Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5a6af661-9ce5-42d1-a6c3-833af7f52b19.roa
File: 5a6af661-9ce5-42d1-a6c3-833af7f52b19.roa (raw, json)
Hash identifier: gQKhtIKj5XdRPEBkfB9+xeXXUTn5tkz/3os42zyXMYs=
Subject key identifier: CE:AC:72:6A:2E:25:E0:29:D9:52:73:94:38:C7:48:7B:6C:25:53:9D
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 6BBBAF886FB8D0ACB53202D5FC51E181E68EC868
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5a6af661-9ce5-42d1-a6c3-833af7f52b19.roa
Signing time: Mon 14 Apr 2025 01:48:20 +0000
ROA not before: Mon 14 Apr 2025 01:48:20 +0000
ROA not after: Mon 19 May 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 14 Apr 2025 02:08:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6b:bb:af:88:6f:b8:d0:ac:b5:32:02:d5:fc:51:e1:81:e6:8e:c8:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Apr 14 01:48:20 2025 GMT
Not After : May 19 23:59:59 2025 GMT
Subject: serialNumber=8fd57dd442a984cf36b5757e454c6093351c2f3d6dfb9fac8a2182805f4cf803, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:6a:b7:ea:e1:88:80:73:b5:63:02:b8:6a:7c:
68:01:ed:64:ca:d5:9c:d9:14:43:78:cb:48:e4:f1:
4c:ce:bb:ed:97:c2:39:46:07:a2:be:30:e4:1d:d4:
d9:b0:06:6c:b6:18:08:d8:5a:e7:c3:ed:10:3d:f2:
2c:90:33:0d:31:2b:1f:03:64:18:50:9c:56:fd:b4:
cd:7f:df:0b:13:26:a4:2d:32:86:52:e0:9b:29:6b:
c6:17:15:42:51:6c:51:46:cb:ae:61:95:e2:7b:7a:
ca:65:ff:dc:da:2c:a8:ad:a5:32:85:32:cd:4b:6e:
d5:d9:0a:74:9f:79:ce:6b:49:69:e6:df:cd:d1:0c:
99:51:24:02:f0:01:53:c9:32:bd:4d:81:40:c8:97:
c2:ed:f3:dc:0f:8c:e1:56:b4:ee:29:2d:dd:ba:89:
30:d8:86:57:a7:57:80:93:74:a6:43:8a:83:bd:78:
d0:35:a2:86:e0:6d:df:36:4f:e6:0d:23:cd:72:36:
32:ca:b2:5d:62:44:0e:f7:52:11:34:76:2d:18:11:
0b:71:20:a6:8b:be:d2:dc:31:48:e6:a1:e7:fd:f6:
82:53:e6:43:e5:1b:a5:78:2c:61:39:95:8b:75:74:
f2:4b:db:4b:ef:ab:cf:65:f5:c2:e8:0f:d8:75:d4:
40:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:AC:72:6A:2E:25:E0:29:D9:52:73:94:38:C7:48:7B:6C:25:53:9D
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/5a6af661-9ce5-42d1-a6c3-833af7f52b19.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:61:02:a0:a0:54:c9:29:e9:6f:f9:2c:76:1e:da:81:9b:08:
da:21:db:d1:c6:e8:a2:e5:a8:1a:4b:83:c4:c5:48:3f:3b:a0:
7a:92:24:75:0c:ec:c7:24:1d:d2:00:b0:d2:8c:ec:6e:3b:e7:
e4:79:87:a1:d8:e2:37:fc:47:f7:b8:23:d9:90:2e:74:86:c3:
0a:df:d3:2d:c0:4e:1f:a2:d0:53:1c:72:aa:c2:38:d5:18:c5:
55:5c:04:83:fa:a3:9d:1e:3e:91:32:d5:d0:78:18:3d:d9:9d:
58:d2:b6:1d:9b:67:a6:cd:f3:48:a4:c8:e9:66:7e:67:96:b6:
42:ef:23:0c:86:aa:b3:22:f4:0f:78:bf:8b:3e:75:42:9d:51:
4b:30:6b:d9:b4:cc:ae:6e:1b:aa:19:ce:11:ca:cc:9f:e3:ed:
d7:75:2c:d9:59:9f:a1:0c:87:90:b9:cc:95:d3:72:c9:e3:6b:
33:10:a9:80:00:8f:29:b4:7e:db:36:84:e9:7f:ff:40:03:ee:
c7:34:36:a2:8f:b1:63:69:1e:7c:4d:bd:7c:8b:19:2a:4b:4b:
a6:c7:2f:f9:ae:86:0c:39:56:dc:30:d0:eb:43:ea:69:87:f6:
20:ef:04:bc:cc:29:f5:46:de:a6:1b:bc:50:d9:03:25:4d:d1:
e7:eb:91:a8
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUa7uviG+40Ky1MgLV/FHhgeaOyGgwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNDE0MDE0ODIwWhcNMjUwNTE5MjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZmQ1N2RkNDQyYTk4NGNmMzZiNTc1N2U0NTRjNjA5MzM1
MWMyZjNkNmRmYjlmYWM4YTIxODI4MDVmNGNmODAzMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDParfq4YiAc7VjArhqfGgB7WTK1ZzZFEN4y0jk8UzOu+2X
wjlGB6K+MOQd1NmwBmy2GAjYWufD7RA98iyQMw0xKx8DZBhQnFb9tM1/3wsTJqQt
MoZS4Jspa8YXFUJRbFFGy65hleJ7espl/9zaLKitpTKFMs1LbtXZCnSfec5rSWnm
383RDJlRJALwAVPJMr1NgUDIl8Lt89wPjOFWtO4pLd26iTDYhlenV4CTdKZDioO9
eNA1oobgbd82T+YNI81yNjLKsl1iRA73UhE0di0YEQtxIKaLvtLcMUjmoef99oJT
5kPlG6V4LGE5lYt1dPJL20vvq89l9cLoD9h11EApAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUzqxyai4l4CnZUnOUOMdIe2wlU50wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzVhNmFmNjYxLTljZTUtNDJkMS1hNmMzLTgzM2FmN2Y1MmIxOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAA5hAqCgVMkp6W/5LHYe2oGbCNoh
29HG6KLlqBpLg8TFSD87oHqSJHUM7MckHdIAsNKM7G475+R5h6HY4jf8R/e4I9mQ
LnSGwwrf0y3ATh+i0FMccqrCONUYxVVcBIP6o50ePpEy1dB4GD3ZnVjSth2bZ6bN
80ikyOlmfmeWtkLvIwyGqrMi9A94v4s+dUKdUUswa9m0zK5uG6oZzhHKzJ/j7dd1
LNlZn6EMh5C5zJXTcsnjazMQqYAAjym0fts2hOl//0AD7sc0NqKPsWNpHnxNvXyL
GSpLS6bHL/muhgw5Vtww0OtD6mmH9iDvBLzMKfVG3qYbvFDZAyVN0efrkag=
-----END CERTIFICATE-----
Generated at Sat Apr 26 20:20:49 2025 by rpki-client