Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cc82640-c722-44ce-bff6-49d4568f1de3.roa
File: 0cc82640-c722-44ce-bff6-49d4568f1de3.roa (raw, json)
Hash identifier: YsXXlH3QLUANSyjud3/uUgqat6v6m4VgfNk9jFK5Gyw=
Subject key identifier: 01:9C:2D:AC:76:04:6A:A5:55:D4:AB:11:D8:2D:7C:0C:4B:BD:45:0C
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 78EC81A712002E0115A0404DDFB07472CBA3D47E
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cc82640-c722-44ce-bff6-49d4568f1de3.roa
Signing time: Thu 22 May 2025 01:22:28 +0000
ROA not before: Thu 22 May 2025 01:22:28 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:6040::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:07:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
78:ec:81:a7:12:00:2e:01:15:a0:40:4d:df:b0:74:72:cb:a3:d4:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:22:28 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=3a0e553811ab64b213f3cd1a93eefb40a4fd274dec637d4e67a71891cbabb707, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:5e:55:c6:45:2a:33:23:06:c4:16:d5:db:57:
77:74:4f:cb:91:44:ee:40:ed:fe:8c:f0:6b:ab:f4:
e7:ff:a3:7a:40:e3:5f:0e:c5:6a:96:a9:3c:4e:f7:
36:7c:55:8e:02:d8:d4:24:22:85:68:6c:e4:01:59:
79:aa:66:94:d0:44:65:bd:08:74:1e:c7:9a:a0:b2:
1a:0a:dc:1b:26:79:78:19:fe:01:c7:ef:e0:57:19:
85:69:ba:bf:56:68:35:5c:70:ec:46:33:b6:d7:d8:
09:13:79:b5:f9:9e:5c:41:78:2e:05:3a:66:1a:a0:
e7:65:56:0a:02:f4:9c:ca:58:08:e8:b3:e7:2b:a6:
f5:5d:9b:03:dd:33:48:c3:4a:bb:08:2d:69:a5:47:
8b:6f:3c:72:d8:bb:11:7d:f9:11:54:72:38:75:37:
39:1e:0c:de:fe:fc:d2:0e:e2:26:cf:b4:dd:07:f0:
c6:41:f8:fe:96:0a:13:b9:d4:60:f1:25:eb:0c:55:
66:e8:72:bc:6a:1c:72:b7:94:f0:95:2d:1a:44:94:
45:eb:90:ab:0e:fa:47:e8:2d:1d:4e:a9:c6:34:77:
67:e1:09:4c:83:db:80:f4:94:d3:7d:4b:49:9e:ee:
43:cb:66:fe:c8:55:58:b3:9b:b4:be:c5:d5:15:1d:
3f:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:9C:2D:AC:76:04:6A:A5:55:D4:AB:11:D8:2D:7C:0C:4B:BD:45:0C
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/0cc82640-c722-44ce-bff6-49d4568f1de3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:6040::/48
Signature Algorithm: sha256WithRSAEncryption
1f:35:7b:0c:c4:25:4b:de:d1:21:45:9b:57:b8:d6:ab:2a:a1:
df:5d:52:d0:26:c8:a7:d3:51:d4:8d:cb:2b:ae:73:27:e5:f5:
c8:91:26:0b:14:bc:d0:0c:d2:94:ac:8f:87:30:b2:fa:24:a3:
f4:a2:e1:d8:7f:61:51:10:53:47:d0:e8:27:61:48:02:d3:d5:
c6:a6:d8:0e:e2:06:4e:c9:26:2c:ea:21:6c:33:6b:da:40:ea:
45:38:c8:c8:c7:7c:1f:50:02:73:c3:61:24:cf:1b:8a:9d:0e:
ad:f0:7f:d7:11:b7:d8:5f:d1:e4:3b:c4:7f:97:04:03:c6:70:
70:2d:9b:4a:f3:a4:1b:00:97:23:cf:ca:7e:65:0e:52:b3:14:
f1:eb:21:1c:01:bb:e5:55:c2:1a:c5:e3:b1:cb:1e:2d:aa:34:
88:f7:22:67:f5:9d:6b:0b:28:bc:06:3f:1b:cf:43:50:3b:9e:
6b:1d:ed:dc:fb:10:48:3c:aa:90:2e:dd:f7:61:da:46:5f:ce:
1b:54:21:1a:c0:39:ac:09:fc:36:df:2e:06:37:23:fa:6d:e6:
83:b3:4f:27:f5:b9:d7:b5:1f:5a:fe:fc:7f:44:ab:5a:56:4c:
11:7f:28:9d:ad:85:8e:5e:68:8f:a8:e3:74:ad:95:9c:9f:ab:
13:3c:c8:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUeOyBpxIALgEVoEBN37B0csuj1H4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIyMjhaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQDNhMGU1NTM4MTFhYjY0YjIxM2YzY2QxYTkzZWVmYjQwYTRmZDI3NGRlYzYz
N2Q0ZTY3YTcxODkxY2JhYmI3MDcxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMNeVcZFKjMjBsQW1dtXd3RPy5FE7kDt/ozwa6v05/+jekDjXw7FapapPE73
NnxVjgLY1CQihWhs5AFZeapmlNBEZb0IdB7HmqCyGgrcGyZ5eBn+Acfv4FcZhWm6
v1ZoNVxw7EYzttfYCRN5tfmeXEF4LgU6Zhqg52VWCgL0nMpYCOiz5yum9V2bA90z
SMNKuwgtaaVHi288cti7EX35EVRyOHU3OR4M3v780g7iJs+03QfwxkH4/pYKE7nU
YPEl6wxVZuhyvGoccreU8JUtGkSUReuQqw76R+gtHU6pxjR3Z+EJTIPbgPSU031L
SZ7uQ8tm/shVWLObtL7F1RUdP8UCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQBnC2s
dgRqpVXUqxHYLXwMS71FDDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
MGNjODI2NDAtYzcyMi00NGNlLWJmZjYtNDlkNDU2OGYxZGUzLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0Flg
QDANBgkqhkiG9w0BAQsFAAOCAQEAHzV7DMQlS97RIUWbV7jWqyqh311S0CbIp9NR
1I3LK65zJ+X1yJEmCxS80AzSlKyPhzCy+iSj9KLh2H9hURBTR9DoJ2FIAtPVxqbY
DuIGTskmLOohbDNr2kDqRTjIyMd8H1ACc8NhJM8bip0OrfB/1xG32F/R5DvEf5cE
A8ZwcC2bSvOkGwCXI8/KfmUOUrMU8eshHAG75VXCGsXjscseLao0iPciZ/Wdawso
vAY/G89DUDueax3t3PsQSDyqkC7d92HaRl/OG1QhGsA5rAn8Nt8uBjcj+m3mg7NP
J/W517UfWv78f0SrWlZMEX8ona2Fjl5oj6jjdK2VnJ+rEzzIaw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:58:21 2025 by rpki-client