Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/548c7809-c2c8-4bf5-a33c-448c8e554df7.roa
File: 548c7809-c2c8-4bf5-a33c-448c8e554df7.roa (raw, json)
Hash identifier: adq7+5+H5zxJi3WYE2Ar+R+pWw1/GfZKS+BrtiD8b/0=
Subject key identifier: 4A:84:50:36:4F:96:04:0D:99:71:A7:A4:C1:A5:55:5A:C1:88:E8:83
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 6E41253D65492F7184E7F6EA50A8033EBA7B8831
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/548c7809-c2c8-4bf5-a33c-448c8e554df7.roa
Signing time: Tue 20 May 2025 18:51:24 +0000
ROA not before: Tue 20 May 2025 18:51:24 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d074:90c0::/48 maxlen: 48
Validation: Failed, certificate revoked on Tue 03 Jun 2025 21:08:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:41:25:3d:65:49:2f:71:84:e7:f6:ea:50:a8:03:3e:ba:7b:88:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 20 18:51:24 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=38cdddfac4462348df0592d65475f2f79b6b41b3a18fc351244d6db97a38fb13, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:18:a8:90:e9:3d:40:dd:e1:83:40:e1:1e:9f:
21:ba:4a:5f:1b:85:5e:bf:8f:c3:0b:14:d7:7f:02:
51:70:3b:90:1d:b8:af:71:fe:93:1d:b8:b0:15:81:
82:6f:e2:ff:bf:76:e3:4c:b5:f0:3e:6d:fb:8d:36:
59:6d:11:89:b2:88:17:92:52:16:89:da:92:ee:ff:
5a:93:f7:3c:c9:7b:e2:47:76:b7:0b:e1:74:df:11:
ef:fd:cb:93:d7:71:8b:fa:71:f0:c0:5b:a2:a0:51:
b9:79:ee:3c:6d:8c:76:85:8a:ab:36:82:6c:42:0c:
05:8b:a0:49:3a:55:2a:da:95:50:2f:03:e3:b8:d5:
a3:1e:00:a6:fe:33:60:bc:99:f0:b8:4f:fe:48:89:
f6:ae:84:6d:90:cd:41:c8:0b:c0:a5:9c:46:94:23:
9e:0e:cc:68:8f:30:9d:6e:5a:d7:04:fe:05:ea:cd:
21:13:62:b7:3e:20:30:d6:0c:ed:7e:bc:7a:23:06:
9b:2d:c6:aa:a5:26:5f:b6:e7:f8:7b:88:65:c9:a0:
1d:95:ba:95:42:ca:19:7d:88:2a:fd:42:45:86:19:
65:04:cf:71:72:b7:66:d4:6e:50:f1:9a:90:97:cd:
92:49:f9:f0:6a:0c:f7:4e:de:d2:18:b2:dc:ed:5f:
0a:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:84:50:36:4F:96:04:0D:99:71:A7:A4:C1:A5:55:5A:C1:88:E8:83
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/548c7809-c2c8-4bf5-a33c-448c8e554df7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d074:90c0::/48
Signature Algorithm: sha256WithRSAEncryption
0f:e6:20:aa:8c:a8:e1:ef:cc:96:79:d6:8f:38:81:64:4f:86:
14:1c:91:c0:fe:69:80:c4:78:49:70:ae:f2:f3:61:bb:9b:f0:
84:30:7d:98:f0:cb:70:d5:8a:05:0b:34:ef:cb:1d:3f:b0:88:
e4:34:ce:5a:d7:e8:e7:f7:16:5e:56:8b:d9:f2:71:a0:73:01:
67:ac:7a:55:b6:4a:65:9e:b5:31:43:ff:a1:9c:f0:8c:f6:75:
d9:6a:33:00:0c:87:ad:3d:c4:47:bf:1f:08:ce:cb:1b:34:76:
6b:e7:da:21:6c:6f:b7:7a:94:4c:2a:f4:86:d2:86:fd:13:10:
e4:be:5f:96:0a:e3:60:b6:c5:f4:94:02:22:47:0e:59:5d:44:
9f:5e:0c:b6:98:e9:53:31:c8:75:ab:6c:d6:4c:5d:83:53:8d:
3a:83:bf:78:e3:9e:80:d6:ec:fb:e7:f2:ac:c2:df:77:f3:7f:
cd:0a:60:42:28:0d:31:a6:26:ba:56:2a:08:92:14:d3:dc:f5:
7a:ff:ce:ff:72:d1:76:2e:44:b3:26:dc:fc:8d:ad:21:a5:d2:
cf:0c:7c:b9:65:71:73:05:c3:ff:47:c2:04:24:16:39:c1:ec:
91:e7:9b:a5:22:fd:aa:aa:97:8e:03:92:69:fa:6b:bc:52:6d:
fe:98:b7:57
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgIUbkElPWVJL3GE5/bqUKgDPrp7iDEwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MjAxODUxMjRaFw0yNTA2MjQyMzU5NTlaMHoxSTBHBgNV
BAUTQDM4Y2RkZGZhYzQ0NjIzNDhkZjA1OTJkNjU0NzVmMmY3OWI2YjQxYjNhMThm
YzM1MTI0NGQ2ZGI5N2EzOGZiMTMxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKcYqJDpPUDd4YNA4R6fIbpKXxuFXr+PwwsU138CUXA7kB24r3H+kx24sBWB
gm/i/79240y18D5t+402WW0RibKIF5JSFonaku7/WpP3PMl74kd2twvhdN8R7/3L
k9dxi/px8MBboqBRuXnuPG2MdoWKqzaCbEIMBYugSTpVKtqVUC8D47jVox4Apv4z
YLyZ8LhP/kiJ9q6EbZDNQcgLwKWcRpQjng7MaI8wnW5a1wT+BerNIRNitz4gMNYM
7X68eiMGmy3GqqUmX7bn+HuIZcmgHZW6lULKGX2IKv1CRYYZZQTPcXK3ZtRuUPGa
kJfNkkn58GoM907e0hiy3O1fCuECAwEAAaOCAiQwggIgMB0GA1UdDgQWBBRKhFA2
T5YEDZlxp6TBpVVawYjogzAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
NTQ4Yzc4MDktYzJjOC00YmY1LWEzM2MtNDQ4YzhlNTU0ZGY3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAiBggrBgEFBQcBBwEB/wQTMBEwDwQCAAIwCQMHACoF0HSQ
wDANBgkqhkiG9w0BAQsFAAOCAQEAD+Ygqoyo4e/MlnnWjziBZE+GFByRwP5pgMR4
SXCu8vNhu5vwhDB9mPDLcNWKBQs078sdP7CI5DTOWtfo5/cWXlaL2fJxoHMBZ6x6
VbZKZZ61MUP/oZzwjPZ12WozAAyHrT3ER78fCM7LGzR2a+faIWxvt3qUTCr0htKG
/RMQ5L5flgrjYLbF9JQCIkcOWV1En14MtpjpUzHIdats1kxdg1ONOoO/eOOegNbs
++fyrMLfd/N/zQpgQigNMaYmulYqCJIU09z1ev/O/3LRdi5Esybc/I2tIaXSzwx8
uWVxcwXD/0fCBCQWOcHskeebpSL9qqqXjgOSafprvFJt/pi3Vw==
-----END CERTIFICATE-----
Generated at Sat Jun 14 10:57:23 2025 by rpki-client