Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd615635-78d1-4128-b9c0-875d0c12c31d.roa
File: dd615635-78d1-4128-b9c0-875d0c12c31d.roa (raw, json)
Hash identifier: HDJZq5XBaPmYBu6If0EcHgm9nlExK6JymipsWkKu9Hs=
Subject key identifier: 1B:0D:FA:CA:6C:37:A4:78:EE:5F:50:23:EE:C1:8B:E4:BE:19:98:81
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5E6BD6FF682B18FD23B5A69D9E7BFAA61C3BB26A
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd615635-78d1-4128-b9c0-875d0c12c31d.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:a000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:6b:d6:ff:68:2b:18:fd:23:b5:a6:9d:9e:7b:fa:a6:1c:3b:b2:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:ba:fb:ca:40:ad:d0:a9:47:65:2a:78:9b:de:
8b:9f:42:fb:ce:1d:03:6f:3e:48:71:66:43:3a:41:
cb:ef:47:97:d5:9b:bd:f3:01:5f:b4:03:97:37:27:
f5:ae:bc:d5:c3:7d:e3:b2:e9:50:ed:99:a7:5a:cf:
f8:65:38:0b:3a:00:1e:a3:70:1f:89:34:46:c4:e1:
c7:ac:53:0d:73:06:ea:1c:af:59:c7:a5:a3:de:2e:
ad:5d:50:8d:4b:85:d3:df:2e:0f:c5:b2:59:22:3d:
27:3b:e8:f7:71:18:bf:2f:1c:f6:16:6b:0a:bd:59:
a3:aa:f9:be:72:ca:69:94:3d:30:06:75:a3:b2:6d:
08:72:68:3f:21:36:4a:ab:9d:27:fa:e3:7f:ec:b1:
51:e2:95:b2:14:71:7b:9e:74:e3:35:76:1f:30:5d:
ee:4f:7b:04:9e:5b:77:09:2f:eb:c6:89:6e:93:06:
5a:54:38:64:20:95:db:e3:e9:c1:bc:c5:fe:a6:2e:
1c:6d:aa:70:30:7f:a5:14:b5:c4:97:31:8a:92:d3:
d5:c5:9e:3e:04:36:be:c7:4e:ae:d9:40:b2:37:48:
02:30:28:1f:f0:d1:d2:b1:bb:e7:ac:96:ac:ac:bd:
e2:61:17:c4:d4:98:47:ae:f9:cc:08:49:3c:62:61:
78:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:0D:FA:CA:6C:37:A4:78:EE:5F:50:23:EE:C1:8B:E4:BE:19:98:81
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/dd615635-78d1-4128-b9c0-875d0c12c31d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:a000::/40
Signature Algorithm: sha256WithRSAEncryption
c8:02:f6:b8:23:87:66:f3:96:25:4b:98:19:ef:c6:17:56:b8:
e9:e2:7b:c3:23:f4:a1:a1:69:55:62:4b:8b:c9:1a:be:20:44:
c0:f9:b0:88:e2:09:3f:ad:ec:5b:11:7a:39:7b:72:71:f3:eb:
f9:d7:a9:72:50:3f:ef:75:49:f5:33:0d:e3:96:89:4a:39:90:
d1:1d:20:a8:a8:ec:21:b8:b9:2e:15:e5:11:b2:08:04:a1:ac:
a6:ed:3e:da:cf:1f:1e:9d:f5:25:e7:6c:a1:d7:74:9d:20:59:
2c:ea:fa:3c:82:0b:3c:73:a6:ab:00:42:2a:60:59:27:f3:06:
98:2d:d0:6b:87:33:d1:9b:c0:d9:74:d7:95:82:3e:2e:0a:a4:
a1:b9:66:69:24:f0:b9:74:0b:2d:23:6b:b7:55:6d:e5:16:43:
f4:29:e7:2d:8a:ce:51:b7:43:76:28:a7:36:35:37:9b:1f:62:
91:bb:dd:9b:fc:2b:d9:c0:e2:80:31:e9:f0:62:2c:72:92:3f:
d3:9c:bb:ce:f2:dc:f8:1c:1c:90:94:d1:08:da:5b:85:dd:f7:
be:cf:05:d2:77:b5:f9:8f:11:90:b1:0b:ef:c8:f0:2e:9a:6c:
53:dc:34:94:7f:da:40:0b:c9:36:86:f4:49:00:ed:f3:9e:40:
70:2b:2c:79
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUXmvW/2grGP0jtaadnnv6phw7smowDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANzlmMjFhNDM2ZWZjODk5NmQ5Njk1
MzgwZTdlODQ1MmNhNDFmOWFjNTJmM2FiMTU0MGZjNzlmYjQ2YTllMDcxZDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzbr7ykCt0KlHZSp4m96Ln0L7zh0D
bz5IcWZDOkHL70eX1Zu98wFftAOXNyf1rrzVw33jsulQ7ZmnWs/4ZTgLOgAeo3Af
iTRGxOHHrFMNcwbqHK9Zx6Wj3i6tXVCNS4XT3y4PxbJZIj0nO+j3cRi/Lxz2FmsK
vVmjqvm+cspplD0wBnWjsm0Icmg/ITZKq50n+uN/7LFR4pWyFHF7nnTjNXYfMF3u
T3sEnlt3CS/rxolukwZaVDhkIJXb4+nBvMX+pi4cbapwMH+lFLXElzGKktPVxZ4+
BDa+x06u2UCyN0gCMCgf8NHSsbvnrJasrL3iYRfE1JhHrvnMCEk8YmF4cQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFBsN+spsN6R47l9QI+7Bi+S+GZiBMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2RkNjE1NjM1LTc4ZDEtNDEyOC1iOWMwLTg3NWQwYzEyYzMxZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8qAwDQYJKoZIhvcNAQELBQADggEBAMgC9rgjh2bzliVLmBnv
xhdWuOnie8Mj9KGhaVViS4vJGr4gRMD5sIjiCT+t7FsRejl7cnHz6/nXqXJQP+91
SfUzDeOWiUo5kNEdIKio7CG4uS4V5RGyCAShrKbtPtrPHx6d9SXnbKHXdJ0gWSzq
+jyCCzxzpqsAQipgWSfzBpgt0GuHM9GbwNl015WCPi4KpKG5Zmkk8Ll0Cy0ja7dV
beUWQ/Qp5y2KzlG3Q3YopzY1N5sfYpG73Zv8K9nA4oAx6fBiLHKSP9Ocu87y3Pgc
HJCU0QjaW4Xd977PBdJ3tfmPEZCxC+/I8C6abFPcNJR/2kALyTaG9EkA7fOeQHAr
LHk=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:11:15 2025 by rpki-client