Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
File: a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa (raw, json)
Hash identifier: uzNI9DUS7LsvXgyjqMWPrIzesfxOgArDT8jG+OGXgYA=
Subject key identifier: B0:C1:0D:B1:91:3B:10:24:A7:1E:41:ED:E8:0D:61:5A:3F:34:99:56
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 206DE6FA2A39942B0B42419E3E96D22C8CEDEBB9
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
Signing time: Tue 21 Oct 2025 14:50:38 +0000
ROA not before: Tue 21 Oct 2025 14:50:38 +0000
ROA not after: Tue 25 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 193.202.192.0/19 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Oct 2025 16:25:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
20:6d:e6:fa:2a:39:94:2b:0b:42:41:9e:3e:96:d2:2c:8c:ed:eb:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 21 14:50:38 2025 GMT
Not After : Nov 25 23:59:59 2025 GMT
Subject: serialNumber=a2e3cb405df016d12ac101d86b8fc415ea2ec1bc83462eb5ee74cdce2ce29ac5, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:59:32:93:7b:50:05:6b:d0:d6:e8:e9:6e:0f:
32:f0:c7:89:66:a8:a5:a6:30:bc:c1:c2:6e:72:3e:
b5:26:76:35:23:14:5f:8c:8d:4a:95:00:e0:88:84:
84:e3:59:68:d8:c2:74:b4:97:c4:5d:5e:f4:cf:21:
57:79:7c:41:6f:6e:ba:96:94:08:19:d4:c4:c4:4b:
76:41:a0:1c:f9:fa:5b:88:1a:56:32:1a:a0:f6:90:
2b:88:f5:f7:48:9e:9d:7a:1d:ec:26:b9:f4:10:82:
c0:4c:e3:35:ab:58:f2:3a:a9:db:e2:79:8e:0b:da:
be:02:61:64:06:0d:8c:44:4a:45:98:a9:5a:6e:28:
18:d3:e6:a4:b9:05:4a:34:85:c1:e9:34:de:ba:af:
8a:ff:92:1d:b8:0c:1a:83:6e:fc:02:f9:31:b3:4f:
2b:8d:37:14:af:dd:a9:58:96:6d:5a:04:93:48:3a:
ff:78:60:b9:5e:51:87:bd:a3:3a:2c:36:ad:de:c4:
98:00:a3:7e:d0:a5:3d:f5:d7:ea:82:27:98:37:08:
d1:d7:01:a4:89:b1:ca:20:2c:27:f3:3f:f4:90:9e:
c2:55:17:cc:aa:88:a5:31:db:8f:2c:1f:a7:96:c4:
c0:c7:62:9e:5b:99:47:33:ec:2f:cc:99:93:0e:4e:
d1:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:C1:0D:B1:91:3B:10:24:A7:1E:41:ED:E8:0D:61:5A:3F:34:99:56
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/a1fe62fd-3c9b-4c9a-867b-42c7d6d94fdf.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.202.192.0/19
Signature Algorithm: sha256WithRSAEncryption
b0:30:3f:36:16:79:f2:07:7c:af:bf:cc:cf:5f:c9:75:35:90:
29:ab:34:d7:d7:d3:c8:30:e8:9a:a0:13:81:e2:51:a6:89:0e:
81:e4:31:35:0c:18:f4:9f:20:00:a4:9b:98:67:29:68:85:93:
00:d7:12:8a:72:a7:3c:90:7e:9e:d1:f1:aa:73:81:4a:2d:e7:
ac:ff:44:a7:08:f8:a6:58:e0:f9:db:40:d1:84:bd:8f:90:04:
ac:57:0e:af:a6:ad:d7:ac:6d:07:26:e3:c1:2d:f1:2d:7d:cf:
44:4b:e2:36:2d:a4:8b:e2:26:22:41:4d:e9:ff:92:5f:4c:2a:
89:5e:83:a6:de:69:da:89:f2:3f:42:a2:2d:65:fd:71:2e:c3:
27:fa:3a:81:ba:87:aa:93:d5:b5:48:c3:91:e5:d0:9e:49:42:
72:3e:46:9e:d6:74:d9:93:58:09:03:0c:ec:1b:42:1f:98:97:
ba:10:9a:db:eb:dd:b8:19:83:07:28:36:51:ce:79:92:16:5a:
74:1c:42:9b:b1:c2:00:56:39:b6:dc:ad:8d:a5:f7:6d:67:4d:
a0:a9:fb:09:de:34:a5:74:58:29:55:7b:56:74:32:f9:22:5f:
8c:ba:61:d1:73:cb:6d:f5:d9:d6:5b:ee:a5:c1:b3:c5:25:7b:
4a:99:84:8d
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUIG3m+io5lCsLQkGePpbSLIzt67kwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjExNDUwMzhaFw0yNTExMjUyMzU5NTlaMHoxSTBHBgNV
BAUTQGEyZTNjYjQwNWRmMDE2ZDEyYWMxMDFkODZiOGZjNDE1ZWEyZWMxYmM4MzQ2
MmViNWVlNzRjZGNlMmNlMjlhYzUxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANlZMpN7UAVr0Nbo6W4PMvDHiWaopaYwvMHCbnI+tSZ2NSMUX4yNSpUA4IiE
hONZaNjCdLSXxF1e9M8hV3l8QW9uupaUCBnUxMRLdkGgHPn6W4gaVjIaoPaQK4j1
90ienXod7Ca59BCCwEzjNatY8jqp2+J5jgvavgJhZAYNjERKRZipWm4oGNPmpLkF
SjSFwek03rqviv+SHbgMGoNu/AL5MbNPK403FK/dqViWbVoEk0g6/3hguV5Rh72j
Oiw2rd7EmACjftClPfXX6oInmDcI0dcBpImxyiAsJ/M/9JCewlUXzKqIpTHbjywf
p5bEwMdinluZRzPsL8yZkw5O0fkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBSwwQ2x
kTsQJKceQe3oDWFaPzSZVjAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
YTFmZTYyZmQtM2M5Yi00YzlhLTg2N2ItNDJjN2Q2ZDk0ZmRmLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBcHKwDAN
BgkqhkiG9w0BAQsFAAOCAQEAsDA/NhZ58gd8r7/Mz1/JdTWQKas019fTyDDomqAT
geJRpokOgeQxNQwY9J8gAKSbmGcpaIWTANcSinKnPJB+ntHxqnOBSi3nrP9Epwj4
pljg+dtA0YS9j5AErFcOr6at16xtBybjwS3xLX3PREviNi2ki+ImIkFN6f+SX0wq
iV6Dpt5p2onyP0KiLWX9cS7DJ/o6gbqHqpPVtUjDkeXQnklCcj5GntZ02ZNYCQMM
7BtCH5iXuhCa2+vduBmDByg2Uc55khZadBxCm7HCAFY5ttytjaX3bWdNoKn7Cd40
pXRYKVV7VnQy+SJfjLph0XPLbfXZ1lvupcGzxSV7SpmEjQ==
-----END CERTIFICATE-----
Generated at Mon Nov 3 10:14:15 2025 by rpki-client