Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3b2d19ee-02c9-42fb-8452-1b4adaa2b004.roa
File: 3b2d19ee-02c9-42fb-8452-1b4adaa2b004.roa (raw, json)
Hash identifier: alWboDKRsVK3kxRjmhLzR9z5T4aaPZSo9SdLFJj4ExY=
Subject key identifier: 4C:04:31:C6:FA:6A:4C:03:0F:1A:72:33:5C:AC:7A:52:55:F2:58:26
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 38CEFAA6BB7BCF158AF5C80BE9BEB0EDDC78C0F5
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3b2d19ee-02c9-42fb-8452-1b4adaa2b004.roa
Signing time: Sat 07 Jun 2025 19:58:19 +0000
ROA not before: Sat 07 Jun 2025 19:58:19 +0000
ROA not after: Sat 12 Jul 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 07 Jun 2025 20:18:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
38:ce:fa:a6:bb:7b:cf:15:8a:f5:c8:0b:e9:be:b0:ed:dc:78:c0:f5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 7 19:58:19 2025 GMT
Not After : Jul 12 23:59:59 2025 GMT
Subject: serialNumber=8402524431a5fccbff81ec9c4651c016b12d3e938d65d6c1b7cff9388e7b5400, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:4c:20:7b:31:58:90:6f:83:94:e7:91:90:e8:
55:aa:71:a1:a8:64:9c:2f:d1:33:5d:3a:05:39:36:
8f:45:f8:b2:1c:00:89:20:b8:7a:de:85:9b:8e:7b:
5c:ff:54:80:0c:65:7d:70:00:34:56:f8:e2:c3:e5:
37:07:1e:34:8f:82:c7:1a:2e:fd:5c:dd:65:9f:87:
c6:6c:7b:69:1b:09:12:ba:ad:8b:9e:0e:d4:9b:d7:
d9:fa:5d:90:4e:3c:8d:e7:f5:da:d1:54:4d:3c:4b:
57:14:06:7e:23:91:88:d2:5b:46:f9:8e:c4:87:83:
fe:c0:d8:ad:f8:8e:73:1e:8a:ef:f2:77:00:81:c4:
b6:1b:8e:80:a7:74:03:0a:6f:33:43:65:29:47:a5:
24:b2:9e:c5:df:7f:0f:b9:15:d7:03:14:6b:2f:f4:
c9:67:82:0a:b5:1e:83:24:76:dc:09:3f:7a:63:be:
49:df:e3:b7:ea:23:f9:03:fe:02:d7:6d:e4:8f:22:
80:e5:94:12:2d:e1:16:49:b2:b5:1d:85:dc:f5:2f:
4a:9d:cb:de:0d:ef:0d:21:ce:78:94:c9:71:4b:98:
eb:73:74:19:28:a5:c5:61:70:a1:c7:c3:fd:98:6f:
cd:c9:04:a0:c9:95:84:1e:18:c3:91:8e:eb:87:25:
33:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:04:31:C6:FA:6A:4C:03:0F:1A:72:33:5C:AC:7A:52:55:F2:58:26
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3b2d19ee-02c9-42fb-8452-1b4adaa2b004.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
52:bc:50:f3:aa:dc:ad:c3:e7:04:1c:08:47:69:bc:5d:e2:df:
a1:10:77:a8:14:75:e7:0f:7c:f9:37:f9:4d:82:f5:31:f6:4f:
d0:53:a8:20:8d:06:52:db:b4:00:25:ed:8d:67:31:b7:8f:53:
33:b1:24:7b:c7:61:68:fb:3c:fe:f7:8a:8b:0c:67:0e:2d:cc:
8f:4c:ad:e4:3f:fc:00:84:56:55:ab:34:53:09:39:ef:66:48:
3a:e2:c2:96:cb:97:69:74:97:24:67:6f:14:72:99:55:6f:eb:
d2:ad:b2:8b:a3:f7:ec:13:ab:22:1b:66:06:9a:c6:8c:a6:0a:
af:b3:2d:07:71:aa:a9:f7:73:a5:d1:01:db:3a:d6:5c:00:d4:
2d:4b:25:b1:e4:de:8a:ae:c8:c2:cd:a3:05:37:86:57:0d:0f:
6e:d9:36:cb:85:32:72:3b:15:bc:5b:31:51:ef:b9:c1:95:ef:
2a:a2:f2:8a:9a:78:27:25:c1:3c:c4:39:3c:a9:54:3e:78:6f:
9a:b9:7d:45:3b:b6:ed:86:d2:65:c9:88:f5:93:58:d0:bb:18:
10:b0:a5:ba:97:1c:ff:fd:42:b3:00:c7:b6:e9:bc:91:4b:e9:
09:7b:ab:dd:ef:59:31:78:56:62:e8:14:a3:26:34:31:97:5a:
6d:f6:b0:8e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUOM76prt7zxWK9cgL6b6w7dx4wPUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNjA3MTk1ODE5WhcNMjUwNzEyMjM1OTU5
WjB6MUkwRwYDVQQFE0A4NDAyNTI0NDMxYTVmY2NiZmY4MWVjOWM0NjUxYzAxNmIx
MmQzZTkzOGQ2NWQ2YzFiN2NmZjkzODhlN2I1NDAwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCrTCB7MViQb4OU55GQ6FWqcaGoZJwv0TNdOgU5No9F+LIc
AIkguHrehZuOe1z/VIAMZX1wADRW+OLD5TcHHjSPgscaLv1c3WWfh8Zse2kbCRK6
rYueDtSb19n6XZBOPI3n9drRVE08S1cUBn4jkYjSW0b5jsSHg/7A2K34jnMeiu/y
dwCBxLYbjoCndAMKbzNDZSlHpSSynsXffw+5FdcDFGsv9Mlnggq1HoMkdtwJP3pj
vknf47fqI/kD/gLXbeSPIoDllBIt4RZJsrUdhdz1L0qdy94N7w0hzniUyXFLmOtz
dBkopcVhcKHHw/2Yb83JBKDJlYQeGMORjuuHJTOrAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTAQxxvpqTAMPGnIzXKx6UlXyWCYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzNiMmQxOWVlLTAyYzktNDJmYi04NDUyLTFiNGFkYWEyYjAwNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFK8UPOq3K3D5wQcCEdpvF3i36EQ
d6gUdecPfPk3+U2C9TH2T9BTqCCNBlLbtAAl7Y1nMbePUzOxJHvHYWj7PP73iosM
Zw4tzI9MreQ//ACEVlWrNFMJOe9mSDriwpbLl2l0lyRnbxRymVVv69Ktsouj9+wT
qyIbZgaaxoymCq+zLQdxqqn3c6XRAds61lwA1C1LJbHk3oquyMLNowU3hlcND27Z
NsuFMnI7FbxbMVHvucGV7yqi8oqaeCclwTzEOTypVD54b5q5fUU7tu2G0mXJiPWT
WNC7GBCwpbqXHP/9QrMAx7bpvJFL6Ql7q93vWTF4VmLoFKMmNDGXWm32sI4=
-----END CERTIFICATE-----
Generated at Mon Jun 16 20:25:59 2025 by rpki-client