Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a61a4abf-4401-4928-9266-27d34cd5c737.roa
File: a61a4abf-4401-4928-9266-27d34cd5c737.roa (raw, json)
Hash identifier: 9UNULEt2ngA7GcrO24uq9YgTs1KJwN4b969aRj5tx4A=
Subject key identifier: 3B:F3:8F:C6:27:93:08:F8:B9:96:CC:32:C3:75:6C:55:B8:49:C3:79
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 30DAF0BC507B684D08968C4209E7A1F7EAE14C08
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a61a4abf-4401-4928-9266-27d34cd5c737.roa
Signing time: Mon 05 May 2025 00:03:14 +0000
ROA not before: Mon 05 May 2025 00:03:14 +0000
ROA not after: Mon 09 Jun 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 05 May 2025 00:23:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
30:da:f0:bc:50:7b:68:4d:08:96:8c:42:09:e7:a1:f7:ea:e1:4c:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: May 5 00:03:14 2025 GMT
Not After : Jun 9 23:59:59 2025 GMT
Subject: serialNumber=3d037240f0f207326783877de71681ba457d1edb02e859689cc961d67b18bf55, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:e4:03:50:a9:7f:9e:41:a7:79:6c:af:3b:5e:
28:de:35:90:e0:40:e6:67:b5:9c:10:75:2a:a1:5d:
67:58:35:ab:12:f8:44:d4:2c:a7:07:81:a6:ec:3a:
80:5d:24:3d:57:bb:aa:c3:ce:32:77:70:3e:89:67:
67:c0:aa:fb:e8:bc:cb:be:a4:61:ff:be:94:01:d5:
9a:38:ab:48:00:15:6e:24:0c:5e:eb:46:22:94:a9:
30:a5:7a:dd:df:5f:f5:05:26:9b:cc:8d:08:f6:b5:
5a:10:d9:0a:57:40:2c:dd:69:cd:cc:cc:32:a6:77:
7a:81:1c:bd:e7:17:78:38:b0:74:e6:c6:50:d4:67:
b5:4e:b0:a8:6d:8a:85:4d:01:1c:2a:0b:eb:7e:67:
18:9a:13:42:21:be:c6:63:6e:01:0c:4e:9c:f2:af:
d2:dd:d7:dd:a8:e4:f2:bb:61:d1:5e:31:fb:b5:bd:
00:5b:80:d9:21:2d:b3:15:b1:ba:0c:5e:9c:ae:f7:
92:66:0c:65:40:ab:fb:79:78:53:3e:a1:53:72:d9:
b1:2b:49:da:fa:5b:bf:71:03:06:8f:38:48:1a:72:
55:f9:4a:97:8a:82:94:77:49:05:57:d3:69:8f:46:
84:5d:24:97:7c:dd:78:fb:a2:08:df:25:91:f7:53:
89:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F3:8F:C6:27:93:08:F8:B9:96:CC:32:C3:75:6C:55:B8:49:C3:79
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/a61a4abf-4401-4928-9266-27d34cd5c737.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:c2:20:c8:1a:da:72:96:21:1e:9d:7a:3b:a9:e4:4b:26:93:
4f:cf:9b:0c:50:48:77:b6:5c:58:e5:9a:16:e6:5e:d6:85:88:
9e:c6:f2:e9:b5:85:80:e7:6a:26:a3:97:2d:1a:58:a3:89:e1:
76:2d:d1:da:71:21:20:35:b0:1c:e9:e4:15:bb:4c:e8:ee:ba:
74:44:ee:da:d1:cb:a5:bf:e7:75:64:80:f5:97:2c:36:7a:93:
ab:35:51:79:26:18:19:58:e0:ff:08:38:2b:a7:fc:99:69:af:
d0:f8:49:70:0a:19:13:36:41:cf:3e:90:dd:34:5a:d5:06:a0:
51:96:18:09:5f:19:4b:6d:2c:63:b1:29:0a:ba:8d:19:41:39:
eb:e3:dc:a1:32:e2:0d:90:de:07:dd:a3:b5:40:6c:79:1c:7b:
56:d1:5f:ed:fa:f2:39:c7:b3:c5:52:e4:e7:07:ee:19:08:65:
51:ec:26:11:76:8d:ce:11:30:4d:40:ce:b4:eb:51:d3:50:ee:
06:1e:93:ec:1d:92:6e:7e:c5:56:de:6b:c8:0c:0f:46:18:12:
d0:bf:fb:19:e9:d2:bc:78:70:b5:82:a4:71:f9:20:0f:87:8d:
b8:0a:c9:b9:0c:e0:00:cf:40:6d:74:5a:b9:8f:b0:bc:87:7b:
e2:05:28:70
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUMNrwvFB7aE0IloxCCeeh9+rhTAgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNTA1MDAwMzE0WhcNMjUwNjA5MjM1OTU5
WjB6MUkwRwYDVQQFE0AzZDAzNzI0MGYwZjIwNzMyNjc4Mzg3N2RlNzE2ODFiYTQ1
N2QxZWRiMDJlODU5Njg5Y2M5NjFkNjdiMThiZjU1MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCz5ANQqX+eQad5bK87XijeNZDgQOZntZwQdSqhXWdYNasS
+ETULKcHgabsOoBdJD1Xu6rDzjJ3cD6JZ2fAqvvovMu+pGH/vpQB1Zo4q0gAFW4k
DF7rRiKUqTClet3fX/UFJpvMjQj2tVoQ2QpXQCzdac3MzDKmd3qBHL3nF3g4sHTm
xlDUZ7VOsKhtioVNARwqC+t+ZxiaE0IhvsZjbgEMTpzyr9Ld192o5PK7YdFeMfu1
vQBbgNkhLbMVsboMXpyu95JmDGVAq/t5eFM+oVNy2bErSdr6W79xAwaPOEgaclX5
SpeKgpR3SQVX02mPRoRdJJd83Xj7ogjfJZH3U4lhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUO/OPxieTCPi5lswyw3VsVbhJw3kwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2E2MWE0YWJmLTQ0MDEtNDkyOC05MjY2LTI3ZDM0Y2Q1YzczNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBADrCIMga2nKWIR6dejup5Esmk0/P
mwxQSHe2XFjlmhbmXtaFiJ7G8um1hYDnaiajly0aWKOJ4XYt0dpxISA1sBzp5BW7
TOjuunRE7trRy6W/53VkgPWXLDZ6k6s1UXkmGBlY4P8IOCun/Jlpr9D4SXAKGRM2
Qc8+kN00WtUGoFGWGAlfGUttLGOxKQq6jRlBOevj3KEy4g2Q3gfdo7VAbHkce1bR
X+368jnHs8VS5OcH7hkIZVHsJhF2jc4RME1AzrTrUdNQ7gYek+wdkm5+xVbea8gM
D0YYEtC/+xnp0rx4cLWCpHH5IA+HjbgKybkM4ADPQG10WrmPsLyHe+IFKHA=
-----END CERTIFICATE-----
Generated at Wed May 7 06:21:50 2025 by rpki-client