Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/9761c5a0-4e06-4534-a45f-5dce788a2329.roa
File: 9761c5a0-4e06-4534-a45f-5dce788a2329.roa (raw, json)
Hash identifier: dhGrocC5hkTvhPtGDVqeDv49u+6euo4M4Sf/Pv6cCyU=
Subject key identifier: D6:D8:5B:BA:96:49:3D:A2:71:3D:04:BE:52:46:DF:7D:E5:57:E6:E4
Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial: 27F8A8C80C98D460F3B2DAF2E06443169C0F1958
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/9761c5a0-4e06-4534-a45f-5dce788a2329.roa
Signing time: Mon 28 Apr 2025 15:30:21 +0000
ROA not before: Mon 28 Apr 2025 15:30:21 +0000
ROA not after: Mon 02 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.96.5.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 06 May 2025 01:07:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:f8:a8:c8:0c:98:d4:60:f3:b2:da:f2:e0:64:43:16:9c:0f:19:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Validity
Not Before: Apr 28 15:30:21 2025 GMT
Not After : Jun 2 23:59:59 2025 GMT
Subject: serialNumber=a871cec67111d79470db77b4784e71b6b2f04a71f3f2530bd83dea17cf012766, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:41:ad:d1:18:32:26:f1:47:df:4b:9d:17:c9:
2d:9e:44:e2:e3:58:fe:2a:01:55:f0:63:f5:72:25:
bf:26:b2:f1:3b:7d:24:c7:ca:c7:a3:79:14:d5:89:
cb:3e:18:93:66:c0:26:a0:c8:cd:ad:a6:90:c8:9b:
87:aa:81:0f:74:ae:97:19:75:a1:8c:1d:55:3d:cf:
3e:75:ae:51:f7:21:39:94:a7:9e:c8:e5:b0:5b:13:
80:46:ef:66:22:3d:1e:d1:bc:44:f8:0a:9a:71:c7:
8b:a2:f2:48:77:11:80:83:12:fe:22:3e:f7:9c:6d:
b5:62:b1:19:6f:17:b8:55:9c:a1:55:c2:80:3b:4e:
38:6a:77:2a:62:62:d2:5d:0c:a6:ae:39:43:11:68:
0a:fe:fd:2d:d9:a0:34:8f:04:0a:48:2c:e6:9a:51:
ff:8d:63:f0:55:b9:c2:a2:ce:52:13:3c:88:56:9b:
68:1b:5c:36:61:48:95:8d:48:5a:9a:fa:aa:6f:df:
0a:f0:a0:8a:29:a2:d8:6f:5b:e9:6c:6b:ff:ee:2c:
b1:96:a3:f1:6a:c8:25:7e:db:5e:4d:ce:f5:ea:1e:
20:80:71:51:8e:08:c6:7d:9f:b7:85:60:72:7a:09:
60:0b:29:bc:d7:74:45:1a:b0:df:b8:0b:91:2b:d5:
f4:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:D8:5B:BA:96:49:3D:A2:71:3D:04:BE:52:46:DF:7D:E5:57:E6:E4
X509v3 Authority Key Identifier:
keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/9761c5a0-4e06-4534-a45f-5dce788a2329.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.96.5.0/24
Signature Algorithm: sha256WithRSAEncryption
35:fb:e1:f3:01:d0:dc:91:a6:fb:ac:a3:f8:25:af:4c:1c:f6:
9d:36:07:c3:81:a2:11:13:d5:96:f9:5f:ee:6c:05:b6:55:b7:
97:2f:67:68:0a:79:49:8e:32:27:eb:cf:7b:8a:de:19:5b:dd:
0e:27:17:cf:e9:ce:6e:b1:3e:25:f6:17:06:e4:30:03:af:62:
f0:14:3b:a3:1a:b0:a4:60:32:36:b4:82:44:af:50:84:b2:f2:
f9:44:be:ee:38:46:57:21:ba:81:72:d1:a9:fc:94:31:01:af:
22:93:e8:97:81:96:2f:62:da:83:c0:2c:e9:e3:18:15:da:98:
02:d6:6d:db:6b:9d:79:e2:f5:a6:24:ce:c6:e1:47:43:f1:5b:
bb:38:46:7c:ca:4b:52:55:1e:0d:2c:85:63:45:59:3f:c2:29:
74:d2:98:c5:63:2b:56:a7:eb:b6:75:a2:5e:bc:89:8c:d1:ef:
1e:c3:62:2a:33:48:80:a9:e3:3a:c2:7e:db:a2:91:ee:71:a4:
d2:eb:bb:1a:b6:bf:53:ba:1e:7a:df:a8:61:f9:d7:20:de:5b:
2b:7c:57:6d:12:25:3f:2b:a8:e8:ec:ed:4c:d9:11:34:2a:ef:
3f:f7:07:a6:ab:ac:ce:dc:04:00:c8:8f:82:30:4f:a5:ef:91:
e1:87:2f:e1
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJ/ioyAyY1GDzstry4GRDFpwPGVgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNDI4MTUzMDIxWhcNMjUwNjAyMjM1OTU5
WjB6MUkwRwYDVQQFE0BhODcxY2VjNjcxMTFkNzk0NzBkYjc3YjQ3ODRlNzFiNmIy
ZjA0YTcxZjNmMjUzMGJkODNkZWExN2NmMDEyNzY2MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+Qa3RGDIm8UffS50XyS2eROLjWP4qAVXwY/VyJb8msvE7
fSTHysejeRTVics+GJNmwCagyM2tppDIm4eqgQ90rpcZdaGMHVU9zz51rlH3ITmU
p57I5bBbE4BG72YiPR7RvET4Cppxx4ui8kh3EYCDEv4iPvecbbVisRlvF7hVnKFV
woA7TjhqdypiYtJdDKauOUMRaAr+/S3ZoDSPBApILOaaUf+NY/BVucKizlITPIhW
m2gbXDZhSJWNSFqa+qpv3wrwoIopothvW+lsa//uLLGWo/FqyCV+215NzvXqHiCA
cVGOCMZ9n7eFYHJ6CWALKbzXdEUasN+4C5Er1fQpAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU1thbupZJPaJxPQS+UkbffeVX5uQwHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzk3NjFjNWEwLTRlMDYtNDUzNC1hNDVmLTVkY2U3ODhhMjMyOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYAUwDQYJKoZIhvcNAQELBQADggEBADX74fMB0NyRpvuso/glr0wc9p02
B8OBohET1Zb5X+5sBbZVt5cvZ2gKeUmOMifrz3uK3hlb3Q4nF8/pzm6xPiX2Fwbk
MAOvYvAUO6MasKRgMja0gkSvUISy8vlEvu44RlchuoFy0an8lDEBryKT6JeBli9i
2oPALOnjGBXamALWbdtrnXni9aYkzsbhR0PxW7s4RnzKS1JVHg0shWNFWT/CKXTS
mMVjK1an67Z1ol68iYzR7x7DYiozSICp4zrCftuike5xpNLruxq2v1O6HnrfqGH5
1yDeWyt8V20SJT8rqOjs7UzZETQq7z/3B6arrM7cBADIj4IwT6XvkeGHL+E=
-----END CERTIFICATE-----
Generated at Sun May 11 21:50:38 2025 by rpki-client