Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f96e63d5-7229-4501-9d4f-5b2c454c3355.roa
File: f96e63d5-7229-4501-9d4f-5b2c454c3355.roa (raw, json)
Hash identifier: psuRnGLlTvLyc8lWrLg6PDeDalftktQV2goqeru3P2s=
Subject key identifier: 48:0C:D9:C1:49:09:5A:53:39:73:7C:60:5C:5C:5F:A4:BF:25:7A:46
Certificate issuer: /CN=A91F635F0000/serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Certificate serial: 5F006BEF5B8EA0D1BF074C488A5DB4B7593EBC49
Authority key identifier: 40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f96e63d5-7229-4501-9d4f-5b2c454c3355.roa
Signing time: Thu 17 Apr 2025 16:08:44 +0000
ROA not before: Thu 17 Apr 2025 16:08:44 +0000
ROA not after: Thu 22 May 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2406:daee:4800::/40 maxlen: 40
Validation: Failed, certificate revoked on Thu 17 Apr 2025 20:09:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5f:00:6b:ef:5b:8e:a0:d1:bf:07:4c:48:8a:5d:b4:b7:59:3e:bc:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91F635F0000, serialNumber=4076825524D2C66D2E10436FE65E93E8C1BD4A37
Validity
Not Before: Apr 17 16:08:44 2025 GMT
Not After : May 22 23:59:59 2025 GMT
Subject: serialNumber=b9bd933f02b0bb8c82376a030083128cd3bb5edd91ed614e9828dde09c2ed891, CN=c0bf0fe8-717c-4f72-9b45-c9c519132a81
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:56:4e:85:be:9f:01:15:eb:b8:3c:3d:14:4d:
65:76:9c:e4:8f:f7:e5:a6:9f:f0:17:da:a6:9e:99:
41:44:b3:27:61:b9:37:82:d9:79:3a:a8:a0:e7:66:
44:f5:46:1b:b6:43:9c:2d:0f:26:a1:4d:e6:c2:1f:
cf:73:0e:e8:49:ee:df:09:54:8e:fc:74:3b:26:4b:
4a:c7:2f:9f:03:41:22:28:4b:4c:5b:f9:7c:5b:d2:
4c:6f:09:55:ae:a0:28:a7:63:06:a1:f0:aa:41:19:
08:a5:0e:79:0c:1f:a3:86:c1:e8:52:8c:9f:3d:04:
fc:5a:f2:88:5f:83:9e:94:ae:fa:25:53:52:cf:e2:
c5:c4:82:15:52:e8:62:c3:d0:f1:3e:36:92:57:ed:
77:08:d5:62:c1:a2:c6:92:4a:70:cd:b5:16:df:99:
a4:f7:0e:65:1b:2c:a9:bb:44:33:a1:30:c2:96:0d:
c4:e3:2a:24:17:b4:af:a5:66:98:26:09:be:08:7d:
60:df:dd:c3:fa:7b:2d:13:d9:f2:42:6d:79:a5:18:
6f:e0:c4:c7:12:a1:21:0a:b9:f0:2f:6e:be:20:04:
df:9a:33:90:b5:7d:69:5e:23:3a:ea:71:8f:32:82:
71:f6:2b:22:7b:9f:8b:4f:cd:7f:e8:e0:73:4e:85:
81:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:0C:D9:C1:49:09:5A:53:39:73:7C:60:5C:5C:5F:A4:BF:25:7A:46
X509v3 Authority Key Identifier:
keyid:40:76:82:55:24:D2:C6:6D:2E:10:43:6F:E6:5E:93:E8:C1:BD:4A:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/QHaCVSTSxm0uEENv5l6T6MG9Sjc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/f96e63d5-7229-4501-9d4f-5b2c454c3355.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/08c2f264-23f9-49fb-9d43-f8b50bec9261/7ba17863-a613-4197-9ed5-beda6a89869f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2406:daee:4800::/40
