
Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f12b20dc-a186-40d2-a88f-89c1cd3fd6ba.roa
File: f12b20dc-a186-40d2-a88f-89c1cd3fd6ba.roa (raw, json)
Hash identifier: JiCreFxLGziiwyOG/71DdhGA61KcXlANn1hjFJRkJP8=
Subject key identifier: 91:FA:18:8A:18:C9:64:10:26:0F:80:E9:14:CF:65:6A:CC:40:6D:A4
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 6188DA76167FD782F25530C6742F317857E9B8C4
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f12b20dc-a186-40d2-a88f-89c1cd3fd6ba.roa
Signing time: Wed 30 Jul 2025 00:40:20 +0000
ROA not before: Wed 30 Jul 2025 00:40:20 +0000
ROA not after: Wed 03 Sep 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:dafb:2800::/40 maxlen: 40
Validation: Failed, certificate revoked on Wed 30 Jul 2025 17:52:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:88:da:76:16:7f:d7:82:f2:55:30:c6:74:2f:31:78:57:e9:b8:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Jul 30 00:40:20 2025 GMT
Not After : Sep 3 23:59:59 2025 GMT
Subject: serialNumber=ec5c8c04ff2e1e5436cdd05632a416adcc5b37aab441f4504d62caae284918f8, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:89:df:ef:4f:6c:6a:52:9c:9e:f6:c1:da:51:
d7:9d:f1:a7:91:1b:40:85:7e:f5:f1:da:3f:f0:f5:
e5:42:d6:0a:bf:a9:92:a4:e5:6d:19:5b:6e:ca:88:
aa:e1:23:69:a9:4e:94:bd:7f:a7:b3:09:6a:84:88:
cb:52:73:f2:59:dc:6e:31:be:32:1d:b3:f2:91:9f:
6b:db:36:d8:55:cb:d3:ed:d7:48:a1:9b:47:17:29:
7d:ce:b0:87:44:9f:41:2d:20:56:6f:5e:e2:c0:a7:
80:2a:82:11:15:b0:21:ad:12:a1:62:80:08:63:ef:
cc:56:ae:86:a4:6f:b0:1b:d1:87:db:4a:45:0d:cb:
3f:53:a2:b3:e0:49:1c:70:36:e8:bd:fe:78:02:b9:
a5:5f:be:1e:3c:5f:4a:8a:33:3a:ea:e6:60:e9:85:
32:4f:89:13:73:96:6a:fe:68:85:0d:7b:9b:fd:05:
33:42:21:9a:f9:b1:d4:f7:4e:99:75:30:cc:e1:60:
1a:b8:53:64:d9:e6:d2:6a:cb:65:55:2e:64:c4:5d:
4b:50:ad:18:a5:36:7c:6b:85:73:03:7b:56:3c:89:
b5:5d:3a:1d:90:42:12:d1:cf:a8:24:e8:af:b0:10:
cd:2d:7a:e6:72:7f:9f:2d:7a:04:46:59:bf:ac:e4:
34:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:FA:18:8A:18:C9:64:10:26:0F:80:E9:14:CF:65:6A:CC:40:6D:A4
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f12b20dc-a186-40d2-a88f-89c1cd3fd6ba.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:dafb:2800::/40
Signature Algorithm: sha256WithRSAEncryption
a0:92:ab:68:f1:9c:bb:a3:29:48:44:e4:69:b4:a5:af:27:1b:
d9:ee:a4:c8:1e:ba:b5:ae:51:47:f7:c5:c3:5c:33:e7:f0:82:
22:eb:13:31:9f:4e:e9:cc:78:b0:8a:13:6e:1d:8d:36:fb:cb:
90:7f:12:a3:63:86:f8:16:47:12:03:3a:a2:9e:0a:22:84:22:
12:b6:81:40:0a:9c:96:ad:78:b5:d7:76:b5:0f:2d:5b:38:5c:
d7:ab:36:40:0a:92:6a:1c:65:70:70:84:3f:fd:c7:5f:b2:28:
d6:c0:ae:3a:97:95:0f:4e:87:6b:99:dd:00:46:74:38:e0:50:
3a:a3:64:0b:d9:19:5b:da:e5:11:97:23:da:d7:aa:65:b8:ab:
98:83:c6:72:41:6c:2e:9f:26:28:78:7d:87:db:33:ca:d1:42:
90:2d:34:22:c7:26:5d:cb:34:74:4d:77:ee:ee:a5:f8:1d:7d:
35:e3:fb:b4:65:5f:2b:c9:54:42:a2:47:b9:df:ee:c3:c3:73:
45:d0:99:d1:63:37:64:ae:14:bf:d3:9e:2b:68:f0:6e:ef:e6:
29:9f:17:b1:6a:c5:b5:10:32:f1:11:af:f5:da:10:93:27:37:
3c:1f:85:da:98:b5:78:74:c4:b6:98:91:0c:5d:40:27:93:00:
06:16:b2:a2
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUYYjadhZ/14LyVTDGdC8xeFfpuMQwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDczMDAwNDAyMFoX
DTI1MDkwMzIzNTk1OVowejFJMEcGA1UEBRNAZWM1YzhjMDRmZjJlMWU1NDM2Y2Rk
MDU2MzJhNDE2YWRjYzViMzdhYWI0NDFmNDUwNGQ2MmNhYWUyODQ5MThmODEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs4nf709salKcnvbB2lHXnfGnkRtA
hX718do/8PXlQtYKv6mSpOVtGVtuyoiq4SNpqU6UvX+nswlqhIjLUnPyWdxuMb4y
HbPykZ9r2zbYVcvT7ddIoZtHFyl9zrCHRJ9BLSBWb17iwKeAKoIRFbAhrRKhYoAI
Y+/MVq6GpG+wG9GH20pFDcs/U6Kz4EkccDbovf54ArmlX74ePF9KijM66uZg6YUy
T4kTc5Zq/miFDXub/QUzQiGa+bHU906ZdTDM4WAauFNk2ebSastlVS5kxF1LUK0Y
pTZ8a4VzA3tWPIm1XTodkEIS0c+oJOivsBDNLXrmcn+fLXoERlm/rOQ03wIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJH6GIoYyWQQJg+A6RTPZWrMQG2kMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2YxMmIyMGRjLWExODYtNDBkMi1hODhmLTg5YzFjZDNmZDZiYS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba+ygwDQYJKoZIhvcNAQELBQADggEBAKCSq2jxnLujKUhE5Gm0
pa8nG9nupMgeurWuUUf3xcNcM+fwgiLrEzGfTunMeLCKE24djTb7y5B/EqNjhvgW
RxIDOqKeCiKEIhK2gUAKnJateLXXdrUPLVs4XNerNkAKkmocZXBwhD/9x1+yKNbA
rjqXlQ9Oh2uZ3QBGdDjgUDqjZAvZGVva5RGXI9rXqmW4q5iDxnJBbC6fJih4fYfb
M8rRQpAtNCLHJl3LNHRNd+7upfgdfTXj+7RlXyvJVEKiR7nf7sPDc0XQmdFjN2Su
FL/Tnito8G7v5imfF7FqxbUQMvERr/XaEJMnNzwfhdqYtXh0xLaYkQxdQCeTAAYW
sqI=
-----END CERTIFICATE-----
Generated at Thu Jul 31 00:57:26 2025 by rpki-client