Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/58fc2718-fe0d-48f9-a45c-31fc50b1dabd.roa
File: 58fc2718-fe0d-48f9-a45c-31fc50b1dabd.roa (raw, json)
Hash identifier: LJV7fx75q1/HX4Q37cIrMcjJZHQO8PtD8enQo/D9/R0=
Subject key identifier: 80:1C:54:4F:59:88:84:7B:B4:A0:FD:E1:4C:7D:4E:28:95:3F:B3:47
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6083529B43B8D98F0D7714DD26C62732439EAB6C
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/58fc2718-fe0d-48f9-a45c-31fc50b1dabd.roa
Signing time: Wed 23 Apr 2025 18:08:18 +0000
ROA not before: Wed 23 Apr 2025 18:08:18 +0000
ROA not after: Wed 28 May 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 23 Apr 2025 18:23:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
60:83:52:9b:43:b8:d9:8f:0d:77:14:dd:26:c6:27:32:43:9e:ab:6c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Apr 23 18:08:18 2025 GMT
Not After : May 28 23:59:59 2025 GMT
Subject: serialNumber=f30ca2e80e4a7bfcaa79e69ace89c6a13e7bb1f2810eadd6d3a157a1d789e81f, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:87:73:7a:4d:4f:85:c8:97:f0:ba:af:b5:5e:
db:0b:50:4f:9b:85:3c:53:5b:8d:ad:78:03:93:ab:
2f:ea:da:00:7c:40:29:ab:27:9c:de:62:e2:10:1e:
09:af:14:34:9e:bf:67:24:01:25:bc:b9:fb:fe:9d:
60:24:ee:1f:96:5f:e9:2f:ef:91:ed:33:23:72:41:
4c:cd:4d:f7:c1:1d:12:e4:c1:df:ee:26:9c:13:3e:
ad:94:6a:1e:a9:ba:9d:50:8a:c1:bd:1d:ea:27:b2:
3d:40:f3:98:33:75:df:03:45:14:86:50:38:e0:01:
0b:ff:d2:84:02:c7:6c:f5:b9:11:0e:ba:b7:d3:ad:
9c:0b:80:63:3d:ac:1d:34:92:6e:9f:68:4e:03:fb:
35:27:1d:ed:17:11:7b:32:33:17:f2:53:94:90:13:
f7:ff:6f:2f:0d:9d:cc:21:dc:70:2d:84:2b:67:dd:
cf:c5:0c:47:94:8e:42:4d:09:1a:70:52:12:dc:6a:
b9:fb:b6:13:44:e3:70:be:57:25:64:67:53:4c:96:
f0:2b:7f:bd:b4:4f:6a:01:50:32:e0:35:3e:35:47:
b9:8a:2f:3b:5d:e4:69:3d:51:ec:68:35:f7:a2:03:
88:c8:e5:ca:d1:0f:9e:c3:cc:40:cf:2b:ac:eb:78:
04:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:1C:54:4F:59:88:84:7B:B4:A0:FD:E1:4C:7D:4E:28:95:3F:B3:47
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/58fc2718-fe0d-48f9-a45c-31fc50b1dabd.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
49:5f:92:3e:50:80:1e:8d:e1:65:bb:96:22:cb:04:aa:06:c6:
ec:93:7a:4b:fd:79:35:19:e4:be:d3:0f:65:c8:9d:58:c5:0f:
3d:af:95:38:ea:b0:74:4f:55:60:1f:eb:b0:57:e4:37:2e:47:
1e:45:b6:58:b7:16:e1:cf:1e:7d:59:da:43:cd:ce:a6:0e:32:
b7:31:5e:79:10:03:6a:97:42:a1:5f:c8:b9:fd:70:ea:f0:26:
44:01:df:6d:3f:6f:a8:f1:8d:22:64:39:36:d7:f9:88:38:a1:
d1:0d:9c:db:d2:aa:b8:21:44:72:5c:c2:e2:de:9c:c6:b8:3d:
4c:56:dd:c5:97:a1:8c:d3:55:be:c9:09:d2:09:de:21:df:91:
d0:90:11:c7:18:95:2e:a5:b0:d2:e1:21:ed:cf:b1:bb:41:f0:
62:40:6c:80:68:a3:ad:e0:8e:2c:86:42:5e:c9:cf:2b:be:95:
1d:4d:32:e5:e6:85:3d:ed:53:a2:68:82:54:d7:6e:97:0c:f7:
c7:04:9b:b3:12:99:b4:94:48:bd:88:fc:b0:63:78:e9:a0:3f:
cd:b4:28:62:ee:09:78:64:36:96:bc:4c:21:8d:49:35:ea:45:
97:80:0e:94:db:16:07:3e:57:b7:61:16:a1:a0:b3:e7:66:df:
03:8d:5a:f4
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUYINSm0O42Y8NdxTdJsYnMkOeq2wwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDIzMTgwODE4WhcNMjUwNTI4MjM1OTU5
WjB6MUkwRwYDVQQFE0BmMzBjYTJlODBlNGE3YmZjYWE3OWU2OWFjZTg5YzZhMTNl
N2JiMWYyODEwZWFkZDZkM2ExNTdhMWQ3ODllODFmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjh3N6TU+FyJfwuq+1XtsLUE+bhTxTW42teAOTqy/q2gB8
QCmrJ5zeYuIQHgmvFDSev2ckASW8ufv+nWAk7h+WX+kv75HtMyNyQUzNTffBHRLk
wd/uJpwTPq2Uah6pup1QisG9Heonsj1A85gzdd8DRRSGUDjgAQv/0oQCx2z1uREO
urfTrZwLgGM9rB00km6faE4D+zUnHe0XEXsyMxfyU5SQE/f/by8Nncwh3HAthCtn
3c/FDEeUjkJNCRpwUhLcarn7thNE43C+VyVkZ1NMlvArf720T2oBUDLgNT41R7mK
Lztd5Gk9UexoNfeiA4jI5crRD57DzEDPK6zreAQDAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgBxUT1mIhHu0oP3hTH1OKJU/s0cwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzU4ZmMyNzE4LWZlMGQtNDhmOS1hNDVjLTMxZmM1MGIxZGFiZC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAElfkj5QgB6N4WW7liLLBKoGxuyT
ekv9eTUZ5L7TD2XInVjFDz2vlTjqsHRPVWAf67BX5DcuRx5Ftli3FuHPHn1Z2kPN
zqYOMrcxXnkQA2qXQqFfyLn9cOrwJkQB320/b6jxjSJkOTbX+Yg4odENnNvSqrgh
RHJcwuLenMa4PUxW3cWXoYzTVb7JCdIJ3iHfkdCQEccYlS6lsNLhIe3PsbtB8GJA
bIBoo63gjiyGQl7Jzyu+lR1NMuXmhT3tU6JoglTXbpcM98cEm7MSmbSUSL2I/LBj
eOmgP820KGLuCXhkNpa8TCGNSTXqRZeADpTbFgc+V7dhFqGgs+dm3wONWvQ=
-----END CERTIFICATE-----
Generated at Sat Apr 26 18:36:24 2025 by rpki-client