Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f12b20dc-a186-40d2-a88f-89c1cd3fd6ba.roa
File: f12b20dc-a186-40d2-a88f-89c1cd3fd6ba.roa (raw, json)
Hash identifier: yImtfGVvh4WF1VGJg1lNv9E34h8cmj1UHkTNd4Qlb3E=
Subject key identifier: B0:70:02:AC:C3:17:5B:CA:43:9B:93:88:C0:28:28:9D:18:AE:3E:6A
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 30EDE9504F81AE59AF25B5D8407DB732F09F4DF1
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f12b20dc-a186-40d2-a88f-89c1cd3fd6ba.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:2800::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 19:11:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:ed:e9:50:4f:81:ae:59:af:25:b5:d8:40:7d:b7:32:f0:9f:4d:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:fe:b9:c9:44:d8:06:13:e0:ad:89:7d:da:58:
9e:d1:9d:81:a8:4e:94:2c:ce:08:e3:b5:f2:89:d4:
11:0f:2b:26:8c:e4:35:73:11:db:2a:f4:5e:d6:4b:
82:d8:4c:02:a0:da:5b:c7:9e:d0:81:46:b8:9c:41:
0e:62:81:74:16:e8:64:ce:29:e0:21:21:09:8b:1d:
34:36:28:31:32:68:21:1d:36:38:46:eb:94:46:1c:
db:f5:cc:3a:46:37:c3:b7:9c:b7:05:18:26:5f:87:
47:23:0d:86:40:ba:ac:5b:66:83:08:20:59:61:e7:
ae:52:51:b7:de:d0:fb:be:7e:9e:85:be:90:9f:c6:
f9:4a:fe:18:2f:ed:86:40:12:35:f7:ff:8d:d0:5b:
4a:46:17:ff:a5:02:41:48:ba:9d:8b:e7:cc:c4:cd:
20:3e:ed:8e:7e:4a:f9:ad:c2:ed:53:f9:21:cd:0d:
c3:4e:f9:c4:fc:2e:ca:1c:4c:9f:09:31:59:ca:22:
fa:f6:c6:65:a1:b2:df:66:93:ae:b4:3a:8b:67:f6:
06:51:1e:19:0c:ef:6b:f3:da:44:5c:26:9a:68:5e:
bc:64:22:b7:79:b4:69:73:0b:b1:fa:c7:e4:6d:fa:
3a:b4:f3:49:24:19:46:cb:d4:de:d7:9d:3b:af:a3:
7c:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:70:02:AC:C3:17:5B:CA:43:9B:93:88:C0:28:28:9D:18:AE:3E:6A
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f12b20dc-a186-40d2-a88f-89c1cd3fd6ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:2800::/40
Signature Algorithm: sha256WithRSAEncryption
9e:40:e4:20:88:9b:b1:d8:53:27:7d:9d:82:47:77:89:9c:87:
d2:de:51:10:89:99:9c:c0:5a:07:2f:ba:fc:ce:b6:59:f3:b7:
1c:46:28:e6:c2:e1:c6:23:72:45:c1:08:f7:41:20:a0:e2:28:
61:cb:47:4c:81:f4:7c:82:9a:f4:d2:05:da:e8:de:81:4f:8d:
99:38:42:23:fa:cd:a7:27:58:e7:29:a3:64:38:c9:e2:da:71:
78:8c:38:54:40:4f:c7:82:0c:cc:3d:15:fa:0f:1b:2e:bd:11:
b9:b5:1e:79:8d:27:74:d8:20:78:47:80:11:fe:ec:54:e8:03:
80:1c:39:fd:52:6a:88:6d:f1:fe:96:77:92:06:14:f9:83:e4:
7c:32:4b:06:5a:78:10:53:33:5e:74:66:5e:d5:c0:8c:ce:ef:
b9:9f:ad:af:69:8f:8c:65:bc:b0:ba:9c:a9:4e:ba:7e:02:6b:
8c:c1:ec:26:e1:00:b5:d7:c4:7b:e6:69:90:8a:da:53:1f:3c:
a3:1e:7b:e3:9f:ca:4f:45:89:a2:eb:cc:6f:61:bb:f1:88:9f:
03:f1:e4:5d:77:0f:8a:e2:61:bf:87:0b:79:8c:4e:85:94:19:
25:ef:8e:77:21:80:30:a2:40:ea:e4:51:4b:ec:21:16:86:f2:
9e:79:75:d0
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUMO3pUE+BrlmvJbXYQH23MvCfTfEwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAYmU1MzU2MGM1ZGNkZDNjZjE5ZDJh
NDMwMWU0NTA4ODgzMTQ4YTcxMjU2NDA4Mzk1Y2NhNjZmNDI1NjI3ODA4NDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/65yUTYBhPgrYl92lie0Z2BqE6U
LM4I47XyidQRDysmjOQ1cxHbKvRe1kuC2EwCoNpbx57QgUa4nEEOYoF0Fuhkzing
ISEJix00NigxMmghHTY4RuuURhzb9cw6RjfDt5y3BRgmX4dHIw2GQLqsW2aDCCBZ
YeeuUlG33tD7vn6ehb6Qn8b5Sv4YL+2GQBI19/+N0FtKRhf/pQJBSLqdi+fMxM0g
Pu2Ofkr5rcLtU/khzQ3DTvnE/C7KHEyfCTFZyiL69sZlobLfZpOutDqLZ/YGUR4Z
DO9r89pEXCaaaF68ZCK3ebRpcwux+sfkbfo6tPNJJBlGy9Te1507r6N84QIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLBwAqzDF1vKQ5uTiMAoKJ0Yrj5qMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2YxMmIyMGRjLWExODYtNDBkMi1hODhmLTg5YzFjZDNmZDZiYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+ygwDQYJKoZIhvcNAQELBQADggEBAJ5A5CCIm7HYUyd9nYJH
d4mch9LeURCJmZzAWgcvuvzOtlnztxxGKObC4cYjckXBCPdBIKDiKGHLR0yB9HyC
mvTSBdro3oFPjZk4QiP6zacnWOcpo2Q4yeLacXiMOFRAT8eCDMw9FfoPGy69Ebm1
HnmNJ3TYIHhHgBH+7FToA4AcOf1Saoht8f6Wd5IGFPmD5HwySwZaeBBTM150Zl7V
wIzO77mfra9pj4xlvLC6nKlOun4Ca4zB7CbhALXXxHvmaZCK2lMfPKMee+Ofyk9F
iaLrzG9hu/GInwPx5F13D4riYb+HC3mMToWUGSXvjnchgDCiQOrkUUvsIRaG8p55
ddA=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:00:37 2025 by rpki-client