Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2f35c729-72a9-490b-b37f-984abc13307d.roa
File: 2f35c729-72a9-490b-b37f-984abc13307d.roa (raw, json)
Hash identifier: aoB4IRD0w4NZRt+/2bRQRIlF3OF6azwOKab+iYD3K24=
Subject key identifier: 31:DC:36:DD:69:BC:25:D3:69:FF:61:76:18:30:6F:E9:82:E6:7C:15
Certificate issuer: /CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Certificate serial: 209636535DFDCA59D7FCB62F0F815437BEEB4702
Authority key identifier: E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2f35c729-72a9-490b-b37f-984abc13307d.roa
Signing time: Fri 13 Dec 2024 00:00:00 +0000
ROA not before: Fri 13 Dec 2024 00:00:00 +0000
ROA not after: Fri 17 Jan 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2403:b300:1010::/48 maxlen: 48
Validation: Failed, certificate revoked on Fri 20 Dec 2024 01:38:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:96:36:53:5d:fd:ca:59:d7:fc:b6:2f:0f:81:54:37:be:eb:47:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A918806F0000/serialNumber=E7CADA5F0881D77BEA48B0768A3766B50065AF08
Validity
Not Before: Dec 13 00:00:00 2024 GMT
Not After : Jan 17 23:59:59 2025 GMT
Subject: serialNumber=5961e6f1d53ef77a3fd36b742274d0e670bc95862148a1b255656dafa9835d9e, CN=bb9a9116-f615-462e-a680-5266b327e0fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:87:bf:96:5b:13:12:90:29:ef:0c:a2:16:49:
03:d1:79:af:cd:db:dc:5e:63:92:fd:eb:f2:eb:74:
d5:9a:c2:a7:84:a6:b6:cb:5b:54:43:3d:6b:33:80:
f4:9a:6b:7b:10:68:9d:ac:59:02:6e:9b:2b:be:c9:
f2:69:7c:8a:d8:47:32:75:74:22:d6:21:27:cb:0e:
98:d1:71:d6:d1:c4:c4:d9:48:55:09:84:e4:ec:43:
c8:5b:05:2d:24:25:ff:33:ad:4b:08:04:48:0c:e6:
f6:4c:f8:63:e2:2a:7c:0e:34:d4:3b:41:31:4f:a5:
d7:59:2f:b2:11:68:22:80:0a:5e:60:51:0d:eb:14:
e2:31:31:97:0f:af:2c:84:94:75:2b:a0:65:8f:dd:
2c:4c:8d:8c:52:aa:5e:d6:5b:f0:b9:21:f8:79:65:
43:0a:d8:ce:b7:cc:18:76:d6:c3:c6:60:fa:10:b3:
98:ff:54:21:2e:59:91:01:e6:26:c8:a0:a6:81:e1:
cc:4f:d4:85:cb:d0:17:2b:0b:c7:eb:f9:7b:00:27:
df:2d:31:11:fe:f9:90:74:f9:81:86:c8:84:63:84:
38:7a:43:5f:4c:74:12:42:83:8a:af:ad:7a:db:21:
71:fe:1a:54:06:49:83:0b:ee:25:09:82:dd:77:99:
d7:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
31:DC:36:DD:69:BC:25:D3:69:FF:61:76:18:30:6F:E9:82:E6:7C:15
X509v3 Authority Key Identifier:
keyid:E7:CA:DA:5F:08:81:D7:7B:EA:48:B0:76:8A:37:66:B5:00:65:AF:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/58raXwiB13vqSLB2ijdmtQBlrwg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/2f35c729-72a9-490b-b37f-984abc13307d.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/708aafaf-00b4-485b-854c-0b32ca30f57b/12e59001-35ac-4abf-858f-37b955a24b3f.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2403:b300:1010::/48
Signature Algorithm: sha256WithRSAEncryption
