Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/55399736-f7a1-421f-ae49-44f3fdfab3e0.roa
File: 55399736-f7a1-421f-ae49-44f3fdfab3e0.roa (raw, json)
Hash identifier: hipYHGOacLSQkkFmZGjcFUF8CZ0S7xXsYsxfPW8jhnc=
Subject key identifier: E3:12:2B:F3:F5:D0:75:77:32:B6:BD:97:C2:49:9A:80:E7:90:CF:74
Certificate issuer: /CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Certificate serial: 632C9E0F2382E5E931BB8CBF28FFBA760606AC10
Authority key identifier: BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/55399736-f7a1-421f-ae49-44f3fdfab3e0.roa
Signing time: Fri 29 Nov 2024 00:00:00 +0000
ROA not before: Fri 29 Nov 2024 00:00:00 +0000
ROA not after: Fri 03 Jan 2025 23:59:59 +0000
asID: 8987
IP address blocks: 122.248.192.0/18 maxlen: 24
Validation: Failed, certificate revoked on Wed 18 Dec 2024 01:53:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:2c:9e:0f:23:82:e5:e9:31:bb:8c:bf:28:ff:ba:76:06:06:ac:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91609040001/serialNumber=BCE9BA11292F847512C0A8412E51E6E3BA0D991D
Validity
Not Before: Nov 29 00:00:00 2024 GMT
Not After : Jan 3 23:59:59 2025 GMT
Subject: serialNumber=04818219bc47462d42aa8dfd35f8fa0a5febe608dee84cb0ba726ace12f21ffd, CN=1684111e-31c1-42e6-8f20-fc9ab8b5cf57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:40:99:a2:e8:8c:c6:08:ff:8a:81:23:76:4d:
b4:48:de:f3:84:19:92:d7:f9:44:df:12:ca:ff:b6:
ca:0a:30:92:4b:75:a9:fd:3f:c3:83:a7:9e:48:30:
98:23:51:6f:48:fe:e6:c1:da:1e:dc:c8:5c:9a:46:
90:54:b5:0e:9b:6b:6a:66:59:c6:ae:aa:d8:d4:7b:
83:f1:ea:0a:ae:fc:f7:a1:28:2a:17:fd:fc:5c:fc:
95:e6:44:82:77:61:c2:7c:92:2f:86:66:b8:9a:82:
9f:e1:fc:c3:ea:14:dc:e8:16:db:57:aa:c1:14:78:
c4:fa:60:0f:fb:62:02:45:68:bd:a8:05:67:d4:79:
0b:99:b7:c8:98:06:c1:6f:86:84:75:f0:b5:f1:f5:
9e:65:83:a0:47:d2:f4:d1:37:bb:c9:90:41:36:f2:
0d:ad:fe:e8:9e:3d:f3:d3:be:05:84:4f:13:7d:87:
76:07:ef:f6:af:5d:eb:63:fa:21:6d:7a:7a:dc:15:
14:12:6b:b4:dc:41:36:8c:97:09:b5:75:f2:fe:2c:
5a:2b:47:ee:93:3a:d1:39:f1:1d:5f:30:ff:d1:2a:
78:a3:b8:ec:93:f1:ec:0d:85:a2:0e:46:fa:42:a1:
84:87:e1:1c:53:d4:e1:f9:2c:84:bd:73:82:1e:db:
13:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:12:2B:F3:F5:D0:75:77:32:B6:BD:97:C2:49:9A:80:E7:90:CF:74
X509v3 Authority Key Identifier:
keyid:BC:E9:BA:11:29:2F:84:75:12:C0:A8:41:2E:51:E6:E3:BA:0D:99:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/vOm6ESkvhHUSwKhBLlHm47oNmR0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/55399736-f7a1-421f-ae49-44f3fdfab3e0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/bd48a1fa-3471-4ab2-8508-ad36b96813e4/220cee0c-6002-409a-8194-38e216c0096c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
122.248.192.0/18
Signature Algorithm: sha256WithRSAEncryption
c7:5a:ec:95:d1:4e:cb:ff:ac:a3:29:c8:11:82:c2:e7:09:af:
71:7c:ef:2b:03:a5:97:dc:9b:18:d8:30:09:fe:91:92:6d:b4:
