Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1ee0ca6-4099-4f84-8e05-ff02d67a580a.roa
File: e1ee0ca6-4099-4f84-8e05-ff02d67a580a.roa (raw, json)
Hash identifier: nqh3L0Tgsq/DopWKzuAdtipHw2ARXg7d0m/dohALhb8=
Subject key identifier: FB:77:F9:31:C1:81:D1:1E:03:12:7F:14:08:2D:F7:2C:3B:0F:37:95
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 084F2AABE7EA41AD292735504ABAD4B783CF8792
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1ee0ca6-4099-4f84-8e05-ff02d67a580a.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:2800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 16:20:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:4f:2a:ab:e7:ea:41:ad:29:27:35:50:4a:ba:d4:b7:83:cf:87:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:82:13:08:cb:4f:e6:70:90:39:c0:09:d8:2e:
50:48:37:e8:4c:2f:68:c4:ee:02:98:a5:28:be:ce:
7a:5c:2a:5d:5e:72:ca:4a:55:3f:57:27:3e:62:7b:
55:cf:d1:53:10:4f:2b:45:b1:bf:7f:3d:e7:d0:f7:
49:53:e1:7b:33:42:20:6a:b1:75:3b:61:bf:d7:5d:
f3:c9:f7:78:7b:38:20:60:51:c4:52:d7:29:3c:1c:
3d:e5:b2:71:00:2e:de:95:9c:1c:15:fc:cb:c7:9f:
b6:7b:92:67:e5:48:a5:57:d9:e7:aa:48:86:b1:8a:
52:52:72:5b:5b:8c:ec:91:e7:2c:a3:50:7b:2b:6c:
c0:0f:81:75:fc:38:df:56:4f:d0:a5:e0:7f:bc:04:
48:89:9c:8e:0a:96:20:5b:74:08:7a:03:1b:fb:5b:
bc:d3:07:c0:a2:40:a0:9a:aa:8b:e5:b5:c8:6c:f0:
cd:e5:e6:6f:c2:08:b3:ff:b1:26:55:ac:03:f0:9e:
ce:e9:d4:28:05:b3:f5:bd:2a:88:61:74:2c:16:c8:
47:a1:43:f6:b6:d2:a5:99:ac:3c:d8:ca:26:52:55:
f7:94:80:f3:cf:65:a0:12:ab:a2:6e:15:a0:74:49:
28:9d:9a:74:69:5e:f2:3c:4e:fa:8c:c2:8f:a3:89:
b1:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:77:F9:31:C1:81:D1:1E:03:12:7F:14:08:2D:F7:2C:3B:0F:37:95
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e1ee0ca6-4099-4f84-8e05-ff02d67a580a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:2800::/40
Signature Algorithm: sha256WithRSAEncryption
34:17:56:a7:e1:af:dc:c6:6b:2f:3c:34:2f:27:d6:93:1d:15:
60:0a:dd:b6:7d:90:a7:26:e1:14:30:ea:36:f9:ba:74:d2:12:
2d:93:f6:5d:17:1e:4c:c2:f2:c1:b6:f0:0e:25:0c:15:04:a5:
8c:8c:5b:a2:89:87:5b:12:f0:ef:cd:1a:de:41:9b:ec:2b:3c:
f5:d4:98:77:50:fd:5e:03:ef:3d:f2:fc:88:16:27:03:09:3e:
4e:df:88:38:9f:c1:15:9a:25:16:a4:5f:27:d4:b7:71:b3:89:
1a:4c:18:6c:06:62:67:e9:18:ad:9f:f4:55:31:d3:25:ef:81:
69:49:92:e8:98:31:a1:cb:18:42:53:22:d5:8b:c2:31:17:47:
cd:d0:23:8d:e8:85:fe:94:e7:f7:6e:fd:b6:1c:f6:48:1a:ca:
fe:e2:bb:f6:0c:6b:cb:9d:19:60:ae:b2:1a:61:04:8a:c3:7c:
df:14:2a:8c:3c:5e:18:ec:03:ec:70:c7:7a:1e:93:72:dc:29:
70:83:14:eb:92:c0:20:9f:3a:b3:ce:de:f8:df:e9:a3:7c:4b:
e1:f4:fe:8f:44:32:3a:8e:a3:db:37:b6:e0:b5:24:e0:6c:cc:
8f:d6:e1:f4:ac:06:58:74:61:98:10:89:08:fc:0b:f9:e0:fc:
4c:02:07:43
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUCE8qq+fqQa0pJzVQSrrUt4PPh5IwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAN2JlNzFiNTAzZWFiZmViZDhkMjQx
YjU1MDZlZjI5M2Q2OWQ2YjQ4YmZjNDRkOGRkMmZlNjVhZjRmYWMzNTgxNjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvoITCMtP5nCQOcAJ2C5QSDfoTC9o
xO4CmKUovs56XCpdXnLKSlU/Vyc+YntVz9FTEE8rRbG/fz3n0PdJU+F7M0IgarF1
O2G/113zyfd4ezggYFHEUtcpPBw95bJxAC7elZwcFfzLx5+2e5Jn5UilV9nnqkiG
sYpSUnJbW4zskecso1B7K2zAD4F1/DjfVk/QpeB/vARIiZyOCpYgW3QIegMb+1u8
0wfAokCgmqqL5bXIbPDN5eZvwgiz/7EmVawD8J7O6dQoBbP1vSqIYXQsFshHoUP2
ttKlmaw82MomUlX3lIDzz2WgEquibhWgdEkonZp0aV7yPE76jMKPo4mxlQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPt3+THBgdEeAxJ/FAgt9yw7DzeVMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2UxZWUwY2E2LTQwOTktNGY4NC04ZTA1LWZmMDJkNjdhNTgwYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8igwDQYJKoZIhvcNAQELBQADggEBADQXVqfhr9zGay88NC8n
1pMdFWAK3bZ9kKcm4RQw6jb5unTSEi2T9l0XHkzC8sG28A4lDBUEpYyMW6KJh1sS
8O/NGt5Bm+wrPPXUmHdQ/V4D7z3y/IgWJwMJPk7fiDifwRWaJRakXyfUt3GziRpM
GGwGYmfpGK2f9FUx0yXvgWlJkuiYMaHLGEJTItWLwjEXR83QI43ohf6U5/du/bYc
9kgayv7iu/YMa8udGWCushphBIrDfN8UKow8XhjsA+xwx3oek3LcKXCDFOuSwCCf
OrPO3vjf6aN8S+H0/o9EMjqOo9s3tuC1JOBszI/W4fSsBlh0YZgQiQj8C/ng/EwC
B0M=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:56:37 2025 by rpki-client