Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4f682f11-7e75-4e6b-b7fa-0675a565922b.roa
File: 4f682f11-7e75-4e6b-b7fa-0675a565922b.roa (raw, json)
Hash identifier: waWcx0ee3hs/MgWRsACtRwDYT1Leh4ac9S0VDz4RflY=
Subject key identifier: 21:08:FA:E0:B6:32:07:7A:6F:98:E5:B9:73:4B:52:F6:DE:41:5A:A0
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 4DA3845CFD64AE33A5276619C47F6DB3074603
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4f682f11-7e75-4e6b-b7fa-0675a565922b.roa
Signing time: Tue 29 Apr 2025 04:28:17 +0000
ROA not before: Tue 29 Apr 2025 04:28:17 +0000
ROA not after: Tue 03 Jun 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 29 Apr 2025 04:43:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
4d:a3:84:5c:fd:64:ae:33:a5:27:66:19:c4:7f:6d:b3:07:46:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Apr 29 04:28:17 2025 GMT
Not After : Jun 3 23:59:59 2025 GMT
Subject: serialNumber=69c59d751f24dd9e9b564005a8e1e5e3ecde644c7ee7964dc22b8c62de9dbba4, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:99:03:02:1e:bb:21:84:fe:c5:c7:c4:10:fd:
51:39:52:a2:c7:4e:b1:4c:56:51:46:e1:fe:e7:27:
24:29:fd:ee:5d:6d:88:a7:bc:bb:c1:2e:b7:90:c1:
2f:06:52:92:80:02:ba:75:d2:85:c7:58:33:02:c6:
30:06:41:cd:ef:6f:9a:fd:cd:ba:ed:50:9d:a1:9f:
6c:55:c4:34:8e:93:96:c7:1c:b6:49:31:5c:35:e0:
e5:ac:d1:87:a6:c9:1e:18:f9:ac:b6:19:7f:25:bc:
84:39:43:0c:0b:0d:dc:55:59:b3:ec:97:65:12:f0:
36:be:f0:fd:ed:18:db:c1:79:14:c5:4b:d5:3d:f8:
00:cc:c2:83:50:35:d4:6a:31:23:63:5c:ac:c3:a9:
a2:fd:9f:02:41:de:40:f3:aa:3f:4b:e4:63:d2:81:
97:54:27:7c:32:b0:d6:b2:79:0a:40:d4:4a:d8:c5:
ce:13:f1:28:51:53:df:d5:4d:43:16:80:f2:04:5f:
f4:5c:fe:bc:be:3c:08:ce:58:df:ec:01:2b:0b:cb:
52:ee:d8:73:12:62:41:a0:e2:e6:89:dd:0b:21:c2:
89:e0:89:5b:91:17:6a:68:6f:e3:7c:d3:08:9f:5e:
bf:3b:97:a7:1b:4c:9b:45:f0:62:74:11:1d:e9:c6:
e7:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:08:FA:E0:B6:32:07:7A:6F:98:E5:B9:73:4B:52:F6:DE:41:5A:A0
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/4f682f11-7e75-4e6b-b7fa-0675a565922b.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9f:c7:84:c5:3e:d8:c3:63:49:16:3f:8e:74:44:8e:61:da:e9:
a4:e1:f4:24:18:9f:28:a4:60:c5:50:9c:a5:9f:98:7f:c2:29:
36:d8:f6:75:36:3b:28:90:3a:c8:a3:a6:b7:e7:36:16:13:08:
8d:2d:82:82:8b:b0:8b:23:b5:30:29:a6:fc:1d:7e:3c:7c:c1:
0f:1c:39:46:9c:03:d3:4d:2a:71:f7:ca:7b:6f:46:12:59:7a:
2d:c3:bf:09:15:2a:a4:eb:ee:aa:be:6d:c4:84:21:2f:9f:b4:
