Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3eff39f2-0f34-4116-9106-5b9e658d06cc.roa
File: 3eff39f2-0f34-4116-9106-5b9e658d06cc.roa (raw, json)
Hash identifier: hQPk4JkTB99cPu1921HdUTImcUIyXd1JeKWt1rlMV8Y=
Subject key identifier: F6:7E:38:5F:C7:5E:82:2D:7D:B6:9E:F5:2D:4C:E6:A7:8F:20:75:2F
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 0840A972F4BCBECFF19E7D22187EBC5A10B23F82
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3eff39f2-0f34-4116-9106-5b9e658d06cc.roa
Signing time: Sat 29 Mar 2025 13:15:31 +0000
ROA not before: Sat 29 Mar 2025 13:15:31 +0000
ROA not after: Sat 03 May 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sat 29 Mar 2025 13:38:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:40:a9:72:f4:bc:be:cf:f1:9e:7d:22:18:7e:bc:5a:10:b2:3f:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 29 13:15:31 2025 GMT
Not After : May 3 23:59:59 2025 GMT
Subject: serialNumber=1f64e1f793d98716e46d1c7adc631cd915d9e5bf128981f03d3a5ef248c13c6a, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:22:bb:ad:65:2a:2a:c3:4d:cf:56:04:b2:80:
2a:43:9f:9c:a0:07:87:da:f7:d6:43:f1:4d:27:c5:
ba:8b:d9:70:30:e1:44:9c:95:14:77:c2:72:5c:a4:
8d:40:6c:23:ef:04:5c:bf:36:a7:0b:70:b3:c3:28:
fb:a3:12:d6:1f:30:6f:86:c2:69:b5:6b:24:6d:38:
16:d5:d2:61:e8:0d:03:4f:4d:93:67:c6:ba:59:6e:
83:36:ce:72:2c:62:f3:5a:ca:98:c8:b4:d5:5d:68:
12:9d:79:c7:db:f1:bc:98:3d:a5:6c:4e:e4:ca:83:
9c:85:1b:14:b0:05:83:d1:38:e3:45:89:00:5f:45:
2a:aa:e4:ba:f4:05:04:78:df:9f:08:93:9a:f0:d6:
0f:3d:f6:52:3b:f0:77:a6:ac:f7:d0:4d:4d:7f:13:
b3:af:9c:5c:3e:de:ab:95:fa:65:21:a6:f1:f0:35:
fb:01:2f:f6:9f:cb:c7:11:b5:7f:67:a5:df:98:d7:
16:4f:6f:45:a1:4e:85:6d:71:14:58:07:0f:76:32:
84:ab:cd:e6:8d:02:93:8f:6a:7e:32:2c:74:de:59:
29:a6:60:c8:42:e1:6e:12:84:c9:34:49:2a:f5:3e:
6e:e1:4c:cb:f6:b4:91:30:b6:e9:fe:3e:27:2d:21:
74:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:7E:38:5F:C7:5E:82:2D:7D:B6:9E:F5:2D:4C:E6:A7:8F:20:75:2F
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/3eff39f2-0f34-4116-9106-5b9e658d06cc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
60:5d:b0:03:07:34:23:5a:5a:6d:27:cc:9b:46:7c:35:f0:c1:
59:7f:ac:a9:fc:24:64:c0:9c:f4:59:e5:ec:0a:a3:8f:77:86:
34:0f:b0:31:fa:9a:d5:ca:13:08:e5:9d:1c:e0:5c:ea:01:e2:
6d:2b:aa:80:35:50:f5:47:7d:8d:85:cc:79:7c:7f:33:bb:38:
fc:c1:e2:ee:01:ef:9f:78:f6:a6:8e:6b:f9:33:c5:9a:8c:f7:
bb:50:cf:a2:66:ca:86:22:78:0e:e3:d3:54:de:b0:68:e3:a9:
09:69:ec:5c:cd:5d:e3:13:c2:c1:bf:ec:6c:f4:81:38:20:2d:
2a:1d:35:ef:16:cd:23:b3:60:ea:25:81:a3:74:0e:8c:e8:d8:
84:10:cc:ef:1c:56:20:ef:1a:f9:eb:07:fe:cc:b5:ea:a9:61:
04:c0:71:06:4b:a4:98:fa:69:be:7c:34:96:98:6a:d6:09:25:
ce:1e:bb:6a:37:5a:32:a3:ed:09:97:ad:36:06:df:a1:21:bf:
42:b6:de:8d:a8:34:c2:e9:59:35:95:3e:e7:67:62:f7:28:f3:
d7:5a:79:b9:49:5f:54:3a:d0:59:fb:ae:7e:20:c6:0f:be:9e:
53:64:44:24:fe:60:de:11:03:34:5a:ef:aa:36:28:56:6f:30:
16:da:77:b9
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUCECpcvS8vs/xnn0iGH68WhCyP4IwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMzI5MTMxNTMxWhcNMjUwNTAzMjM1OTU5
WjB6MUkwRwYDVQQFE0AxZjY0ZTFmNzkzZDk4NzE2ZTQ2ZDFjN2FkYzYzMWNkOTE1
ZDllNWJmMTI4OTgxZjAzZDNhNWVmMjQ4YzEzYzZhMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCgIrutZSoqw03PVgSygCpDn5ygB4fa99ZD8U0nxbqL2XAw
4USclRR3wnJcpI1AbCPvBFy/NqcLcLPDKPujEtYfMG+Gwmm1ayRtOBbV0mHoDQNP
TZNnxrpZboM2znIsYvNaypjItNVdaBKdecfb8byYPaVsTuTKg5yFGxSwBYPROONF
iQBfRSqq5Lr0BQR4358Ik5rw1g899lI78HemrPfQTU1/E7OvnFw+3quV+mUhpvHw
NfsBL/afy8cRtX9npd+Y1xZPb0WhToVtcRRYBw92MoSrzeaNApOPan4yLHTeWSmm
YMhC4W4ShMk0SSr1Pm7hTMv2tJEwtun+PictIXQhAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU9n44X8degi19tp71LUzmp48gdS8wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzNlZmYzOWYyLTBmMzQtNDExNi05MTA2LTViOWU2NThkMDZjYy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAGBdsAMHNCNaWm0nzJtGfDXwwVl/
rKn8JGTAnPRZ5ewKo493hjQPsDH6mtXKEwjlnRzgXOoB4m0rqoA1UPVHfY2FzHl8
fzO7OPzB4u4B75949qaOa/kzxZqM97tQz6JmyoYieA7j01TesGjjqQlp7FzNXeMT
wsG/7Gz0gTggLSodNe8WzSOzYOolgaN0Dozo2IQQzO8cViDvGvnrB/7MteqpYQTA
cQZLpJj6ab58NJaYatYJJc4eu2o3WjKj7QmXrTYG36Ehv0K23o2oNMLpWTWVPudn
Yvco89daeblJX1Q60Fn7rn4gxg++nlNkRCT+YN4RAzRa76o2KFZvMBbad7k=
-----END CERTIFICATE-----
Generated at Sat Apr 26 16:31:05 2025 by rpki-client