Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/73c22f41-6d71-4b51-8cc6-2bcff4fdcaf7.roa
File: 73c22f41-6d71-4b51-8cc6-2bcff4fdcaf7.roa (raw, json)
Hash identifier: sD5cfDuP6YwtvZyLmzUlAkhww5EIZbnYuN4Jla2daa0=
Subject key identifier: F2:ED:B2:E3:02:83:5E:CE:B0:46:F6:BE:52:5F:DC:1C:8A:08:41:0C
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 427559F84F6EEC003CD45E7987FBC93502375546
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/73c22f41-6d71-4b51-8cc6-2bcff4fdcaf7.roa
Signing time: Tue 25 Mar 2025 00:41:34 +0000
ROA not before: Tue 25 Mar 2025 00:41:34 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daf4:1040::/48 maxlen: 48
Validation: Failed, certificate revoked on Wed 16 Apr 2025 18:53:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:75:59:f8:4f:6e:ec:00:3c:d4:5e:79:87:fb:c9:35:02:37:55:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Mar 25 00:41:34 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: serialNumber=41499a3b0245d6b0c302589a4932959a48cbe76dd643d1826026a6ff01c6c9d9, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:13:ca:75:ed:84:1f:1c:c8:47:ab:ab:14:86:
a2:76:79:14:f6:f5:10:76:b6:48:86:08:e0:b7:02:
52:e2:3d:52:4f:14:06:cc:a2:a8:3a:57:99:a8:53:
4c:f7:9f:77:0a:c1:df:2b:42:ea:9e:b2:e2:99:e5:
6a:db:69:4c:7d:77:f4:21:23:51:ad:f2:ca:9c:9a:
3f:ef:05:34:bd:58:e5:c0:1f:8a:95:f4:b0:1f:84:
9f:c7:a7:e7:86:7b:4c:09:c6:f0:b7:52:83:68:f2:
8f:b0:79:d6:63:b2:e1:14:ce:10:e5:05:59:4d:2f:
90:9d:58:ff:29:8c:2a:d2:fc:82:d2:95:7e:a9:d0:
2e:4c:0b:51:02:7f:24:13:f1:33:cb:bf:f5:e2:26:
b3:bd:98:f8:b9:c8:f3:00:f5:f7:85:c4:f1:cf:b5:
13:a4:1c:83:0c:ef:79:02:b8:83:e2:8e:c9:db:3b:
82:4a:74:93:08:20:e1:7c:86:fe:2f:1d:d4:45:28:
61:b0:6f:10:ac:f0:fa:ec:d3:9b:81:82:b1:55:1a:
4f:58:32:a2:3f:be:c6:d3:5d:40:09:c6:f3:73:10:
e1:83:2a:74:00:15:10:bf:ae:94:6d:82:e5:ba:93:
1c:2e:4a:df:ab:45:10:a1:44:a5:af:e1:48:44:fb:
1f:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:ED:B2:E3:02:83:5E:CE:B0:46:F6:BE:52:5F:DC:1C:8A:08:41:0C
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/73c22f41-6d71-4b51-8cc6-2bcff4fdcaf7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daf4:1040::/48
Signature Algorithm: sha256WithRSAEncryption
24:d7:68:1a:8a:74:c1:7a:82:20:21:60:b2:dc:16:b6:8d:2b:
db:cf:34:50:f1:f2:21:ef:0d:ec:3b:14:e8:3a:bc:af:51:79:
bc:d2:c0:dd:85:4b:58:6f:66:15:f2:6a:71:8c:c2:63:d9:67:
64:32:86:d9:1f:ec:07:71:cc:d2:11:82:c7:31:cf:90:cf:1f:
e8:2e:58:74:77:e4:6b:26:a8:35:60:84:79:7d:f8:de:48:06:
21:81:d5:34:5d:56:9a:9e:8a:59:3f:cd:cc:51:86:0f:b6:56:
87:3d:bb:50:13:52:2d:4b:f8:5f:71:84:f1:06:cf:d3:54:86:
1a:55:31:27:a6:78:ec:58:0c:e0:4c:06:05:36:d0:55:59:51:
63:10:db:dc:36:d5:8e:b4:fc:fb:6b:db:35:58:f9:d5:11:c5:
13:0a:77:01:19:da:2e:99:9d:ce:07:64:96:15:f2:3d:5e:16:
0b:ea:c6:e0:0d:db:fb:af:1a:93:11:2a:ce:0a:0b:3a:63:f0:
b2:f7:26:6f:08:de:41:b1:88:e2:ee:65:6b:0e:ef:b1:7d:12:
d0:14:7f:78:3c:4f:6c:0d:98:a5:60:53:e3:4e:4c:e0:7b:df:
f0:fa:db:e4:8c:6d:bd:20:2e:d5:c5:7a:39:72:a1:18:1c:2b:
cb:9b:67:da
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUQnVZ+E9u7AA81F55h/vJNQI3VUYwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDMyNTAwNDEzNFoX
DTI1MDQyOTIzNTk1OVowejFJMEcGA1UEBRNANDE0OTlhM2IwMjQ1ZDZiMGMzMDI1
ODlhNDkzMjk1OWE0OGNiZTc2ZGQ2NDNkMTgyNjAyNmE2ZmYwMWM2YzlkOTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2RPKde2EHxzIR6urFIaidnkU9vUQ
drZIhgjgtwJS4j1STxQGzKKoOleZqFNM9593CsHfK0LqnrLimeVq22lMfXf0ISNR
rfLKnJo/7wU0vVjlwB+KlfSwH4Sfx6fnhntMCcbwt1KDaPKPsHnWY7LhFM4Q5QVZ
TS+QnVj/KYwq0vyC0pV+qdAuTAtRAn8kE/Ezy7/14iazvZj4ucjzAPX3hcTxz7UT
pByDDO95AriD4o7J2zuCSnSTCCDhfIb+Lx3URShhsG8QrPD67NObgYKxVRpPWDKi
P77G011ACcbzcxDhgyp0ABUQv66UbYLlupMcLkrfq0UQoUSlr+FIRPsfJwIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFPLtsuMCg17OsEb2vlJf3ByKCEEMMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
LzczYzIyZjQxLTZkNzEtNGI1MS04Y2M2LTJiY2ZmNGZkY2FmNy5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAba9BBAMA0GCSqGSIb3DQEBCwUAA4IBAQAk12gainTBeoIgIWCy
3Ba2jSvbzzRQ8fIh7w3sOxToOryvUXm80sDdhUtYb2YV8mpxjMJj2WdkMobZH+wH
cczSEYLHMc+Qzx/oLlh0d+RrJqg1YIR5ffjeSAYhgdU0XVaanopZP83MUYYPtlaH
PbtQE1ItS/hfcYTxBs/TVIYaVTEnpnjsWAzgTAYFNtBVWVFjENvcNtWOtPz7a9s1
WPnVEcUTCncBGdoumZ3OB2SWFfI9XhYL6sbgDdv7rxqTESrOCgs6Y/Cy9yZvCN5B
sYji7mVrDu+xfRLQFH94PE9sDZilYFPjTkzge9/w+tvkjG29IC7VxXo5cqEYHCvL
m2fa
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:29:33 2025 by rpki-client