Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
File: d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa (raw, json)
Hash identifier: MoU5Jxa/oUfTR6zIlfe4xqQN6hkhOhYc+k6ytOmcGYQ=
Subject key identifier: 66:1A:C8:D6:F6:02:9F:49:97:50:E4:F3:A3:26:55:5B:E5:E0:4F:81
Certificate issuer: /CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Certificate serial: 2A85AEF20ED77693E19B0ABA31F98BD18871CE2E
Authority key identifier: 45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
Signing time: Fri 24 Oct 2025 00:40:28 +0000
ROA not before: Fri 24 Oct 2025 00:40:28 +0000
ROA not after: Fri 28 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 83.118.240.0/20 maxlen: 24
Validation: Failed, certificate revoked on Thu 30 Oct 2025 16:24:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2a:85:ae:f2:0e:d7:76:93:e1:9b:0a:ba:31:f9:8b:d1:88:71:ce:2e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=453f4746354e2ad15ce7ebd8dc21f96c0e5c87cf
Validity
Not Before: Oct 24 00:40:28 2025 GMT
Not After : Nov 28 23:59:59 2025 GMT
Subject: serialNumber=1714b71f2fb8b38f096d94600ee8cda770f8e165dee9f49c5bb5f4331dd0f3ab, CN=c336411a-6651-4f13-8ef9-de681c7c9444
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ea:4e:2d:39:d8:8a:ad:4f:c9:28:35:29:24:
51:a6:1a:7e:ee:dd:c8:77:e3:7a:bd:1c:03:f5:0d:
8a:71:af:28:7e:b2:f0:74:81:d5:cd:79:9a:86:e2:
8b:75:89:2d:5d:7a:51:4f:89:1f:8e:b4:8e:60:84:
61:e9:da:65:f6:e6:06:15:c8:d7:99:75:4c:62:d9:
29:c2:89:ce:41:ab:ed:00:f0:74:cb:54:4e:d2:63:
ee:e8:b5:32:02:12:70:99:38:8f:49:27:77:f4:96:
97:3e:2f:66:bc:7e:68:4b:f2:6e:10:77:61:1e:01:
d6:16:58:16:91:85:4a:c1:30:c9:a5:5e:49:71:73:
13:1d:39:67:e3:16:1d:97:d5:8e:0f:77:0b:0d:0f:
db:3f:61:0b:ea:a1:e9:7b:55:2a:38:97:6b:e1:76:
63:de:80:34:dd:40:9c:f1:b7:b6:7f:20:8b:3a:33:
8d:3c:d3:92:54:52:6e:2e:07:e2:ce:45:16:6c:4f:
41:8b:cc:5d:ff:5c:16:77:e0:71:1b:90:39:b2:d0:
99:93:25:1d:b9:08:d0:46:9f:8f:d5:23:6a:fc:41:
c9:af:07:7b:30:79:f4:d8:7d:1f:77:3d:fa:3f:7c:
a6:0c:85:9c:c2:b7:52:47:4c:c2:d0:a9:eb:4f:0b:
b7:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:1A:C8:D6:F6:02:9F:49:97:50:E4:F3:A3:26:55:5B:E5:E0:4F:81
X509v3 Authority Key Identifier:
keyid:45:3F:47:46:35:4E:2A:D1:5C:E7:EB:D8:DC:21:F9:6C:0E:5C:87:CF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/RT9HRjVOKtFc5-vY3CH5bA5ch88.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/d411eca7-95af-41dd-a2fc-fdaa162ad2e7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/967a255c-d680-42d3-9ec3-ecb3f9da088c/_lAi5THDsQdPYA9nmET6olHuVc8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
83.118.240.0/20
Signature Algorithm: sha256WithRSAEncryption
