Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aba9112e-5520-4338-bc40-edcadc3952e2.roa
File: aba9112e-5520-4338-bc40-edcadc3952e2.roa (raw, json)
Hash identifier: p/u5l6H0mXuNG6H2UM4KwBydiGo1qDv5iCNjLAbKZ8E=
Subject key identifier: 7D:20:AF:F0:6F:D5:C9:0E:46:13:28:99:5F:0F:32:AD:53:FA:AF:90
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 1C4011C737453CBB0586EC0FC72624086390D209
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aba9112e-5520-4338-bc40-edcadc3952e2.roa
Signing time: Fri 16 May 2025 17:40:46 +0000
ROA not before: Fri 16 May 2025 17:40:46 +0000
ROA not after: Fri 20 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d059:800::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 May 2025 01:37:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:40:11:c7:37:45:3c:bb:05:86:ec:0f:c7:26:24:08:63:90:d2:09
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: May 16 17:40:46 2025 GMT
Not After : Jun 20 23:59:59 2025 GMT
Subject: serialNumber=1b63c6a3abe19290ed4836c6bee8cd090234f7f80c80939f2bcf507738aa1dfd, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f8:4f:21:0f:11:16:16:17:3e:b1:6d:31:49:
8b:30:b6:16:d6:d1:40:37:4c:0f:1a:a0:f2:1c:4b:
33:f1:b1:33:ef:a4:bd:0c:be:af:a2:e4:87:c8:cb:
2d:e9:50:a3:a7:83:ed:a9:cb:e9:6a:8a:71:dd:aa:
3b:a4:ff:8d:a8:fe:72:1f:6b:d0:c1:78:fe:a1:68:
6c:93:75:13:f7:84:0c:fb:2b:0d:ad:3f:c3:07:ff:
42:eb:35:32:a4:b6:f8:e7:5d:bf:80:2e:1f:1b:f5:
31:38:0e:dc:e3:b2:c7:b5:4a:5f:75:f1:1b:9c:91:
92:60:f1:8f:bb:00:b6:18:d2:aa:9d:11:f0:f2:a2:
ad:e1:84:28:bc:e2:d6:c7:f0:a1:fd:cd:34:5b:b2:
4e:d3:a5:80:cc:ec:6f:20:cb:c4:7d:54:6d:5b:9a:
f5:88:57:ad:ec:9b:38:02:ec:eb:f6:6f:36:ea:19:
04:06:74:27:44:7b:0b:70:0e:bc:45:c8:99:78:83:
60:f9:e7:bf:dc:23:7c:8a:cd:ae:eb:6e:bc:d8:20:
6a:f5:03:cb:3b:87:a9:ff:85:f1:33:86:f9:19:37:
15:90:f4:90:47:be:14:e6:f2:e2:cf:88:9f:d2:25:
0b:a1:d7:74:8b:72:fb:a8:73:8d:9b:08:50:81:0e:
67:fd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7D:20:AF:F0:6F:D5:C9:0E:46:13:28:99:5F:0F:32:AD:53:FA:AF:90
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/aba9112e-5520-4338-bc40-edcadc3952e2.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d059:800::/40
Signature Algorithm: sha256WithRSAEncryption
50:80:68:80:09:31:48:2b:bf:dd:9c:46:5d:65:62:f1:c6:f1:
5c:18:ac:31:8a:84:60:51:ab:10:85:9e:a4:ef:16:06:e3:70:
64:3e:ee:65:7e:32:db:ac:e7:66:13:cf:45:b8:41:8d:d5:e5:
b6:03:0a:45:73:6d:6a:31:9b:af:ee:78:63:25:5f:c4:f1:43:
88:b3:6f:43:05:e7:d2:13:fe:3a:03:8b:f9:c2:29:7c:f5:94:
e7:74:c3:39:b9:4c:c9:0d:6d:99:1a:7d:f5:a2:bf:9b:fa:f3:
d3:58:50:e3:39:dc:05:4f:1f:09:62:58:08:6e:77:d5:37:ac:
8d:8d:4c:7c:fd:d7:fd:59:62:72:53:37:c2:21:71:d4:53:da:
a2:85:e7:aa:40:1e:48:aa:bc:06:6c:5b:34:4d:8c:53:98:7c:
3f:1a:aa:09:e4:6d:11:5b:dc:c2:2c:c2:9b:a5:80:cd:4b:f2:
d9:e8:00:86:d2:28:9e:9b:44:f2:01:c7:d5:0b:b0:f9:9f:76:
5b:8a:b3:a1:08:96:89:23:d3:0a:9f:2c:a4:7e:e0:58:4f:a4:
35:d5:15:b4:56:fc:e5:86:cb:5d:d5:6c:ba:b6:c6:a8:14:57:
00:d6:c7:c5:2a:32:3c:73:6d:f0:e5:6f:5a:95:88:eb:29:1b:
78:47:7b:ee
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIUHEARxzdFPLsFhuwPxyYkCGOQ0gkwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTA1MTYxNzQwNDZaFw0yNTA2MjAyMzU5NTlaMHoxSTBHBgNV
BAUTQDFiNjNjNmEzYWJlMTkyOTBlZDQ4MzZjNmJlZThjZDA5MDIzNGY3ZjgwYzgw
OTM5ZjJiY2Y1MDc3MzhhYTFkZmQxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMP4TyEPERYWFz6xbTFJizC2FtbRQDdMDxqg8hxLM/GxM++kvQy+r6Lkh8jL
LelQo6eD7anL6WqKcd2qO6T/jaj+ch9r0MF4/qFobJN1E/eEDPsrDa0/wwf/Qus1
MqS2+Oddv4AuHxv1MTgO3OOyx7VKX3XxG5yRkmDxj7sAthjSqp0R8PKireGEKLzi
1sfwof3NNFuyTtOlgMzsbyDLxH1UbVua9YhXreybOALs6/ZvNuoZBAZ0J0R7C3AO
vEXImXiDYPnnv9wjfIrNrutuvNggavUDyzuHqf+F8TOG+Rk3FZD0kEe+FOby4s+I
n9IlC6HXdIty+6hzjZsIUIEOZ/0CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBR9IK/w
b9XJDkYTKJlfDzKtU/qvkDAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
YWJhOTExMmUtNTUyMC00MzM4LWJjNDAtZWRjYWRjMzk1MmUyLnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0FkI
MA0GCSqGSIb3DQEBCwUAA4IBAQBQgGiACTFIK7/dnEZdZWLxxvFcGKwxioRgUasQ
hZ6k7xYG43BkPu5lfjLbrOdmE89FuEGN1eW2AwpFc21qMZuv7nhjJV/E8UOIs29D
BefSE/46A4v5wil89ZTndMM5uUzJDW2ZGn31or+b+vPTWFDjOdwFTx8JYlgIbnfV
N6yNjUx8/df9WWJyUzfCIXHUU9qiheeqQB5IqrwGbFs0TYxTmHw/GqoJ5G0RW9zC
LMKbpYDNS/LZ6ACG0iiem0TyAcfVC7D5n3ZbirOhCJaJI9MKnyykfuBYT6Q11RW0
Vvzlhstd1Wy6tsaoFFcA1sfFKjI8c23w5W9alYjrKRt4R3vu
-----END CERTIFICATE-----
Generated at Wed Jun 4 10:14:21 2025 by rpki-client