Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7034028c-1229-457c-a5ad-df468cd02ef3.roa
File: 7034028c-1229-457c-a5ad-df468cd02ef3.roa (raw, json)
Hash identifier: tcVNpd694K32LmfBmt6WTd63bMagbxheBcBcSIe4feA=
Subject key identifier: 1C:07:66:8E:CA:1E:DA:55:5E:CC:F3:E7:A4:C8:81:A9:FD:91:97:31
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 61DA7ACD91E5DB8B1AAC607B1CD7AAE3EC100E74
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7034028c-1229-457c-a5ad-df468cd02ef3.roa
Signing time: Thu 24 Apr 2025 10:08:17 +0000
ROA not before: Thu 24 Apr 2025 10:08:17 +0000
ROA not after: Thu 29 May 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 24 Apr 2025 10:23:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
61:da:7a:cd:91:e5:db:8b:1a:ac:60:7b:1c:d7:aa:e3:ec:10:0e:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Apr 24 10:08:17 2025 GMT
Not After : May 29 23:59:59 2025 GMT
Subject: serialNumber=2368183ad7a0b6b9ec3b0ed4984313e179eb5263444873320fc3ec0eeb65eceb, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fa:0c:66:bb:77:d7:c7:3d:1c:d3:3c:af:bd:
73:68:2b:03:9f:0a:28:77:13:14:e0:27:a0:a6:0e:
f8:4b:e1:2f:c5:03:ed:32:a3:18:ad:82:6a:6c:38:
81:c3:18:70:d4:a4:cb:3c:e1:af:6e:48:4b:eb:7b:
c7:63:5c:8c:ff:25:42:b2:79:dc:39:37:8d:fa:18:
e5:f0:b1:93:f0:09:5a:06:f2:95:cb:16:e4:64:90:
8c:00:38:d7:92:09:7d:94:ee:22:de:bf:60:c9:ca:
ae:a3:cc:c3:98:8f:41:53:d7:0a:66:e8:82:ca:f0:
7a:55:46:d3:c7:72:d2:5e:30:e6:6b:c4:eb:ee:a0:
31:a7:1e:8a:14:ad:ae:d3:86:68:a1:f7:81:99:64:
5d:67:f3:96:39:d7:11:ff:d8:72:90:bb:3a:7a:ed:
95:bc:b1:38:ea:9d:b4:c1:3e:ea:31:b0:f7:d4:0d:
0f:f0:27:cd:46:23:1f:8c:15:1b:0f:9b:53:1d:60:
65:41:60:f7:dd:30:8a:01:c1:6f:d8:96:ec:5d:3f:
df:cc:8d:d9:ea:79:ca:0a:39:7c:02:9c:72:56:01:
73:ed:c7:f4:d4:29:64:99:6c:12:74:25:e2:03:3d:
a2:4e:ba:24:5f:ae:10:90:16:8e:3b:c7:2d:7f:1b:
c4:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1C:07:66:8E:CA:1E:DA:55:5E:CC:F3:E7:A4:C8:81:A9:FD:91:97:31
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7034028c-1229-457c-a5ad-df468cd02ef3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
31:a7:bd:67:26:8e:8d:2b:34:07:65:b1:17:c0:a3:b2:78:fe:
89:81:a6:c6:a3:3c:55:0c:92:09:23:40:06:af:79:de:21:66:
83:54:4c:06:c6:4b:b5:eb:d7:61:aa:14:b8:6c:61:db:f9:89:
dc:f2:8e:f2:d2:69:bd:b6:af:0f:7b:cf:d6:f7:4f:d4:71:3a:
f2:82:ad:86:b0:83:d1:b8:af:3c:a1:f7:e6:a2:45:de:ef:35:
2e:9a:72:f6:f0:aa:6b:88:cc:e8:29:fb:05:59:70:5a:39:9a:
67:7d:fc:ef:f1:10:37:ad:c7:2e:86:0c:c4:0d:29:d4:8b:e9:
49:9e:f4:9b:d5:f0:bb:f2:b8:c6:0e:72:87:c8:5a:7b:e8:c1:
b7:70:0d:a6:ae:0d:6d:db:03:04:91:88:cc:76:af:7a:ef:83:
b0:b1:f1:f0:0d:95:34:10:4c:65:b7:26:60:b9:c1:17:a7:8d:
a7:fb:fc:16:0f:9a:2d:9b:b8:a2:9f:68:1f:a8:4c:ad:42:e2:
c9:d3:83:03:98:3a:4f:f2:fd:41:a9:d7:03:36:60:7a:d3:4f:
0d:d9:f1:5e:c2:39:b5:61:f3:54:57:91:30:6e:8e:fb:50:d7:
ba:73:ad:2f:37:23:73:9f:ff:49:9f:b3:82:0d:32:b9:a7:64:
55:62:95:a1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYdp6zZHl24sarGB7HNeq4+wQDnQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDI0MTAwODE3WhcNMjUwNTI5MjM1OTU5
WjB6MUkwRwYDVQQFE0AyMzY4MTgzYWQ3YTBiNmI5ZWMzYjBlZDQ5ODQzMTNlMTc5
ZWI1MjYzNDQ0ODczMzIwZmMzZWMwZWViNjVlY2ViMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDQ+gxmu3fXxz0c0zyvvXNoKwOfCih3ExTgJ6CmDvhL4S/F
A+0yoxitgmpsOIHDGHDUpMs84a9uSEvre8djXIz/JUKyedw5N436GOXwsZPwCVoG
8pXLFuRkkIwAONeSCX2U7iLev2DJyq6jzMOYj0FT1wpm6ILK8HpVRtPHctJeMOZr
xOvuoDGnHooUra7Thmih94GZZF1n85Y51xH/2HKQuzp67ZW8sTjqnbTBPuoxsPfU
DQ/wJ81GIx+MFRsPm1MdYGVBYPfdMIoBwW/YluxdP9/MjdnqecoKOXwCnHJWAXPt
x/TUKWSZbBJ0JeIDPaJOuiRfrhCQFo47xy1/G8SrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUHAdmjsoe2lVezPPnpMiBqf2RlzEwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzcwMzQwMjhjLTEyMjktNDU3Yy1hNWFkLWRmNDY4Y2QwMmVmMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADGnvWcmjo0rNAdlsRfAo7J4/omB
psajPFUMkgkjQAaved4hZoNUTAbGS7Xr12GqFLhsYdv5idzyjvLSab22rw97z9b3
T9RxOvKCrYawg9G4rzyh9+aiRd7vNS6acvbwqmuIzOgp+wVZcFo5mmd9/O/xEDet
xy6GDMQNKdSL6Ume9JvV8LvyuMYOcofIWnvowbdwDaauDW3bAwSRiMx2r3rvg7Cx
8fANlTQQTGW3JmC5wRenjaf7/BYPmi2buKKfaB+oTK1C4snTgwOYOk/y/UGp1wM2
YHrTTw3Z8V7CObVh81RXkTBujvtQ17pzrS83I3Of/0mfs4INMrmnZFVilaE=
-----END CERTIFICATE-----
Generated at Tue May 6 17:56:37 2025 by rpki-client