Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e516b28b-c549-41c8-a3c8-97331669f493.roa
File: e516b28b-c549-41c8-a3c8-97331669f493.roa (raw, json)
Hash identifier: jqxgMbuDMteB5o8OhOAsrQVkSoT2ZOy6SP+qx8nQQy0=
Subject key identifier: BD:01:35:24:F5:6D:3E:C2:55:0F:7F:39:5E:53:54:3F:07:AD:3A:33
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 3DD76FCB9E448AE2F0EF272F7C79DE5D722A98D6
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e516b28b-c549-41c8-a3c8-97331669f493.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf2:c800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 15:50:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3d:d7:6f:cb:9e:44:8a:e2:f0:ef:27:2f:7c:79:de:5d:72:2a:98:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:ce:50:3e:01:b4:be:dc:21:f5:24:d1:a9:aa:
2d:8c:65:49:38:ea:ce:c4:10:68:c3:f8:fc:d9:83:
89:86:71:65:52:c6:05:63:9c:51:46:c4:15:57:ad:
14:93:9d:60:07:a8:17:3c:90:88:25:6e:03:11:07:
0e:e1:6b:20:a1:6a:72:64:9d:ca:40:43:f3:eb:9a:
7c:ad:d1:80:ab:39:fb:29:ba:0e:f2:dd:7e:01:5f:
c1:04:c5:f2:07:3f:05:5f:da:e6:ec:9e:b7:67:4e:
4e:09:40:42:ac:25:f8:46:12:57:69:00:51:74:fa:
3d:89:e1:4f:c7:60:aa:9f:04:2f:f9:f2:26:47:0b:
09:cc:41:ef:a2:43:b4:9b:f0:bc:64:d4:3a:de:28:
67:79:d0:0e:b2:cf:4e:f7:80:35:f4:35:7c:c9:4e:
d4:c6:d9:3f:64:d1:80:bc:09:c1:49:c3:40:4b:08:
b9:97:34:f7:59:ca:b4:75:25:b5:49:88:cc:4c:f4:
7b:5e:48:03:2a:ba:d6:8d:96:9f:67:b1:cb:e7:22:
91:32:23:c4:a7:23:96:4e:fa:2c:2d:1e:e9:ca:7e:
25:14:9b:f1:28:68:70:8a:30:66:8a:f1:ff:73:49:
c0:d9:4e:82:18:eb:a3:38:2f:66:4d:e1:8b:a8:c4:
d9:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:01:35:24:F5:6D:3E:C2:55:0F:7F:39:5E:53:54:3F:07:AD:3A:33
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/e516b28b-c549-41c8-a3c8-97331669f493.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf2:c800::/40
Signature Algorithm: sha256WithRSAEncryption
8c:ce:a8:69:21:4d:5f:cc:ee:94:0f:a7:ff:e3:a2:8e:19:e1:
2c:71:8d:02:91:bc:2e:cd:3f:32:c0:c8:d4:d4:82:f7:df:05:
5c:e9:ab:49:9f:5a:2f:c6:ef:91:80:06:a3:69:5c:7e:21:d7:
68:4c:26:65:84:88:20:aa:b7:a7:ea:47:84:dd:af:46:98:fc:
22:06:2b:c0:9e:f0:90:5e:a3:f3:36:08:0d:c6:8c:cd:ee:da:
90:d5:0b:a2:77:01:3f:4f:22:fd:43:6d:1c:df:73:f0:27:1b:
f1:e6:c4:20:e1:3e:84:5d:70:13:b4:0c:bd:2f:e8:7c:79:af:
9b:71:c2:07:3a:62:46:81:8e:90:1e:93:6b:00:4e:99:c6:43:
78:23:d2:3f:b2:7f:8d:b6:c3:af:80:03:e7:a1:02:88:9d:b1:
53:9d:7c:0f:3f:70:a3:58:5d:13:5b:a7:18:d9:c9:06:1a:e1:
06:b1:f3:c3:6a:bb:cd:05:77:24:9d:33:25:1d:ce:ad:fd:48:
be:18:53:30:1b:d1:36:11:29:56:5e:69:ae:8b:eb:f5:de:9f:
91:d2:a5:a6:05:c1:61:cc:e4:1e:d5:52:a0:49:19:00:46:06:
b9:91:8d:1e:6e:2a:9c:ee:0c:e8:f1:06:5d:d8:49:30:b2:3e:
8b:84:49:81
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUPddvy55EiuLw7ycvfHneXXIqmNYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMjBkN2UwN2UzZjQ2MDIxZjU0YWVj
ZTNiNjMzYWVkNjc0MDA3YjQwY2Q4Y2Q5N2Y2ZDEzZmZkN2JkMjRhYzc0MTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp85QPgG0vtwh9STRqaotjGVJOOrO
xBBow/j82YOJhnFlUsYFY5xRRsQVV60Uk51gB6gXPJCIJW4DEQcO4WsgoWpyZJ3K
QEPz65p8rdGAqzn7KboO8t1+AV/BBMXyBz8FX9rm7J63Z05OCUBCrCX4RhJXaQBR
dPo9ieFPx2CqnwQv+fImRwsJzEHvokO0m/C8ZNQ63ihnedAOss9O94A19DV8yU7U
xtk/ZNGAvAnBScNASwi5lzT3Wcq0dSW1SYjMTPR7XkgDKrrWjZafZ7HL5yKRMiPE
pyOWTvosLR7pyn4lFJvxKGhwijBmivH/c0nA2U6CGOujOC9mTeGLqMTZMQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFL0BNST1bT7CVQ9/OV5TVD8HrTozMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2U1MTZiMjhiLWM1NDktNDFjOC1hM2M4LTk3MzMxNjY5ZjQ5My5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba8sgwDQYJKoZIhvcNAQELBQADggEBAIzOqGkhTV/M7pQPp//j
oo4Z4SxxjQKRvC7NPzLAyNTUgvffBVzpq0mfWi/G75GABqNpXH4h12hMJmWEiCCq
t6fqR4Tdr0aY/CIGK8Ce8JBeo/M2CA3GjM3u2pDVC6J3AT9PIv1DbRzfc/AnG/Hm
xCDhPoRdcBO0DL0v6Hx5r5txwgc6YkaBjpAek2sATpnGQ3gj0j+yf422w6+AA+eh
AoidsVOdfA8/cKNYXRNbpxjZyQYa4Qax88Nqu80FdySdMyUdzq39SL4YUzAb0TYR
KVZeaa6L6/Xen5HSpaYFwWHM5B7VUqBJGQBGBrmRjR5uKpzuDOjxBl3YSTCyPouE
SYE=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:05:20 2025 by rpki-client