Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eaf380aa-91a9-4a82-b0bd-5177e1da2138.roa
File: eaf380aa-91a9-4a82-b0bd-5177e1da2138.roa (raw, json)
Hash identifier: 3OM3C3t1Rmk/h9sxFglEd3ww+8XTgNLqXSHwqIXjqrs=
Subject key identifier: 8F:B9:55:76:60:95:1B:4B:4F:06:A8:89:C6:E7:02:38:E5:1F:DD:FB
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 07E29A4F71178C66FFA67AE7675C56F5795BECE3
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eaf380aa-91a9-4a82-b0bd-5177e1da2138.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 15:40:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
07:e2:9a:4f:71:17:8c:66:ff:a6:7a:e7:67:5c:56:f5:79:5b:ec:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:f5:68:30:35:ff:50:eb:5f:7c:08:6d:0a:34:
c8:3a:77:09:de:a0:ce:d8:f6:3f:08:d4:29:65:af:
c9:be:cc:9f:14:86:5e:80:9c:0f:99:aa:98:db:51:
55:a2:c9:7a:60:63:0f:4d:fd:00:de:c5:c0:18:3d:
38:be:e9:32:76:2e:ab:e0:c4:f4:fb:19:3e:15:78:
ce:93:a1:6d:1f:8c:a6:07:40:cd:14:d4:7f:92:b2:
12:74:04:52:8d:49:a0:4b:01:b2:07:30:ca:94:e8:
b6:fa:aa:a6:97:a6:87:e0:e8:3c:b8:8f:59:02:c3:
ca:15:55:7d:48:b1:02:eb:6f:cc:d2:57:56:41:65:
50:d9:cc:4e:b0:e5:19:f1:99:a3:15:50:a4:7f:ce:
3c:ea:94:c4:96:55:13:02:66:bc:36:32:a0:dc:42:
34:0f:77:b9:3a:1a:c1:0a:2e:b5:be:a8:2e:1a:f3:
86:b9:a7:89:33:4b:58:c3:a0:6c:36:19:49:a4:a3:
e7:2a:b6:ba:3d:fe:63:16:10:80:63:fa:9d:2a:96:
43:e6:82:86:d3:f0:74:08:3f:cb:9c:19:ae:90:23:
21:e3:29:52:f1:ae:60:52:af:a0:b9:ad:6f:ac:80:
f7:ae:9f:5b:38:aa:ed:ea:66:af:8f:33:be:45:5d:
a4:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:B9:55:76:60:95:1B:4B:4F:06:A8:89:C6:E7:02:38:E5:1F:DD:FB
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/eaf380aa-91a9-4a82-b0bd-5177e1da2138.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:800::/40
Signature Algorithm: sha256WithRSAEncryption
92:56:29:57:9e:79:f9:2e:b1:66:96:9f:55:2a:aa:e9:dd:cc:
ba:e9:91:dd:a6:d6:8b:bf:be:ae:16:9c:1b:55:79:69:7f:b2:
75:99:50:10:6f:4c:5f:b5:99:96:58:9d:a1:4a:b3:5f:16:18:
44:8e:b8:f5:77:ac:47:76:ea:d9:71:00:60:aa:5f:d4:11:be:
3e:63:bc:43:bc:f6:c7:73:eb:eb:bb:d0:85:2b:8e:fa:10:79:
e9:08:e7:dc:eb:ea:52:c8:db:60:ec:d5:e4:bd:4b:15:3b:40:
37:cc:ff:b8:05:d2:a6:8f:0d:56:9e:51:2f:59:52:cd:ef:26:
16:b9:b6:b9:c2:75:db:6c:da:ab:a8:24:b7:b0:fd:76:63:4a:
65:77:5d:32:65:7e:97:25:43:4f:7a:f8:29:0b:ee:4a:af:94:
a8:bf:e1:98:32:7f:27:b4:a5:7f:05:b5:d8:0f:ff:3c:58:1a:
8b:58:08:6a:7f:da:8a:37:8b:78:a7:35:86:77:10:ef:52:13:
0c:ec:54:81:a1:d0:93:4b:8b:56:8b:4d:ef:13:43:44:a8:8f:
f2:b8:62:75:23:af:6b:f6:9d:d9:6a:1f:d2:64:d5:07:f6:58:
35:0a:c7:82:2f:99:45:16:5e:69:e7:2c:29:b5:4e:55:66:05:
45:df:1e:f9
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUB+KaT3EXjGb/pnrnZ1xW9Xlb7OMwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNANTAyMjg2NzRkNWY1MzY4ZWI1ZTc1
NTkwZmQ2ZTJmZjA5ZGZmMGQzOWFkMGUxNWE5NTAzNDAyYjE1NjdjZDM5MDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkvVoMDX/UOtffAhtCjTIOncJ3qDO
2PY/CNQpZa/JvsyfFIZegJwPmaqY21FVosl6YGMPTf0A3sXAGD04vukydi6r4MT0
+xk+FXjOk6FtH4ymB0DNFNR/krISdARSjUmgSwGyBzDKlOi2+qqml6aH4Og8uI9Z
AsPKFVV9SLEC62/M0ldWQWVQ2cxOsOUZ8ZmjFVCkf8486pTEllUTAma8NjKg3EI0
D3e5OhrBCi61vqguGvOGuaeJM0tYw6BsNhlJpKPnKra6Pf5jFhCAY/qdKpZD5oKG
0/B0CD/LnBmukCMh4ylS8a5gUq+gua1vrID3rp9bOKrt6mavjzO+RV2kEQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFI+5VXZglRtLTwaoicbnAjjlH937MB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VhZjM4MGFhLTkxYTktNGE4Mi1iMGJkLTUxNzdlMWRhMjEzOC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba9AgwDQYJKoZIhvcNAQELBQADggEBAJJWKVeeefkusWaWn1Uq
qundzLrpkd2m1ou/vq4WnBtVeWl/snWZUBBvTF+1mZZYnaFKs18WGESOuPV3rEd2
6tlxAGCqX9QRvj5jvEO89sdz6+u70IUrjvoQeekI59zr6lLI22Ds1eS9SxU7QDfM
/7gF0qaPDVaeUS9ZUs3vJha5trnCddts2quoJLew/XZjSmV3XTJlfpclQ096+CkL
7kqvlKi/4Zgyfye0pX8FtdgP/zxYGotYCGp/2oo3i3inNYZ3EO9SEwzsVIGh0JNL
i1aLTe8TQ0Soj/K4YnUjr2v2ndlqH9Jk1Qf2WDUKx4IvmUUWXmnnLCm1TlVmBUXf
Hvk=
-----END CERTIFICATE-----
Generated at Wed Feb 5 03:54:07 2025 by rpki-client