Signature Algorithm: sha256WithRSAEncryption
c9:17:5f:21:d3:2a:54:b7:8a:c2:b0:14:ad:13:b1:17:18:8f:
b0:21:82:8f:3f:26:98:05:f3:5a:7d:e9:e1:8c:d8:94:74:4a:
18:f6:b6:d8:a2:15:52:49:33:5f:ee:03:44:85:27:ef:c0:45:
55:04:1e:02:56:4c:fb:ba:23:9b:d8:0f:9e:f0:c7:44:69:7d:
9e:ae:e6:96:45:e9:dd:d7:9e:ec:04:a2:b9:c9:6c:ed:24:c6:
bb:1e:92:df:f7:8e:b1:99:84:48:59:8d:9c:18:bf:83:8b:47:
9f:f7:33:70:41:d6:37:73:b7:00:9c:93:6e:73:7e:13:09:7b:
8e:68:83:b8:14:11:b4:b5:22:0a:31:ee:7b:65:44:f1:91:34:
39:cd:90:e6:8e:07:87:45:4a:ba:60:e2:50:4e:96:6e:99:b0:
0b:fb:11:0a:45:3b:c1:bd:b8:3e:75:bd:17:b6:d2:c2:ba:ca:
06:d0:6f:eb:8c:d0:ca:24:20:a6:f1:7a:32:aa:e0:2d:86:cb:
28:e1:aa:6c:88:b1:55:98:53:99:c8:95:0d:d4:8e:55:67:82:
41:6d:bc:11:8c:6f:34:b4:56:b9:77:60:b8:8c:07:51:73:26:
3c:72:fc:92:bb:cc:f3:77:82:7d:89:71:c5:f7:6b:04:d3:76:
be:4c:b7:7c
-----BEGIN CERTIFICATE-----
MIIFnjCCBIagAwIBAgIUXwBr71uOoNG/B0xIil20t1k+vEkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxRjYzNUYwMDAwMTEwLwYDVQQFEyg0MDc2ODI1NTI0
RDJDNjZEMkUxMDQzNkZFNjVFOTNFOEMxQkQ0QTM3MB4XDTI1MDQxNzE2MDg0NFoX
DTI1MDUyMjIzNTk1OVowejFJMEcGA1UEBRNAYjliZDkzM2YwMmIwYmI4YzgyMzc2
YTAzMDA4MzEyOGNkM2JiNWVkZDkxZWQ2MTRlOTgyOGRkZTA5YzJlZDg5MTEtMCsG
A1UEAxMkYzBiZjBmZTgtNzE3Yy00ZjcyLTliNDUtYzljNTE5MTMyYTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv1ZOhb6fARXruDw9FE1ldpzkj/fl
pp/wF9qmnplBRLMnYbk3gtl5Oqig52ZE9UYbtkOcLQ8moU3mwh/Pcw7oSe7fCVSO
/HQ7JktKxy+fA0EiKEtMW/l8W9JMbwlVrqAop2MGofCqQRkIpQ55DB+jhsHoUoyf
PQT8WvKIX4OelK76JVNSz+LFxIIVUuhiw9DxPjaSV+13CNViwaLGkkpwzbUW35mk
9w5lGyypu0QzoTDClg3E4yokF7SvpWaYJgm+CH1g393D+nstE9nyQm15pRhv4MTH
EqEhCrnwL26+IATfmjOQtX1pXiM66nGPMoJx9isie5+LT81/6OBzToWBBQIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFEgM2cFJCVpTOXN8YFxcX6S/JXpGMB8GA1UdIwQY
MBaAFEB2glUk0sZtLhBDb+Zek+jBvUo3MA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi9RSGFDVlNU
U3htMHVFRU52NWw2VDZNRzlTamMuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvMDhjMmYyNjQtMjNmOS00OWZiLTlkNDMtZjhiNTBiZWM5MjYx
L2Y5NmU2M2Q1LTcyMjktNDUwMS05ZDRmLTViMmM0NTRjMzM1NS5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8wOGMyZjI2NC0yM2Y5LTQ5ZmItOWQ0My1mOGI1
MGJlYzkyNjEvN2JhMTc4NjMtYTYxMy00MTk3LTllZDUtYmVkYTZhODk4NjlmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAO
BAIAAjAIAwYAJAba7kgwDQYJKoZIhvcNAQELBQADggEBAMkXXyHTKlS3isKwFK0T
sRcYj7Ahgo8/JpgF81p96eGM2JR0Shj2ttiiFVJJM1/uA0SFJ+/ARVUEHgJWTPu6
I5vYD57wx0RpfZ6u5pZF6d3XnuwEornJbO0kxrsekt/3jrGZhEhZjZwYv4OLR5/3
M3BB1jdztwCck25zfhMJe45og7gUEbS1Igox7ntlRPGRNDnNkOaOB4dFSrpg4lBO
lm6ZsAv7EQpFO8G9uD51vRe20sK6ygbQb+uM0MokIKbxejKq4C2GyyjhqmyIsVWY
U5nIlQ3UjlVngkFtvBGMbzS0Vrl3YLiMB1FzJjxy/JK7zPN3gn2JccX3awTTdr5M
t3w=
-----END CERTIFICATE-----
Generated at Sat Apr 26 07:33:51 2025 by rpki-client