29:30:43:ba:03:99:ce:62:41:96:eb:33:52:0a:72:35:19:73:
db:86:5e:52:74:8f:22:77:ca:bf:c8:cd:2c:ae:33:18:d8:5b:
16:03:ec:a8:dd:3d:54:65:3d:fb:63:4f:09:3d:39:b7:11:1d:
d2:3a:63:d7:11:07:91:f9:c4:d2:2d:e6:61:bd:66:5c:ea:17:
69:88:b9:d7:71:28:08:1c:6c:3b:57:37:ce:08:cf:95:20:92:
ed:fe:bf:8c:dc:2a:99:f2:24:55:3e:78:9b:2b:d4:1a:42:a2:
df:ed:12:2b:85:1a:e7:67:f5:d2:70:32:5e:43:f6:2c:62:e5:
c0:35:42:0b:04:a6:3e:17:ff:60:80:d7:74:0c:fb:7a:a6:1d:
a8:4a:85:e8:44:61:37:56:b5:53:52:3d:37:09:1f:5a:ec:df:
a8:c1:6d:11:24:88:d5:76:08:55:1f:07:85:a5:38:9d:df:19:
5a:57:c5:c1:06:93:eb:1c:23:32:d3:03:dc:fc:b8:9e:0c:23:
77:18:c1:2b:d8:7d:ce:24:30:de:62:17:7a:0a:b0:20:3a:dd:
6c:cd:a3:45:c7:a2:07:e0:a4:54:3b:a1:4f:cd:44:7b:ef:ca:
ec:e5:3f:65:1c:8d:4d:91:32:da:9b:54:45:fe:27:3b:4f:c6:
c2:74:85:25
-----BEGIN CERTIFICATE-----
MIIFnzCCBIegAwIBAgIUIJY2U139ylnX/LYvD4FUN77rRwIwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxODgwNkYwMDAwMTEwLwYDVQQFEyhFN0NBREE1RjA4
ODFENzdCRUE0OEIwNzY4QTM3NjZCNTAwNjVBRjA4MB4XDTI0MTIxMzAwMDAwMFoX
DTI1MDExNzIzNTk1OVowejFJMEcGA1UEBRNANTk2MWU2ZjFkNTNlZjc3YTNmZDM2
Yjc0MjI3NGQwZTY3MGJjOTU4NjIxNDhhMWIyNTU2NTZkYWZhOTgzNWQ5ZTEtMCsG
A1UEAxMkYmI5YTkxMTYtZjYxNS00NjJlLWE2ODAtNTI2NmIzMjdlMGZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4e/llsTEpAp7wyiFkkD0Xmvzdvc
XmOS/evy63TVmsKnhKa2y1tUQz1rM4D0mmt7EGidrFkCbpsrvsnyaXyK2EcydXQi
1iEnyw6Y0XHW0cTE2UhVCYTk7EPIWwUtJCX/M61LCARIDOb2TPhj4ip8DjTUO0Ex
T6XXWS+yEWgigApeYFEN6xTiMTGXD68shJR1K6Blj90sTI2MUqpe1lvwuSH4eWVD
CtjOt8wYdtbDxmD6ELOY/1QhLlmRAeYmyKCmgeHMT9SFy9AXKwvH6/l7ACffLTER
/vmQdPmBhsiEY4Q4ekNfTHQSQoOKr6162yFx/hpUBkmDC+4lCYLdd5nX5QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFDHcNt1pvCXTaf9hdhgwb+mC5nwVMB8GA1UdIwQY
MBaAFOfK2l8Igdd76kiwdoo3ZrUAZa8IMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi81OHJhWHdp
QjEzdnFTTEIyaWpkbXRRQmxyd2cuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvNzA4YWFmYWYtMDBiNC00ODViLTg1NGMtMGIzMmNhMzBmNTdi
LzJmMzVjNzI5LTcyYTktNDkwYi1iMzdmLTk4NGFiYzEzMzA3ZC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS83MDhhYWZhZi0wMGI0LTQ4NWItODU0Yy0wYjMy
Y2EzMGY1N2IvMTJlNTkwMDEtMzVhYy00YWJmLTg1OGYtMzdiOTU1YTI0YjNmLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAP
BAIAAjAJAwcAJAOzABAQMA0GCSqGSIb3DQEBCwUAA4IBAQApMEO6A5nOYkGW6zNS
CnI1GXPbhl5SdI8id8q/yM0srjMY2FsWA+yo3T1UZT37Y08JPTm3ER3SOmPXEQeR
+cTSLeZhvWZc6hdpiLnXcSgIHGw7VzfOCM+VIJLt/r+M3CqZ8iRVPnibK9QaQqLf
7RIrhRrnZ/XScDJeQ/YsYuXANUILBKY+F/9ggNd0DPt6ph2oSoXoRGE3VrVTUj03
CR9a7N+owW0RJIjVdghVHweFpTid3xlaV8XBBpPrHCMy0wPc/LieDCN3GMEr2H3O
JDDeYhd6CrAgOt1szaNFx6IH4KRUO6FPzUR778rs5T9lHI1NkTLam1RF/ic7T8bC
dIUl
-----END CERTIFICATE-----
Generated at Fri Dec 20 03:50:07 2024 by rpki-client on console.sobornost.net