ad:11:4b:7c:f6:76:60:c1:d5:c5:e2:b0:27:6c:5a:5d:f4:65:
88:cf:ed:09:6b:4c:2e:65:da:79:04:c4:c0:f1:3d:49:cf:b3:
ac:0a:22:72:aa:85:04:76:fe:41:bc:fb:be:a5:8f:62:68:f2:
65:a9:81:e2:67:5f:ed:8d:98:ad:0a:b5:b5:c6:24:7e:41:9b:
4c:6a:8f:b9:94:57:2b:8e:fe:cf:88:10:77:13:6f:36:36:1c:
26:ba:cf:d3:1d:fa:e9:42:66:fa:0e:69:d8:c5:0e:f9:eb:08:
30:d1:6f:8c:d6:1f:37:d3:ca:c8:72:d9:f1:97:58:8c:3d:1d:
76:0b:33:3f:b8:1a:b6:ac:08:14:be:14:4a:bc:d7:9f:1d:0d:
62:07:83:9e:47:84:b3:18:ea:c1:6a:4c:21:4d:9f:e8:dd:92:
be:b2:09:7e:6d:2a:ee:4d:ce:ae:c4:9f:aa:cc:a1:dd:34:70:
22:49:2f:88:d7:0e:c2:0a:dd:2a:bb:0a:c7:49:a7:6d:d1:69:
c8:9d:4c:0e:8e:fe:d3:ba:c5:53:2e:b5:cf:0d:4e:9e:b3:9c:
dc:59:6b:b7:16:c2:74:85:73:82:89:bd:0f:cc:fa:27:79:c9:
35:c0:91:f7:37:7a:bd:41:3f:5a:07:f6:dd:d3:8f:61:1f:82:
a7:3e:df:71
-----BEGIN CERTIFICATE-----
MIIFXjCCBEagAwIBAgIUKoWu8g7XdpPhmwq6MfmL0Yhxzi4wDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoNDUzZjQ3NDYzNTRlMmFkMTVjZTdlYmQ4ZGMyMWY5NmMw
ZTVjODdjZjAeFw0yNTEwMjQwMDQwMjhaFw0yNTExMjgyMzU5NTlaMHoxSTBHBgNV
BAUTQDE3MTRiNzFmMmZiOGIzOGYwOTZkOTQ2MDBlZThjZGE3NzBmOGUxNjVkZWU5
ZjQ5YzViYjVmNDMzMWRkMGYzYWIxLTArBgNVBAMTJGMzMzY0MTFhLTY2NTEtNGYx
My04ZWY5LWRlNjgxYzdjOTQ0NDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAM/qTi052IqtT8koNSkkUaYafu7dyHfjer0cA/UNinGvKH6y8HSB1c15mobi
i3WJLV16UU+JH460jmCEYenaZfbmBhXI15l1TGLZKcKJzkGr7QDwdMtUTtJj7ui1
MgIScJk4j0knd/SWlz4vZrx+aEvybhB3YR4B1hZYFpGFSsEwyaVeSXFzEx05Z+MW
HZfVjg93Cw0P2z9hC+qh6XtVKjiXa+F2Y96ANN1AnPG3tn8gizozjTzTklRSbi4H
4s5FFmxPQYvMXf9cFnfgcRuQObLQmZMlHbkI0Eafj9UjavxBya8HezB59Nh9H3c9
+j98pgyFnMK3UkdMwtCp608LtwkCAwEAAaOCAiEwggIdMB0GA1UdDgQWBBRmGsjW
9gKfSZdQ5POjJlVb5eBPgTAfBgNVHSMEGDAWgBRFP0dGNU4q0Vzn69jcIflsDlyH
zzAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL1JUOUhSalZP
S3RGYzUtdlkzQ0g1YkE1Y2g4OC5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS85NjdhMjU1Yy1kNjgwLTQyZDMtOWVjMy1lY2IzZjlkYTA4OGMv
ZDQxMWVjYTctOTVhZi00MWRkLWEyZmMtZmRhYTE2MmFkMmU3LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvOTY3YTI1NWMtZDY4MC00MmQzLTllYzMtZWNiM2Y5ZGEw
ODhjL19sQWk1VEhEc1FkUFlBOW5tRVQ2b2xIdVZjOC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEBFN28DAN
BgkqhkiG9w0BAQsFAAOCAQEArRFLfPZ2YMHVxeKwJ2xaXfRliM/tCWtMLmXaeQTE
wPE9Sc+zrAoicqqFBHb+Qbz7vqWPYmjyZamB4mdf7Y2YrQq1tcYkfkGbTGqPuZRX
K47+z4gQdxNvNjYcJrrP0x366UJm+g5p2MUO+esIMNFvjNYfN9PKyHLZ8ZdYjD0d
dgszP7gatqwIFL4USrzXnx0NYgeDnkeEsxjqwWpMIU2f6N2SvrIJfm0q7k3OrsSf
qsyh3TRwIkkviNcOwgrdKrsKx0mnbdFpyJ1MDo7+07rFUy61zw1OnrOc3FlrtxbC
dIVzgom9D8z6J3nJNcCR9zd6vUE/Wgf23dOPYR+Cpz7fcQ==
-----END CERTIFICATE-----
Generated at Sun Nov 2 22:51:48 2025 by rpki-client