Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f607473c-b847-4f33-9284-b75fe670bc74.roa
File: f607473c-b847-4f33-9284-b75fe670bc74.roa (raw, json)
Hash identifier: /0DFtq2m1mm8k7XzsIxE4yiGjWiWPvzaQJVJ+Mi4/d4=
Subject key identifier: BA:9F:5A:39:02:F8:66:6E:E0:DC:05:0F:4F:F1:E1:63:E0:5D:B2:63
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 4C4727899B4F920D1AE8B4322D6408AFC4DECB4D
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f607473c-b847-4f33-9284-b75fe670bc74.roa
Signing time: Mon 03 Feb 2025 00:00:00 +0000
ROA not before: Mon 03 Feb 2025 00:00:00 +0000
ROA not after: Mon 10 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:da38:c000::/40 maxlen: 40
Validation: Failed, certificate revoked on Mon 03 Feb 2025 17:10:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4c:47:27:89:9b:4f:92:0d:1a:e8:b4:32:2d:64:08:af:c4:de:cb:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000
Validity
Not Before: Feb 3 00:00:00 2025 GMT
Not After : Mar 10 23:59:59 2025 GMT
Subject: CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:13:77:1e:c3:9f:7d:50:8a:bc:bc:63:3e:0c:
5f:b6:a6:6a:77:a0:e4:80:b1:93:af:06:a5:df:b0:
49:b2:ed:28:93:29:06:1c:a1:5e:9e:1a:cb:1d:a9:
c1:34:57:e4:1e:bb:53:78:61:c3:97:2f:94:2e:f3:
79:a6:0b:8f:53:b9:ff:63:a0:a6:59:3b:5b:7e:34:
2d:0a:a1:fd:ca:23:ab:8e:46:59:e5:95:50:c0:b6:
f4:30:82:31:35:4e:0f:24:ee:6f:71:7c:99:42:82:
47:a4:57:23:52:ae:3c:bf:57:b4:43:06:b8:f5:10:
00:45:76:1d:93:81:40:f6:8f:a1:fb:ce:23:18:3f:
20:af:a4:ca:66:f7:96:b6:5f:5f:d5:e4:88:a8:0d:
9c:83:7b:63:8e:be:75:a2:67:53:7f:6b:df:22:71:
86:e5:32:95:86:64:94:98:5b:83:44:c6:01:a7:f1:
78:10:e4:0e:d0:57:39:4a:0d:33:70:c0:f5:05:78:
8b:ec:d5:1c:f0:2f:f6:c7:a3:51:3d:88:79:16:e6:
d5:7c:4f:c2:2b:46:ee:3f:95:8f:55:c4:1e:6b:21:
7e:cc:74:92:56:07:28:b0:ff:e9:ea:ae:6c:f3:22:
08:6b:33:f5:a4:be:f1:0a:62:c7:b8:4e:17:92:5d:
39:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:9F:5A:39:02:F8:66:6E:E0:DC:05:0F:4F:F1:E1:63:E0:5D:B2:63
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f607473c-b847-4f33-9284-b75fe670bc74.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:da38:c000::/40
Signature Algorithm: sha256WithRSAEncryption
9e:8b:70:6d:43:79:17:dd:f8:29:fe:25:32:67:b9:ca:a7:3a:
04:9a:cd:0a:b3:9c:50:c9:0d:df:e7:63:84:23:81:9c:96:e5:
c9:e8:b4:10:50:5d:62:05:ee:67:3a:fd:27:4a:79:eb:cb:55:
6c:02:df:3e:b3:b9:a3:af:26:64:63:73:e9:97:a3:17:42:e2:
c1:bf:d5:00:b8:46:38:8b:ea:af:73:87:4c:17:2b:a1:74:6b:
5a:34:a0:17:e6:e5:8b:a0:98:41:6b:78:01:64:c5:ed:dc:36:
20:1d:c2:09:67:ff:7c:b0:5b:e2:c0:36:fe:6f:ae:5f:ec:92:
84:5c:36:aa:0a:f6:5c:43:3d:0d:1f:28:72:eb:a7:13:34:dd:
6f:61:03:73:ce:81:ad:40:b6:b9:be:e5:ad:67:f8:41:8a:bf:
57:31:68:3a:c5:57:c2:91:0d:8a:40:4a:a7:d7:a1:08:fb:e2:
d3:8a:ba:1e:98:27:1f:f3:b1:2c:d5:2f:b5:b8:7e:a1:27:63:
09:a6:fb:f7:ed:eb:38:eb:c0:45:6d:4d:39:7f:0a:43:2f:4e:
25:47:fd:3b:e6:1f:19:03:d4:58:0c:30:68:7e:dc:84:2a:fb:
0a:49:03:84:3d:21:fc:13:cb:4d:81:be:93:9d:f3:29:f4:19:
75:b7:0c:22
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUTEcniZtPkg0a6LQyLWQIr8Tey00wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDIwMzAwMDAwMFoX
DTI1MDMxMDIzNTk1OVowejFJMEcGA1UEBRNAMjFmYWY4Njg5MWVlMDVjOTQzNDAy
NzRhMWM1MjliNWMyNDk0MGE5ZDQ4MjcwOTJhNGJjODIxYmIyNjliYWY4NDEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwhN3HsOffVCKvLxjPgxftqZqd6Dk
gLGTrwal37BJsu0okykGHKFenhrLHanBNFfkHrtTeGHDly+ULvN5pguPU7n/Y6Cm
WTtbfjQtCqH9yiOrjkZZ5ZVQwLb0MIIxNU4PJO5vcXyZQoJHpFcjUq48v1e0Qwa4
9RAARXYdk4FA9o+h+84jGD8gr6TKZveWtl9f1eSIqA2cg3tjjr51omdTf2vfInGG
5TKVhmSUmFuDRMYBp/F4EOQO0Fc5Sg0zcMD1BXiL7NUc8C/2x6NRPYh5FubVfE/C
K0buP5WPVcQeayF+zHSSVgcosP/p6q5s8yIIazP1pL7xCmLHuE4Xkl05UwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFLqfWjkC+GZu4NwFD0/x4WPgXbJjMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Y2MDc0NzNjLWI4NDctNGYzMy05Mjg0LWI3NWZlNjcwYmM3NC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAbaOMAwDQYJKoZIhvcNAQELBQADggEBAJ6LcG1DeRfd+Cn+JTJn
ucqnOgSazQqznFDJDd/nY4QjgZyW5cnotBBQXWIF7mc6/SdKeevLVWwC3z6zuaOv
JmRjc+mXoxdC4sG/1QC4RjiL6q9zh0wXK6F0a1o0oBfm5YugmEFreAFkxe3cNiAd
wgln/3ywW+LANv5vrl/skoRcNqoK9lxDPQ0fKHLrpxM03W9hA3POga1Atrm+5a1n
+EGKv1cxaDrFV8KRDYpASqfXoQj74tOKuh6YJx/zsSzVL7W4fqEnYwmm+/ft6zjr
wEVtTTl/CkMvTiVH/TvmHxkD1FgMMGh+3IQq+wpJA4Q9IfwTy02BvpOd8yn0GXW3
DCI=
-----END CERTIFICATE-----
Generated at Wed Feb 5 04:01:57 2025 by rpki-client