7b:91:10:8a:18:18:6c:32:
92:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:46:EA:56:3C:58:46:9C:EC:FE:97:E3:7A:BF:F0:6F:0D:FA:0F:16
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/da22e8df-40cd-402b-b04f-8b5954d0b173.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:a040::/46
Signature Algorithm: sha256WithRSAEncryption
51:66:7e:6d:9d:5f:7d:15:ba:31:4b:93:d8:51:93:83:8e:3a:
0a:6f:81:35:65:a4:8c:5a:46:a8:46:c4:bc:ef:9b:2a:24:bc:
95:0a:af:e8:90:c2:82:c5:35:0d:ad:11:eb:3e:fa:a0:f7:66:
67:39:7c:13:64:f2:39:b6:f8:bb:3f:e2:57:e5:f8:48:ea:fd:
71:b3:1e:61:f3:54:11:2f:92:ea:f9:48:71:f4:bd:1b:b9:e5:
43:79:d0:96:09:15:ad:91:55:23:c6:ff:67:80:42:2f:4b:54:
51:0b:cf:23:41:a7:3d:55:e9:36:46:20:db:eb:26:f4:7d:b6:
ae:84:e6:a6:e7:a9:6d:d2:2b:61:1c:20:72:8c:e6:e4:bb:ca:
f2:01:b2:86:86:0e:ce:78:e8:16:b0:a0:2a:52:ad:8f:cb:4e:
f9:3f:b5:88:82:18:aa:db:30:3e:c1:3c:1c:96:56:9d:ec:6d:
b4:1b:32:1d:bf:c9:09:1b:0e:55:b1:51:5a:5d:15:8a:37:db:
f3:79:dc:03:a9:f5:9e:55:9a:99:58:87:a6:fb:69:16:00:63:
24:26:53:9b:92:c1:bd:4a:c1:9c:8c:40:17:28:76:0f:74:1b:
19:40:87:cf:11:c1:b9:14:5c:88:df:20:e7:67:df:91:62:c4:
28:94:e2:7a
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUTpVjoqNjYvS0PSrwz12MbxMREdYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwMjEyN1oX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAYTk5YjdmZDEwNmRmODZkM2UwOWQw
Yjk3ZTZmODMzNjNkOTI3ZGVhOTA4ODg3NWQyN2MzZDNhMjZiMzE4OGIyNzEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuYrH1HDLcNuMxES2/6IlL+vAD+OR
sIBsPArfla9k8xXKtLpHnFWHlrExeUReLtGLHyy4mUqlozdHBV9JoW+yCT5BGJtQ
Hgm16+GS5bm0uiH9OdOa+6rQukqhAkMz0Mj6tH7rdigINq5XrYj5FHyxuaan5OCg
3S/1Jg+PxeAtU4xekJh/d40wNixDEv3Nv1k3UvY4X+wfEUyAgdrdQ4i2mW5YFbF3
5iYMs1e27pf/hSmaqx8ZjWzrMdF16i+AM25ZQ9H8X714A5TeB2TPgSRWIhIpYG7Z
gbzCme+Y5dQ/QyLRIuqoyk1zjaOxZ/v6zpbKSEkxo2CCe5EQihgYbDKSbQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFG9G6lY8WEac7P6X43q/8G8N+g8WMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RhMjJlOGRmLTQwY2QtNDAyYi1iMDRmLThiNTk1NGQwYjE3My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcCJAba+6BAMA0GCSqGSIb3DQEBCwUAA4IBAQBRZn5tnV99FboxS5PY
UZODjjoKb4E1ZaSMWkaoRsS875sqJLyVCq/okMKCxTUNrRHrPvqg92ZnOXwTZPI5
tvi7P+JX5fhI6v1xsx5h81QRL5Lq+Uhx9L0bueVDedCWCRWtkVUjxv9ngEIvS1RR
C88jQac9Vek2RiDb6yb0fbauhOam56lt0ithHCByjObku8ryAbKGhg7OeOgWsKAq
Uq2Py075P7WIghiq2zA+wTwcllad7G20GzIdv8kJGw5VsVFaXRWKN9vzedwDqfWe
VZqZWIem+2kWAGMkJlObksG9SsGcjEAXKHYPdBsZQIfPEcG5FFyI3yDnZ9+RYsQo
lOJ6
-----END CERTIFICATE-----
Generated at Thu Jul 31 01:00:35 2025 by rpki-client