Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2430eb67-8d2b-4d5d-979e-b7427ddfa348.roa
File: 2430eb67-8d2b-4d5d-979e-b7427ddfa348.roa (raw, json)
Hash identifier: 2ebhriI4Ev3JNwrGza9vgp2y3vhEGWmU+wmIhxWEK4U=
Subject key identifier: 64:EE:44:6D:53:2D:55:BF:91:5B:39:1A:18:BA:29:D2:05:69:51:58
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 60043B16AC0B9C86725C3A978370B8FB783D848E
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2430eb67-8d2b-4d5d-979e-b7427ddfa348.roa
Signing time: Wed 25 Dec 2024 00:00:00 +0000
ROA not before: Wed 25 Dec 2024 00:00:00 +0000
ROA not after: Wed 29 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 43.224.76.0/22 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 07:22:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:04:3b:16:ac:0b:9c:86:72:5c:3a:97:83:70:b8:fb:78:3d:84:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Dec 25 00:00:00 2024 GMT
Not After : Jan 29 23:59:59 2025 GMT
Subject: serialNumber=1916b9b7575bd17cab46290607e04cc6df897f5c7fcb673b4606d6a15e711dbc, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ac:b5:3f:e3:a4:8f:d6:cb:bd:f8:fb:5a:2f:
95:d5:ed:f3:ba:ea:7a:70:dc:14:eb:8b:b0:44:e3:
af:95:c2:b2:64:e4:26:31:78:b5:0b:19:8e:c4:d9:
61:a7:35:93:16:61:ec:e7:86:0a:38:9c:8b:e4:b7:
5e:e3:ba:ba:bf:a1:11:08:ce:bc:c5:35:3e:0a:dc:
4e:47:1c:f9:6e:3c:16:20:b6:ac:d8:fe:3c:fc:ed:
d2:ef:b9:e4:ab:d7:4b:58:8d:16:cf:4e:2b:77:e3:
d9:71:c4:05:d0:b0:f2:24:5d:4c:55:21:79:c9:85:
f1:12:29:58:d9:ab:6d:fa:88:25:ac:5a:84:4a:85:
97:df:45:30:c2:4d:bb:c4:cc:90:07:d0:66:2c:8e:
9c:37:9a:17:58:78:ee:40:8b:22:f5:8d:a9:e3:73:
fc:fe:81:f1:75:69:ef:bd:97:b7:eb:67:b7:6d:01:
26:a8:34:74:b5:84:73:8d:04:ae:80:52:91:e7:ea:
7a:3f:23:5c:bf:b5:33:a4:2c:e4:98:b2:c1:25:c6:
3f:f6:f1:07:bb:93:de:89:36:f4:3a:1c:46:88:5f:
e5:68:cd:14:39:79:f4:32:f5:55:4a:ad:eb:96:a9:
dd:4a:93:8f:1d:47:62:bc:a8:90:39:b9:3d:cf:ba:
a1:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:EE:44:6D:53:2D:55:BF:91:5B:39:1A:18:BA:29:D2:05:69:51:58
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2430eb67-8d2b-4d5d-979e-b7427ddfa348.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.224.76.0/22
Signature Algorithm: sha256WithRSAEncryption
38:08:3a:b4:05:4b:47:52:94:ea:71:22:e9:33:ef:98:15:ef:
b3:02:75:f1:ca:86:7d:63:ff:0d:d1:da:86:5d:51:0b:d8:d6:
5f:34:b7:a1:23:a6:f9:74:ab:a7:b0:71:fb:64:50:36:80:d7:
de:d4:85:5a:2c:2c:46:6f:26:19:9e:60:e4:43:aa:8b:8c:a3:
d7:db:0c:b0:f7:4d:77:f2:77:a4:eb:fa:f9:e3:80:98:53:84:
15:aa:1b:43:5e:2d:c7:66:b3:cd:20:f1:ad:63:4f:ae:02:db:
df:c7:37:17:50:96:7d:d6:fc:3a:31:22:07:23:7c:79:31:54:
a5:0b:c0:5d:42:9b:ff:f8:d4:11:e1:e5:4e:81:db:9b:7d:c9:
86:24:76:70:89:74:98:d5:b2:bb:30:16:52:9a:6c:e9:1b:68:
46:d8:92:9e:fc:9d:37:91:a7:7d:fd:f6:aa:fb:23:df:28:26:
70:8e:b2:f6:50:0e:c8:40:60:0b:47:00:06:32:b8:38:4e:f7:
2d:76:c9:53:d2:5a:0f:71:4a:72:28:7f:ff:00:6d:38:f1:94:
54:9b:21:80:5e:ce:9c:cc:38:b1:95:43:a2:c2:7c:5a:61:c0:
7c:26:51:f9:ae:30:24:f4:d8:91:d0:e5:2d:24:18:cf:4a:8c:
ff:82:93:3f
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUYAQ7FqwLnIZyXDqXg3C4+3g9hI4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIyNTAwMDAwMFoX
DTI1MDEyOTIzNTk1OVowejFJMEcGA1UEBRNAMTkxNmI5Yjc1NzViZDE3Y2FiNDYy
OTA2MDdlMDRjYzZkZjg5N2Y1YzdmY2I2NzNiNDYwNmQ2YTE1ZTcxMWRiYzEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnay1P+Okj9bLvfj7Wi+V1e3zuup6
cNwU64uwROOvlcKyZOQmMXi1CxmOxNlhpzWTFmHs54YKOJyL5Lde47q6v6ERCM68
xTU+CtxORxz5bjwWILas2P48/O3S77nkq9dLWI0Wz04rd+PZccQF0LDyJF1MVSF5
yYXxEilY2att+oglrFqESoWX30Uwwk27xMyQB9BmLI6cN5oXWHjuQIsi9Y2p43P8
/oHxdWnvvZe362e3bQEmqDR0tYRzjQSugFKR5+p6PyNcv7UzpCzkmLLBJcY/9vEH
u5PeiTb0OhxGiF/laM0UOXn0MvVVSq3rlqndSpOPHUdivKiQObk9z7qh4wIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFGTuRG1TLVW/kVs5Ghi6KdIFaVFYMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzI0MzBlYjY3LThkMmItNGQ1ZC05NzllLWI3NDI3ZGRmYTM0OC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQCK+BMMA0GCSqGSIb3DQEBCwUAA4IBAQA4CDq0BUtHUpTqcSLpM++Y
Fe+zAnXxyoZ9Y/8N0dqGXVEL2NZfNLehI6b5dKunsHH7ZFA2gNfe1IVaLCxGbyYZ
nmDkQ6qLjKPX2wyw90138nek6/r544CYU4QVqhtDXi3HZrPNIPGtY0+uAtvfxzcX
UJZ91vw6MSIHI3x5MVSlC8BdQpv/+NQR4eVOgdubfcmGJHZwiXSY1bK7MBZSmmzp
G2hG2JKe/J03kad9/faq+yPfKCZwjrL2UA7IQGALRwAGMrg4TvctdslT0loPcUpy
KH//AG048ZRUmyGAXs6czDixlUOiwnxaYcB8JlH5rjAk9NiR0OUtJBjPSoz/gpM/
-----END CERTIFICATE-----
Generated at Tue Jan 14 13:05:13 2025 by rpki-client on console.sobornost.net