ef:02:68:db:65:8f:c8:00:f3:2e:9b:27:4e:4a:db:82:32:ab:
75:16:a7:b4:2f:57:58:7b:b8:d1:c8:26:c9:8d:84:66:0d:16:
17:1c:75:41:f2:e3:66:d9:4d:89:32:84:01:46:3a:7e:fb:59:
74:08:83:b2:e1:3a:51:07:96:73:bc:a0:ab:3c:5a:4e:89:af:
ba:2c:b8:41:33:c7:21:f1:43:b7:b7:07:dc:a9:77:2e:19:ac:
6c:24:d2:23:c3:0d:0c:ed:9e:35:24:26:84:e7:35:91:f4:3f:
c1:1c:e2:64:aa:e5:6d:f2:22:4c:14:74:9f:f7:0e:19:37:5e:
17:ee:dd:1c:99:b2:e9:ba:53:e3:71:22:b5:26:78:78:5a:03:
a3:1e:31:74
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITTaOEXP1krjOlJ2YZxH9tswdGAzANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzIyNzhhYWI4NzhmMjY2MmNlMTRlOTA1ZTE4ZWJjYjc1MjJm
OTJiMzY4NGJjNDg2NWI0ZDAeFw0yNTA0MjkwNDI4MTdaFw0yNTA2MDMyMzU5NTla
MHoxSTBHBgNVBAUTQDY5YzU5ZDc1MWYyNGRkOWU5YjU2NDAwNWE4ZTFlNWUzZWNk
ZTY0NGM3ZWU3OTY0ZGMyMmI4YzYyZGU5ZGJiYTQxLTArBgNVBAMTJGMwY2UyM2Vh
LTQzZmMtNGJlNC1iZWVlLWMwMTQ3ODEyMmEwZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBALmZAwIeuyGE/sXHxBD9UTlSosdOsUxWUUbh/ucnJCn97l1t
iKe8u8Eut5DBLwZSkoACunXShcdYMwLGMAZBze9vmv3Nuu1QnaGfbFXENI6Tlscc
tkkxXDXg5azRh6bJHhj5rLYZfyW8hDlDDAsN3FVZs+yXZRLwNr7w/e0Y28F5FMVL
1T34AMzCg1A11GoxI2NcrMOpov2fAkHeQPOqP0vkY9KBl1QnfDKw1rJ5CkDUStjF
zhPxKFFT39VNQxaA8gRf9Fz+vL48CM5Y3+wBKwvLUu7YcxJiQaDi5ondCyHCieCJ
W5EXamhv43zTCJ9evzuXpxtMm0XwYnQRHenG5+kCAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBQhCPrgtjIHem+Y5blzS1L23kFaoDAfBgNVHSMEGDAWgBRVqN1F2UQT+dGS
9Sxjzoz7xhSWuDAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MDM1NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzE0MzNlYmZmLWRm
ZDYtNGM1Yy1iN2ZmLTk5Yzg1MTM5ZDRhOC8yNzhhYWI4NzhmMjY2MmNlMTRlOTA1
ZTE4ZWJjYjc1MjJmOTJiMzY4NGJjNDg2NWI0ZC5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8xNmYxZmZlZS03NDYxLTQ2NzQtYmIwNS1mZGRl
ZmE5YTAyYzYvNGY2ODJmMTEtN2U3NS00ZTZiLWI3ZmEtMDY3NWE1NjU5MjJiLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUt
ZmRkZWZhOWEwMmM2L0ptTE9GT2tGNFk2OHQxSXZrck5vUzhTR1cwMC5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEAMckeDANBgkqhkiG9w0BAQsFAAOCAQEAn8eExT7Yw2NJFj+OdESOYdrppOH0
JBifKKRgxVCcpZ+Yf8IpNtj2dTY7KJA6yKOmt+c2FhMIjS2CgouwiyO1MCmm/B1+
PHzBDxw5RpwD000qcffKe29GEll6LcO/CRUqpOvuqr5txIQhL5+07wJo22WPyADz
LpsnTkrbgjKrdRantC9XWHu40cgmyY2EZg0WFxx1QfLjZtlNiTKEAUY6fvtZdAiD
suE6UQeWc7ygqzxaTomvuiy4QTPHIfFDt7cH3Kl3LhmsbCTSI8MNDO2eNSQmhOc1
kfQ/wRziZKrlbfIiTBR0n/cOGTdeF+7dHJmy6bpT43EitSZ4eFoDox4xdA==
-----END CERTIFICATE-----
Generated at Tue May 6 23:36:15 2025 by rpki-client