Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ef9ddd9a-9ca9-428f-ac4f-d7f26d008249.roa
File: ef9ddd9a-9ca9-428f-ac4f-d7f26d008249.roa (raw, json)
Hash identifier: 9orizPTrsI9uFUNxjw8IIYDWp95ARrl+M2EpZpNaSiY=
Subject key identifier: F0:8A:E3:3A:05:18:CF:C5:82:5E:B8:BE:36:4E:5F:78:8D:DE:1F:1C
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4837CE9284429317D44685C4D9DCF462DB5F830C
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ef9ddd9a-9ca9-428f-ac4f-d7f26d008249.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da69:800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 19:30:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
48:37:ce:92:84:42:93:17:d4:46:85:c4:d9:dc:f4:62:db:5f:83:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:12:e2:29:fb:6a:3c:62:98:ee:fd:1f:dc:27:
bc:e5:02:c0:7c:9c:a1:2b:0a:5d:1c:29:bf:80:2d:
b2:f6:c6:49:21:ed:70:c7:9b:1d:a1:2e:bb:45:fe:
56:17:08:0c:0b:9b:c1:07:5a:cc:3f:d0:75:92:d6:
4b:65:05:27:27:7d:1e:8f:86:ce:0b:48:2e:94:bf:
77:ac:55:b4:23:41:2e:ab:92:f0:cf:63:9e:cc:27:
11:41:3e:64:07:da:ee:ed:ac:93:58:f2:62:a6:4d:
d4:6a:2c:56:0e:1a:36:3d:39:ad:67:14:fc:5b:d0:
9f:05:d5:09:10:dc:dc:81:4e:5b:12:e2:8b:62:06:
0f:d4:16:7a:86:a6:64:0a:fc:c0:47:43:8c:25:3c:
c6:ab:9e:2c:af:8c:d9:ed:b3:a6:79:b7:3a:fe:42:
d2:03:3b:72:da:3b:a1:af:ef:da:29:0b:5f:fa:9a:
b9:3f:25:93:a2:c3:17:a7:6c:d7:f3:03:de:59:8e:
9d:a4:18:60:72:85:56:87:fc:2d:19:77:00:f4:0b:
8f:51:0f:a6:97:7d:97:97:dd:d5:43:45:46:4c:46:
f9:7e:f1:b5:97:8b:fd:66:45:a8:23:21:5d:b3:98:
6a:30:c0:db:51:83:3e:35:41:3f:d8:cb:f9:b2:c0:
25:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:8A:E3:3A:05:18:CF:C5:82:5E:B8:BE:36:4E:5F:78:8D:DE:1F:1C
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/ef9ddd9a-9ca9-428f-ac4f-d7f26d008249.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da69:800::/40
Signature Algorithm: sha256WithRSAEncryption
9c:c1:45:e9:ba:25:2e:09:f8:a4:b7:04:6d:45:93:fd:f3:22:
1c:38:ce:06:db:bb:d0:64:e9:e4:95:32:e2:81:55:bc:90:58:
e8:b7:e9:15:1c:28:8e:4b:48:ed:59:6e:c9:9f:99:60:01:d8:
a8:08:40:37:db:cb:a3:fc:a2:73:2e:ec:b1:43:e3:2a:74:12:
ab:07:ed:69:79:2b:84:5d:40:9c:e2:61:37:1f:9e:30:a6:a9:
c8:19:48:71:73:c6:9f:db:ca:c2:6d:47:4b:7d:ae:d7:ae:ab:
58:9f:c7:3a:5f:c5:b3:55:df:7c:08:24:5f:a0:98:cc:59:c5:
79:fd:bb:27:ab:1c:e9:8d:90:9b:17:bc:1d:de:b5:35:30:04:
3e:cc:ce:ac:5d:ca:8f:d9:ae:f2:5e:1c:e2:96:92:7b:ed:a5:
fc:ab:42:40:17:1e:4d:6f:5b:ed:55:b9:0b:27:54:ee:99:51:
77:e6:11:19:a4:02:7b:f0:65:8c:26:c1:98:03:ee:3d:4d:fd:
0e:2d:ad:f1:4a:2e:94:dd:21:1b:08:2f:78:b0:31:65:38:67:
63:32:8d:e9:0c:84:8a:53:2b:6e:9d:7f:aa:b3:38:cf:d4:21:
e1:85:d9:fd:25:9c:96:5f:73:85:38:15:97:b0:90:52:d2:34:
a1:af:d3:b6
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUSDfOkoRCkxfURoXE2dz0YttfgwwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMGQ1ODlmZTg1MWYxYWQ0NzdjZjNm
MDc2NmM4M2ZkODgwOGQ4MjdmY2QwNWEwNGU1MzViOTEwNjcyNjc3NWIyZjEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRLiKftqPGKY7v0f3Ce85QLAfJyh
KwpdHCm/gC2y9sZJIe1wx5sdoS67Rf5WFwgMC5vBB1rMP9B1ktZLZQUnJ30ej4bO
C0gulL93rFW0I0Euq5Lwz2OezCcRQT5kB9ru7ayTWPJipk3UaixWDho2PTmtZxT8
W9CfBdUJENzcgU5bEuKLYgYP1BZ6hqZkCvzAR0OMJTzGq54sr4zZ7bOmebc6/kLS
Azty2juhr+/aKQtf+pq5PyWTosMXp2zX8wPeWY6dpBhgcoVWh/wtGXcA9AuPUQ+m
l32Xl93VQ0VGTEb5fvG1l4v9ZkWoIyFds5hqMMDbUYM+NUE/2Mv5ssAlOQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFPCK4zoFGM/Fgl64vjZOX3iN3h8cMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2VmOWRkZDlhLTljYTktNDI4Zi1hYzRmLWQ3ZjI2ZDAwODI0OS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaaQgwDQYJKoZIhvcNAQELBQADggEBAJzBRem6JS4J+KS3BG1F
k/3zIhw4zgbbu9Bk6eSVMuKBVbyQWOi36RUcKI5LSO1ZbsmfmWAB2KgIQDfby6P8
onMu7LFD4yp0EqsH7Wl5K4RdQJziYTcfnjCmqcgZSHFzxp/bysJtR0t9rteuq1if
xzpfxbNV33wIJF+gmMxZxXn9uyerHOmNkJsXvB3etTUwBD7Mzqxdyo/ZrvJeHOKW
knvtpfyrQkAXHk1vW+1VuQsnVO6ZUXfmERmkAnvwZYwmwZgD7j1N/Q4trfFKLpTd
IRsIL3iwMWU4Z2MyjekMhIpTK26df6qzOM/UIeGF2f0lnJZfc4U4FZewkFLSNKGv
07Y=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:10:12 2025 by rpki-client