Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7a8e5a24-5bb1-43c4-9aea-f0e4449506cd.roa
File: 7a8e5a24-5bb1-43c4-9aea-f0e4449506cd.roa (raw, json)
Hash identifier: 69nKTFWNJc+NbFiWXXo3iUsbmFZFlwAtqszwJrlnzfk=
Subject key identifier: BB:2E:51:65:55:B8:13:90:D4:D7:C2:BD:64:50:24:07:C4:A5:71:04
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 2FB96F1A7F6DE1C9827E09760DD7F7CBEC19090F
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7a8e5a24-5bb1-43c4-9aea-f0e4449506cd.roa
Signing time: Thu 01 May 2025 16:33:17 +0000
ROA not before: Thu 01 May 2025 16:33:17 +0000
ROA not after: Thu 05 Jun 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 01 May 2025 16:53:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2f:b9:6f:1a:7f:6d:e1:c9:82:7e:09:76:0d:d7:f7:cb:ec:19:09:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: May 1 16:33:17 2025 GMT
Not After : Jun 5 23:59:59 2025 GMT
Subject: serialNumber=0a3fb89592b096fd6080bd2be8a0076424f239d16bc4df7ff5aca278dd5eda6f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:25:e7:75:8d:eb:0c:1b:3e:1f:df:56:b5:65:
30:a9:d0:55:34:0b:d1:4a:2c:bf:38:ad:75:0f:56:
86:db:f5:24:c0:18:ca:0a:99:d0:84:17:2f:34:73:
54:a1:7e:0d:7e:02:b1:1b:0e:e7:9e:1a:b1:ce:1f:
d3:21:51:03:29:43:41:7f:d0:77:de:04:00:8a:ec:
ad:39:54:41:bc:a9:9a:23:8b:f1:c8:83:f2:8e:ea:
31:46:d8:3b:59:4f:e8:43:77:9e:04:58:86:10:77:
c2:85:76:a1:49:ad:0d:5b:6e:88:e7:98:e7:4e:b1:
22:74:51:60:92:16:f3:e0:96:91:03:d1:5e:f7:72:
40:b3:71:9c:bc:56:59:5e:f1:f8:ac:d7:09:b9:35:
ff:15:e4:3d:36:cb:6b:79:51:b2:82:9b:e3:e2:fb:
c9:a1:c6:1c:14:86:7b:f8:a5:58:6d:c1:88:98:a2:
32:cd:1c:19:80:e8:b9:6b:aa:f7:8b:44:de:67:70:
07:87:7e:e4:79:54:8e:80:e8:5d:b5:8d:79:38:4f:
fe:40:0e:d7:8b:0d:ff:38:84:bd:2d:34:9c:40:53:
3b:fc:f6:66:67:07:2c:4d:b4:bd:d7:4a:16:08:43:
65:f8:e8:1b:ef:eb:6e:72:9e:6b:b7:51:1b:db:2e:
ba:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:2E:51:65:55:B8:13:90:D4:D7:C2:BD:64:50:24:07:C4:A5:71:04
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/7a8e5a24-5bb1-43c4-9aea-f0e4449506cd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:e4:26:44:48:14:51:d4:73:9b:e8:c2:36:91:fc:76:14:d8:
8b:6d:04:0c:d9:12:0a:1d:bc:53:e7:ee:a5:6e:1b:e6:11:3e:
4b:9c:78:85:d6:4b:00:54:bd:fd:05:9b:9c:88:ef:44:58:d3:
ef:f6:2d:22:26:52:1b:ff:cd:9f:d9:8d:1f:06:07:a9:66:85:
13:01:66:73:9f:fe:6e:9e:d8:43:1d:28:1a:12:dc:5d:de:be:
1e:ef:2d:fa:25:ce:6e:f8:bb:29:70:87:b3:09:3d:2f:80:03:
84:50:37:75:6f:88:68:86:ed:6b:e0:5c:c9:99:6b:cb:fb:18:
b3:12:28:49:ff:c2:31:32:4e:c2:6d:c9:b0:bb:8a:26:b1:9d:
7f:99:05:60:0f:f7:43:34:a5:a9:b9:6e:00:a2:ad:37:54:4a:
a0:c2:95:27:e2:2e:87:0f:81:73:97:01:5f:89:5c:65:7a:e4:
68:fa:9c:e5:14:c7:04:a2:b0:e1:39:19:a2:ff:a2:9e:7a:58:
27:d0:14:35:19:20:cc:10:5f:ba:a6:ab:cb:94:93:e4:6b:b2:
67:b1:96:86:a3:6e:da:18:d4:dd:f7:e1:af:3b:d3:1d:6c:a5:
98:74:8b:04:f1:51:74:55:e6:67:34:68:24:ff:fd:4f:2f:44:
36:17:ae:1a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUL7lvGn9t4cmCfgl2Ddf3y+wZCQ8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNTAxMTYzMzE3WhcNMjUwNjA1MjM1OTU5
WjB6MUkwRwYDVQQFE0AwYTNmYjg5NTkyYjA5NmZkNjA4MGJkMmJlOGEwMDc2NDI0
ZjIzOWQxNmJjNGRmN2ZmNWFjYTI3OGRkNWVkYTZmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDDJed1jesMGz4f31a1ZTCp0FU0C9FKLL84rXUPVobb9STA
GMoKmdCEFy80c1Shfg1+ArEbDueeGrHOH9MhUQMpQ0F/0HfeBACK7K05VEG8qZoj
i/HIg/KO6jFG2DtZT+hDd54EWIYQd8KFdqFJrQ1bbojnmOdOsSJ0UWCSFvPglpED
0V73ckCzcZy8Vlle8fis1wm5Nf8V5D02y2t5UbKCm+Pi+8mhxhwUhnv4pVhtwYiY
ojLNHBmA6LlrqveLRN5ncAeHfuR5VI6A6F21jXk4T/5ADteLDf84hL0tNJxAUzv8
9mZnByxNtL3XShYIQ2X46Bvv625ynmu3URvbLrozAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUuy5RZVW4E5DU18K9ZFAkB8SlcQQwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzdhOGU1YTI0LTViYjEtNDNjNC05YWVhLWYwZTQ0NDk1MDZjZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEzkJkRIFFHUc5vowjaR/HYU2Itt
BAzZEgodvFPn7qVuG+YRPkuceIXWSwBUvf0Fm5yI70RY0+/2LSImUhv/zZ/ZjR8G
B6lmhRMBZnOf/m6e2EMdKBoS3F3evh7vLfolzm74uylwh7MJPS+AA4RQN3VviGiG
7WvgXMmZa8v7GLMSKEn/wjEyTsJtybC7iiaxnX+ZBWAP90M0pam5bgCirTdUSqDC
lSfiLocPgXOXAV+JXGV65Gj6nOUUxwSisOE5GaL/op56WCfQFDUZIMwQX7qmq8uU
k+RrsmexloajbtoY1N334a870x1spZh0iwTxUXRV5mc0aCT//U8vRDYXrho=
-----END CERTIFICATE-----
Generated at Thu May 8 00:13:34 2025 by rpki-client