Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6a987b37-709a-4559-a334-9ae4276e23da.roa
File: 6a987b37-709a-4559-a334-9ae4276e23da.roa (raw, json)
Hash identifier: rSZR7ciOQ2ubVw34VThsNOQy+Gc1Lnf7GtVaC6Jtqww=
Subject key identifier: 43:2A:19:40:F3:7B:D1:08:B4:A1:48:68:01:1D:73:D2:4F:1B:56:D7
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 30180CEC21CBC7B49ECA4997838DFD34131488EE
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6a987b37-709a-4559-a334-9ae4276e23da.roa
Signing time: Wed 30 Apr 2025 01:33:20 +0000
ROA not before: Wed 30 Apr 2025 01:33:20 +0000
ROA not after: Wed 04 Jun 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 30 Apr 2025 01:53:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:18:0c:ec:21:cb:c7:b4:9e:ca:49:97:83:8d:fd:34:13:14:88:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Apr 30 01:33:20 2025 GMT
Not After : Jun 4 23:59:59 2025 GMT
Subject: serialNumber=1fe0eaf605809b56c33fe001e62fc8f201929623f442f40d9606231ff9d70471, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:d3:2a:53:8d:51:d7:7f:10:68:a8:a5:fe:df:
91:eb:85:71:e3:ac:b0:d8:9b:67:14:94:e1:b2:e9:
aa:3d:44:9a:54:aa:5d:73:60:04:99:a8:a9:8f:74:
ec:16:78:e9:e6:dc:b4:cb:ae:f0:f1:ee:68:db:bd:
32:86:e6:1a:e6:88:24:a0:1d:f7:13:ce:56:65:1d:
84:93:c6:5e:2c:3c:eb:7e:9c:c4:fa:fe:6e:e1:25:
8e:0c:64:88:57:86:7b:bd:26:2e:73:8e:e2:0e:de:
db:a9:a0:75:17:6c:ea:15:e6:b5:dc:0e:84:fb:27:
be:b6:87:63:3d:89:0a:f6:53:95:39:f0:c8:54:d0:
f6:ff:8e:70:02:ac:f8:8a:95:bc:ae:96:77:6a:94:
f9:2b:6d:3b:4b:24:0d:09:0e:9b:3a:6b:e0:ba:15:
79:f1:cf:58:d8:14:5c:2a:1b:01:60:bb:4a:b3:28:
fc:f7:3f:05:00:66:af:f1:34:d1:4e:ea:f8:bd:44:
c9:9b:52:cf:ef:0e:3b:83:8b:84:b1:30:db:90:18:
bf:86:e7:0e:6f:15:92:20:1a:e8:27:8e:7f:90:43:
2d:6c:41:79:ca:2a:d5:25:bf:50:90:a9:ba:38:b1:
42:1b:9c:1f:c3:8d:ee:3a:dd:ab:0b:7d:1e:d8:38:
b1:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:2A:19:40:F3:7B:D1:08:B4:A1:48:68:01:1D:73:D2:4F:1B:56:D7
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/6a987b37-709a-4559-a334-9ae4276e23da.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
82:e8:b7:a4:31:08:64:3b:99:d7:38:11:17:d0:ea:96:c2:1d:
9b:f6:9b:a3:10:93:29:0f:ff:c6:f3:a2:57:36:f1:9c:76:78:
1a:62:c9:75:40:e4:29:54:e0:e9:f2:42:0a:36:fe:f7:9c:4d:
59:51:6c:45:83:76:e4:c1:a7:8d:c6:c3:15:c9:07:31:d7:24:
68:26:4e:c4:f3:62:c7:94:e3:f3:8b:df:0e:a6:cd:27:0c:3d:
b0:82:5d:30:78:6a:7f:63:50:5f:01:e4:79:bf:01:cd:40:7d:
c9:4a:36:2f:21:1f:6f:1d:da:fa:c0:a5:14:ab:98:e1:21:db:
1e:d4:98:2c:d7:09:7a:7a:35:6b:70:7e:7a:ef:e8:6b:ff:46:
60:a5:1c:d2:2e:0d:8e:7c:6e:af:bf:3b:f0:04:9b:8c:11:e7:
99:78:b5:10:07:62:9e:cc:8e:90:64:e3:7e:62:df:49:23:12:
8b:10:f1:ed:67:77:4e:d8:69:c8:40:6b:ff:ed:42:f6:dd:dd:
bd:8c:df:6b:d5:8a:9e:be:96:0d:ed:4a:69:90:5a:44:0a:0b:
60:37:e3:d0:5f:67:f7:d1:51:25:30:c2:69:3c:84:a4:ea:0a:
81:ae:4b:68:67:f0:94:e8:8c:96:5e:54:a0:6d:81:1e:9a:f8:
a8:5e:d8:8e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMBgM7CHLx7SeykmXg439NBMUiO4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDMwMDEzMzIwWhcNMjUwNjA0MjM1OTU5
WjB6MUkwRwYDVQQFE0AxZmUwZWFmNjA1ODA5YjU2YzMzZmUwMDFlNjJmYzhmMjAx
OTI5NjIzZjQ0MmY0MGQ5NjA2MjMxZmY5ZDcwNDcxMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC/0ypTjVHXfxBoqKX+35HrhXHjrLDYm2cUlOGy6ao9RJpU
ql1zYASZqKmPdOwWeOnm3LTLrvDx7mjbvTKG5hrmiCSgHfcTzlZlHYSTxl4sPOt+
nMT6/m7hJY4MZIhXhnu9Ji5zjuIO3tupoHUXbOoV5rXcDoT7J762h2M9iQr2U5U5
8MhU0Pb/jnACrPiKlbyulndqlPkrbTtLJA0JDps6a+C6FXnxz1jYFFwqGwFgu0qz
KPz3PwUAZq/xNNFO6vi9RMmbUs/vDjuDi4SxMNuQGL+G5w5vFZIgGugnjn+QQy1s
QXnKKtUlv1CQqbo4sUIbnB/Dje463asLfR7YOLHLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUQyoZQPN70Qi0oUhoAR1z0k8bVtcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzZhOTg3YjM3LTcwOWEtNDU1OS1hMzM0LTlhZTQyNzZlMjNkYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAILot6QxCGQ7mdc4ERfQ6pbCHZv2
m6MQkykP/8bzolc28Zx2eBpiyXVA5ClU4OnyQgo2/vecTVlRbEWDduTBp43GwxXJ
BzHXJGgmTsTzYseU4/OL3w6mzScMPbCCXTB4an9jUF8B5Hm/Ac1AfclKNi8hH28d
2vrApRSrmOEh2x7UmCzXCXp6NWtwfnrv6Gv/RmClHNIuDY58bq+/O/AEm4wR55l4
tRAHYp7MjpBk435i30kjEosQ8e1nd07YachAa//tQvbd3b2M32vVip6+lg3tSmmQ
WkQKC2A349BfZ/fRUSUwwmk8hKTqCoGuS2hn8JTojJZeVKBtgR6a+Khe2I4=
-----END CERTIFICATE-----
Generated at Wed May 7 17:17:10 2025 by rpki-client