67:41:bc:ee:6a:a9:13:f4:38:9d:ca:dc:e2:d5:41:24:6f:d1:
ea:ce:0c:4d:9a:5d:e0:94:d4:04:3a:7f:c0:b5:fc:54:59:17:
95:f5:d8:7a:fd:75:c7:a2:38:e5:09:51:5c:52:1a:c2:f8:10:
76:d0:c5:3f:9b:5c:70:65:1d:5c:23:16:01:e9:4b:92:97:c0:
89:87:56:af:66:24:d5:c0:d0:5b:0b:6b:f3:3a:50:99:bb:d4:
c7:90:48:b2:47:7f:af:86:6c:22:f2:1c:bc:9c:31:0f:73:5e:
b2:ad:b7:22:8b:07:9e:f1:03:a3:df:f2:74:16:0f:1b:4c:33:
8c:fe:59:51:75:fb:48:d2:ca:82:ef:20:b7:f0:37:5b:d0:c7:
36:c0:64:8e:9f:8e:9e:dc:2d:eb:33:c5:b5:9a:95:aa:ec:72:
99:89:08:52:7c:87:b8:a4:94:14:96:5a:bc:68:77:f2:16:30:
b5:6b:30:67:d3:b4:ae:44:2a:2f:70:b8:0b:eb:0e:80:d1:4f:
c1:a8:ea:67:d4:ff:0b:52:5b:b9:a2:e3:b9:25:b2:44:5a:aa:
26:f2:3a:b1
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgIUYyyeDyOC5ekxu4y/KP+6dgYGrBAwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxNjA5MDQwMDAxMTEwLwYDVQQFEyhCQ0U5QkExMTI5
MkY4NDc1MTJDMEE4NDEyRTUxRTZFM0JBMEQ5OTFEMB4XDTI0MTEyOTAwMDAwMFoX
DTI1MDEwMzIzNTk1OVowejFJMEcGA1UEBRNAMDQ4MTgyMTliYzQ3NDYyZDQyYWE4
ZGZkMzVmOGZhMGE1ZmViZTYwOGRlZTg0Y2IwYmE3MjZhY2UxMmYyMWZmZDEtMCsG
A1UEAxMkMTY4NDExMWUtMzFjMS00MmU2LThmMjAtZmM5YWI4YjVjZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt0CZouiMxgj/ioEjdk20SN7zhBmS
1/lE3xLK/7bKCjCSS3Wp/T/Dg6eeSDCYI1FvSP7mwdoe3MhcmkaQVLUOm2tqZlnG
rqrY1HuD8eoKrvz3oSgqF/38XPyV5kSCd2HCfJIvhma4moKf4fzD6hTc6BbbV6rB
FHjE+mAP+2ICRWi9qAVn1HkLmbfImAbBb4aEdfC18fWeZYOgR9L00Te7yZBBNvIN
rf7onj3z074FhE8TfYd2B+/2r13rY/ohbXp63BUUEmu03EE2jJcJtXXy/ixaK0fu
kzrROfEdXzD/0Sp4o7jsk/HsDYWiDkb6QqGEh+EcU9Th+SyEvXOCHtsTwQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFOMSK/P10HV3Mra9l8JJmoDnkM90MB8GA1UdIwQY
MBaAFLzpuhEpL4R1EsCoQS5R5uO6DZkdMA4GA1UdDwEB/wQEAwIHgDB+BggrBgEF
BQcBAQRyMHAwbgYIKwYBBQUHMAKGYnJzeW5jOi8vcnBraS5hcG5pYy5uZXQvcmVw
b3NpdG9yeS9CNTI3RUY1ODFENjYxMUUyQkI0NjhGN0M3MkZEMUZGMi92T202RVNr
dmhIVVN3S2hCTGxIbTQ3b05tUjAuY2VyMIGeBggrBgEFBQcBCwSBkTCBjjCBiwYI
KwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9uYXdz
LmNvbS92b2x1bWUvYmQ0OGExZmEtMzQ3MS00YWIyLTg1MDgtYWQzNmI5NjgxM2U0
LzU1Mzk5NzM2LWY3YTEtNDIxZi1hZTQ5LTQ0ZjNmZGZhYjNlMC5yb2EwgZUGA1Ud
HwSBjTCBijCBh6CBhKCBgYZ/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9iZDQ4YTFmYS0zNDcxLTRhYjItODUwOC1hZDM2
Yjk2ODEzZTQvMjIwY2VlMGMtNjAwMi00MDlhLTgxOTQtMzhlMjE2YzAwOTZjLmNy
bDAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAM
BAIAATAGAwQGevjAMA0GCSqGSIb3DQEBCwUAA4IBAQDHWuyV0U7L/6yjKcgRgsLn
Ca9xfO8rA6WX3JsY2DAJ/pGSbbRnQbzuaqkT9Didytzi1UEkb9HqzgxNml3glNQE
On/AtfxUWReV9dh6/XXHojjlCVFcUhrC+BB20MU/m1xwZR1cIxYB6UuSl8CJh1av
ZiTVwNBbC2vzOlCZu9THkEiyR3+vhmwi8hy8nDEPc16yrbciiwee8QOj3/J0Fg8b
TDOM/llRdftI0sqC7yC38Ddb0Mc2wGSOn46e3C3rM8W1mpWq7HKZiQhSfIe4pJQU
llq8aHfyFjC1azBn07SuRCovcLgL6w6A0U/BqOpn1P8LUlu5ouO5JbJEWqom8jqx
-----END CERTIFICATE-----
Generated at Wed Dec 18 04:28:51 2024 by rpki-client on console.sobornost.net