Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/53444f16-12b0-454c-a0a2-d187f20f7db6.roa
File: 53444f16-12b0-454c-a0a2-d187f20f7db6.roa (raw, json)
Hash identifier: zwOAca9wXaL3Clmf/NMjNYMfaTYpHIeeITNP4B1ZV3c=
Subject key identifier: 53:65:7C:03:A1:27:C5:43:29:80:0F:3B:FC:21:3D:92:09:87:B6:FF
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 130513B00143DEC51DBC7261CBEAEFACB258D7BC
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/53444f16-12b0-454c-a0a2-d187f20f7db6.roa
Signing time: Tue 07 Jan 2025 00:00:00 +0000
ROA not before: Tue 07 Jan 2025 00:00:00 +0000
ROA not after: Tue 11 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 43.250.192.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 14 Jan 2025 07:24:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
13:05:13:b0:01:43:de:c5:1d:bc:72:61:cb:ea:ef:ac:b2:58:d7:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Jan 7 00:00:00 2025 GMT
Not After : Feb 11 23:59:59 2025 GMT
Subject: serialNumber=c1e8fa887ea607e350ea2c96c6f714187a0ae88603166326c0e1849cbd867962, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:26:a1:60:11:95:93:d6:a2:5d:53:d5:f2:7f:
88:b9:9a:67:2b:45:01:3f:84:6c:00:86:8d:66:34:
35:27:6a:6c:c5:79:46:ff:5d:3a:04:e1:17:7e:b4:
59:c6:32:ab:7c:4c:b2:11:e2:59:62:36:f1:b6:1b:
44:9d:87:3c:65:1f:9a:bb:f1:ea:e9:52:d3:d4:cb:
8c:d9:4d:48:65:fb:ab:b6:73:81:53:a8:81:09:0a:
3e:ae:a3:61:d0:9d:fb:85:11:0d:93:82:b5:20:95:
bf:7c:7a:53:72:68:7f:ee:f3:e6:8a:2b:12:e8:4a:
20:1b:71:07:62:46:2f:1f:9b:73:67:25:25:99:7d:
7a:3d:84:6e:62:72:c0:1b:8d:32:6f:5b:85:8c:80:
83:8b:6c:3e:4e:74:af:33:6e:fd:17:1d:14:b9:56:
54:e6:2c:8d:5c:3d:c2:f6:20:58:22:ad:a3:ef:32:
bf:ef:51:5f:71:1e:c9:5b:ed:29:fe:bd:6c:5a:db:
7f:66:f2:19:9a:6a:32:eb:48:43:75:5b:b8:94:80:
c2:15:73:2f:56:20:bf:b8:b5:cd:ec:cf:49:8e:46:
23:ce:45:0d:f3:d7:8e:2b:4f:e0:80:18:7f:c5:53:
4f:ac:2f:a4:fd:df:eb:6c:ea:08:3e:a4:ba:19:7e:
02:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:65:7C:03:A1:27:C5:43:29:80:0F:3B:FC:21:3D:92:09:87:B6:FF
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/53444f16-12b0-454c-a0a2-d187f20f7db6.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
43.250.192.0/24
Signature Algorithm: sha256WithRSAEncryption
88:18:a6:f1:21:6c:30:4a:e2:01:d0:18:d2:a9:33:2c:09:60:
56:8a:b1:69:38:5c:50:42:85:42:59:52:39:6f:df:dd:9d:3c:
45:9f:db:04:5a:2e:b7:dc:0d:45:4f:90:00:fa:f5:7f:58:26:
77:de:a0:88:87:d7:61:44:69:da:9e:b8:05:c6:a9:9c:fa:64:
56:bc:04:be:5d:9f:f4:98:56:53:b3:c0:59:69:84:50:e4:78:
ca:b8:dd:3b:b2:83:0c:0e:72:c4:3a:9c:c4:ba:31:f8:f5:24:
e5:f1:3a:ed:32:a7:e0:98:8f:d0:b6:a9:4a:79:2c:ab:a1:f3:
13:99:e1:85:a3:4a:14:22:56:6d:68:0a:23:2e:c8:2e:ad:8b:
f5:f0:41:dc:3c:b6:66:2a:b3:65:a9:ac:85:a6:9f:0a:9b:e5:
db:af:7c:b0:74:b4:25:f5:4c:8f:d3:41:f6:83:af:03:1c:c1:
6d:10:48:9d:09:cb:c2:e1:70:09:37:39:93:0f:14:33:67:17:
bf:ac:4b:b2:0c:03:78:f2:a0:6c:a7:d5:b7:e5:73:49:fa:5c:
37:ac:a6:61:30:c2:8c:1b:09:38:22:1e:96:b6:0d:a8:0f:a0:
5d:47:01:af:52:ef:f7:9c:0e:7e:8f:37:94:05:c3:df:b1:86:
b9:77:f0:f7
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUEwUTsAFD3sUdvHJhy+rvrLJY17wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI1MDEwNzAwMDAwMFoX
DTI1MDIxMTIzNTk1OVowejFJMEcGA1UEBRNAYzFlOGZhODg3ZWE2MDdlMzUwZWEy
Yzk2YzZmNzE0MTg3YTBhZTg4NjAzMTY2MzI2YzBlMTg0OWNiZDg2Nzk2MjEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzyahYBGVk9aiXVPV8n+IuZpnK0UB
P4RsAIaNZjQ1J2psxXlG/106BOEXfrRZxjKrfEyyEeJZYjbxthtEnYc8ZR+au/Hq
6VLT1MuM2U1IZfurtnOBU6iBCQo+rqNh0J37hRENk4K1IJW/fHpTcmh/7vPmiisS
6EogG3EHYkYvH5tzZyUlmX16PYRuYnLAG40yb1uFjICDi2w+TnSvM279Fx0UuVZU
5iyNXD3C9iBYIq2j7zK/71FfcR7JW+0p/r1sWtt/ZvIZmmoy60hDdVu4lIDCFXMv
ViC/uLXN7M9JjkYjzkUN89eOK0/ggBh/xVNPrC+k/d/rbOoIPqS6GX4CsQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFFNlfAOhJ8VDKYAPO/whPZIJh7b/MB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzUzNDQ0ZjE2LTEyYjAtNDU0Yy1hMGEyLWQxODdmMjBmN2RiNi5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQAK/rAMA0GCSqGSIb3DQEBCwUAA4IBAQCIGKbxIWwwSuIB0BjSqTMs
CWBWirFpOFxQQoVCWVI5b9/dnTxFn9sEWi633A1FT5AA+vV/WCZ33qCIh9dhRGna
nrgFxqmc+mRWvAS+XZ/0mFZTs8BZaYRQ5HjKuN07soMMDnLEOpzEujH49STl8Trt
MqfgmI/QtqlKeSyrofMTmeGFo0oUIlZtaAojLsgurYv18EHcPLZmKrNlqayFpp8K
m+Xbr3ywdLQl9UyP00H2g68DHMFtEEidCcvC4XAJNzmTDxQzZxe/rEuyDAN48qBs
p9W35XNJ+lw3rKZhMMKMGwk4Ih6Wtg2oD6BdRwGvUu/3nA5+jzeUBcPfsYa5d/D3
-----END CERTIFICATE-----
Generated at Tue Jan 14 13:05:13 2025 by rpki-client on console.sobornost.net