Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/43bc7e1b-a040-4273-9cc5-0f634963c2e7.roa
File: 43bc7e1b-a040-4273-9cc5-0f634963c2e7.roa (raw, json)
Hash identifier: LeKZUYm5o4oNFb+KJlTt0I0yRJN+bPUYIlEFtWgEhGw=
Subject key identifier: 06:C4:83:1D:AB:E6:92:F4:2B:5B:FD:3E:49:40:4A:F1:41:07:95:76
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 77CAF4FE2B41571388AD7137F66AD01F720E8BA5
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/43bc7e1b-a040-4273-9cc5-0f634963c2e7.roa
Signing time: Thu 22 May 2025 01:22:22 +0000
ROA not before: Thu 22 May 2025 01:22:22 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:1040::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 20:54:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:ca:f4:fe:2b:41:57:13:88:ad:71:37:f6:6a:d0:1f:72:0e:8b:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 22 01:22:22 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=d26e98da1b4c474c8f553466c60e712576cdcf635a1d1ac4938c90a880e5fc19, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:e1:09:27:c4:60:0f:6a:7e:65:63:88:05:ff:
2b:4b:e6:b2:22:e6:97:6c:2f:8d:31:86:e7:9d:8c:
02:70:1f:02:5a:f2:05:3f:5e:f4:2e:f7:c7:e1:c8:
ba:32:2f:33:d2:7e:b5:1a:b6:0b:3d:05:17:7e:18:
cf:35:7f:c9:13:33:d1:23:6f:d7:08:76:fe:bf:ec:
38:c6:57:0d:64:a0:61:9e:5e:a5:da:c2:89:22:84:
c4:ff:fb:83:80:ba:c2:47:12:86:dc:7c:d8:b4:96:
a1:99:0f:50:27:b4:77:98:03:25:e7:9c:e9:95:cc:
e0:ea:60:9d:6a:3f:8b:a6:85:c1:ae:21:b1:ca:73:
2a:e1:90:31:88:8d:ea:d2:e1:e2:d9:4e:92:e2:f8:
46:3a:e3:55:ad:3b:aa:6f:eb:bd:12:d7:e8:d9:c4:
de:79:c2:46:ad:99:53:aa:86:b8:fd:c1:65:7c:0b:
fa:93:cf:1e:39:71:67:b2:dd:1e:d2:a2:60:1d:fc:
b2:5b:da:e4:eb:07:13:82:1b:f3:9f:2b:6b:b2:c4:
72:d5:b9:0c:70:e4:76:d5:29:84:31:75:2a:bd:a0:
c2:16:48:74:52:a2:2e:e8:2a:87:65:6a:ab:18:72:
95:b1:a3:0e:e6:73:87:01:24:4d:8d:71:cc:e4:98:
a7:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:C4:83:1D:AB:E6:92:F4:2B:5B:FD:3E:49:40:4A:F1:41:07:95:76
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/43bc7e1b-a040-4273-9cc5-0f634963c2e7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:1040::/48
Signature Algorithm: sha256WithRSAEncryption
c4:df:38:9c:35:e4:6c:c8:10:91:1a:75:64:e0:ea:23:ba:2f:
c4:91:04:1e:ae:02:b1:1f:5c:44:0e:cd:fc:9d:e2:ab:95:23:
91:4d:4d:79:2c:8e:96:01:61:bf:15:75:16:f4:e0:25:8b:8d:
37:1e:a6:f9:31:b4:6d:2e:43:31:03:01:62:ab:f8:90:37:7e:
9e:0b:4e:2f:ef:2f:2c:0d:1a:e2:06:91:5a:57:e6:b4:52:f2:
fa:5e:09:0c:29:ec:1b:45:06:9a:3e:97:05:6d:55:a9:a2:7d:
56:e6:b2:9b:d0:4d:bd:71:b8:5f:82:d9:98:e7:6f:a4:6a:13:
7e:27:fb:78:ff:91:17:a5:df:95:27:f6:fa:f2:e1:26:b9:01:
76:f7:0f:6f:55:e3:bd:11:e9:d4:ab:f6:b4:2f:c0:70:0d:f6:
9f:35:ff:f3:06:6d:d3:d5:23:bc:b0:68:0f:66:f6:e8:29:3a:
5d:0b:e2:e5:18:70:1a:90:3d:32:7a:c1:30:02:0b:b8:e6:a0:
ff:73:cc:07:da:4f:a1:c3:b1:ac:ee:80:40:7c:a3:0d:18:20:
c7:6f:9d:68:83:48:11:1a:89:30:ca:23:12:eb:71:bd:47:5b:
2e:4f:ad:49:2b:3e:eb:14:6e:98:59:71:31:78:06:e9:17:c0:
03:07:81:3e
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUd8r0/itBVxOIrXE39mrQH3IOi6UwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjIwMTIyMjJaFw0yNTA2MjYyMzU5NTlaMHoxSTBHBgNV
BAUTQGQyNmU5OGRhMWI0YzQ3NGM4ZjU1MzQ2NmM2MGU3MTI1NzZjZGNmNjM1YTFk
MWFjNDkzOGM5MGE4ODBlNWZjMTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALfhCSfEYA9qfmVjiAX/K0vmsiLml2wvjTGG552MAnAfAlryBT9e9C73x+HI
ujIvM9J+tRq2Cz0FF34YzzV/yRMz0SNv1wh2/r/sOMZXDWSgYZ5epdrCiSKExP/7
g4C6wkcShtx82LSWoZkPUCe0d5gDJeec6ZXM4OpgnWo/i6aFwa4hscpzKuGQMYiN
6tLh4tlOkuL4RjrjVa07qm/rvRLX6NnE3nnCRq2ZU6qGuP3BZXwL+pPPHjlxZ7Ld
HtKiYB38slva5OsHE4Ib858ra7LEctW5DHDkdtUphDF1Kr2gwhZIdFKiLugqh2Vq
qxhylbGjDuZzhwEkTY1xzOSYp5MCAwEAAaOCAiQwggIgMB0GA1UdDgQWBBQGxIMd
q+aS9Ctb/T5JQErxQQeVdjAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NDNiYzdlMWItYTA0MC00MjczLTljYzUtMGY2MzQ5NjNjMmU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0FkQ
QDANBgkqhkiG9w0BAQsFAAOCAQEAxN84nDXkbMgQkRp1ZODqI7ovxJEEHq4CsR9c
RA7N/J3iq5UjkU1NeSyOlgFhvxV1FvTgJYuNNx6m+TG0bS5DMQMBYqv4kDd+ngtO
L+8vLA0a4gaRWlfmtFLy+l4JDCnsG0UGmj6XBW1VqaJ9Vuaym9BNvXG4X4LZmOdv
pGoTfif7eP+RF6XflSf2+vLhJrkBdvcPb1XjvRHp1Kv2tC/AcA32nzX/8wZt09Uj
vLBoD2b26Ck6XQvi5RhwGpA9MnrBMAILuOag/3PMB9pPocOxrO6AQHyjDRggx2+d
aINIERqJMMojEutxvUdbLk+tSSs+6xRumFlxMXgG6RfAAweBPg==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:59:34 2025 by rpki-client