Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/417b1098-3296-44f2-81cd-04b865862394.roa
File: 417b1098-3296-44f2-81cd-04b865862394.roa (raw, json)
Hash identifier: xuNlYvQmhnkMt+eteV90LmLLXjZa7N0bIG1USlLQtpI=
Subject key identifier: 43:D7:B7:D6:24:8E:9A:12:A5:65:E8:8D:93:B1:22:35:E6:6E:CF:4F
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 3E979DF4DDA28CE49633D8D6AE985DF31A222A56
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/417b1098-3296-44f2-81cd-04b865862394.roa
Signing time: Mon 21 Apr 2025 03:43:16 +0000
ROA not before: Mon 21 Apr 2025 03:43:16 +0000
ROA not after: Mon 26 May 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 21 Apr 2025 03:58:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3e:97:9d:f4:dd:a2:8c:e4:96:33:d8:d6:ae:98:5d:f3:1a:22:2a:56
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Apr 21 03:43:16 2025 GMT
Not After : May 26 23:59:59 2025 GMT
Subject: serialNumber=6098643a69ff58a4d0e9604b4400486a964a0e849972d2bb2ee907bca97c5fc0, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:01:b9:43:2c:46:d4:2a:a1:7c:59:1e:1c:6d:
9d:d1:15:c3:06:8e:b3:39:28:aa:9b:6c:4e:42:9d:
ea:fd:20:c4:95:fa:e6:8f:4c:ad:1c:1e:76:f2:1d:
40:87:77:85:58:42:03:a2:42:db:90:6f:8a:53:1e:
28:00:fd:df:a3:65:2e:d0:45:27:53:12:56:a2:5c:
f8:0f:c3:12:e2:30:39:1e:b5:22:93:f4:b5:bf:1d:
80:e1:b9:92:f2:60:b7:5f:cb:65:15:6c:bb:81:4d:
d2:ee:ad:2a:b9:09:4f:cf:89:bf:82:36:3f:2b:74:
2d:96:69:8c:ad:81:71:1a:74:4e:46:c0:b8:9d:60:
37:d5:f8:75:28:1d:3a:8f:2b:21:d4:f6:88:12:8a:
bd:27:1f:09:aa:5d:f2:5f:02:e1:58:52:09:21:67:
08:de:f8:94:eb:a1:56:e5:bc:95:66:be:8b:a2:2e:
1b:a2:d4:cf:6a:9d:85:ab:59:3f:37:32:37:77:e3:
58:9d:41:14:e2:cd:09:07:29:b9:7b:83:c5:2f:0f:
b8:64:93:9f:1f:c3:37:02:18:24:1d:82:f1:23:16:
3d:14:7c:66:96:1d:a3:54:bb:0c:56:38:e7:f6:53:
70:a8:cb:a6:86:c7:18:68:0b:50:8f:6c:fb:74:2d:
3b:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:D7:B7:D6:24:8E:9A:12:A5:65:E8:8D:93:B1:22:35:E6:6E:CF:4F
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/417b1098-3296-44f2-81cd-04b865862394.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0f:c1:b3:03:5e:9b:dd:9f:8c:68:4b:77:05:f1:04:fb:b8:3d:
67:86:74:68:12:c7:d5:fa:6d:3f:f7:ae:bf:82:a2:88:8c:ff:
e0:96:7f:f8:40:6c:4c:84:f3:dd:53:88:81:ec:6d:29:4b:76:
26:d4:6e:80:a5:b7:93:27:86:96:1c:37:a9:26:5b:8c:ac:7c:
fc:ec:d6:2a:fe:14:5f:1b:cc:c5:aa:a1:84:a1:e2:84:ac:82:
e6:2e:c3:9f:1e:b8:a3:f9:b0:1f:db:b9:38:02:e9:81:ab:cb:
03:27:8a:a9:66:a4:4f:41:69:e8:a2:5e:cb:e4:21:56:ce:e0:
aa:21:15:b8:66:90:b7:65:8c:80:45:fa:1c:7d:b9:1b:32:53:
d2:e1:05:d1:5c:8e:c9:5b:cb:ae:7e:e1:9c:d2:f0:83:23:b2:
83:9d:f2:3a:3d:04:14:7e:71:af:57:fd:45:3b:47:c2:64:21:
b1:cd:b1:08:f8:e4:c3:4b:0a:f7:ec:5d:e1:97:c8:6b:65:17:
6c:43:f3:1d:33:af:8f:cc:c2:d5:1c:9b:1d:20:89:67:a0:41:
7e:13:f7:2d:e2:2b:07:f1:72:3c:b7:92:88:ec:e3:69:f9:de:
33:63:01:8e:fc:a1:bc:5a:60:80:02:07:9e:d5:41:3c:35:76:
05:0d:b9:04
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUPped9N2ijOSWM9jWrphd8xoiKlYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDIxMDM0MzE2WhcNMjUwNTI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MDk4NjQzYTY5ZmY1OGE0ZDBlOTYwNGI0NDAwNDg2YTk2
NGEwZTg0OTk3MmQyYmIyZWU5MDdiY2E5N2M1ZmMwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDTAblDLEbUKqF8WR4cbZ3RFcMGjrM5KKqbbE5Cner9IMSV
+uaPTK0cHnbyHUCHd4VYQgOiQtuQb4pTHigA/d+jZS7QRSdTElaiXPgPwxLiMDke
tSKT9LW/HYDhuZLyYLdfy2UVbLuBTdLurSq5CU/Pib+CNj8rdC2WaYytgXEadE5G
wLidYDfV+HUoHTqPKyHU9ogSir0nHwmqXfJfAuFYUgkhZwje+JTroVblvJVmvoui
Lhui1M9qnYWrWT83Mjd341idQRTizQkHKbl7g8UvD7hkk58fwzcCGCQdgvEjFj0U
fGaWHaNUuwxWOOf2U3Coy6aGxxhoC1CPbPt0LTulAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQ9e31iSOmhKlZeiNk7EiNeZuz08wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzQxN2IxMDk4LTMyOTYtNDRmMi04MWNkLTA0Yjg2NTg2MjM5NC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA/BswNem92fjGhLdwXxBPu4PWeG
dGgSx9X6bT/3rr+CooiM/+CWf/hAbEyE891TiIHsbSlLdibUboClt5MnhpYcN6km
W4ysfPzs1ir+FF8bzMWqoYSh4oSsguYuw58euKP5sB/buTgC6YGrywMniqlmpE9B
aeiiXsvkIVbO4KohFbhmkLdljIBF+hx9uRsyU9LhBdFcjslby65+4ZzS8IMjsoOd
8jo9BBR+ca9X/UU7R8JkIbHNsQj45MNLCvfsXeGXyGtlF2xD8x0zr4/MwtUcmx0g
iWegQX4T9y3iKwfxcjy3kojs42n53jNjAY78obxaYIACB57VQTw1dgUNuQQ=
-----END CERTIFICATE-----
Generated at Sat May 10 19:36:37 2025 by rpki-client