Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/601c4e57-e923-4e3f-97ca-e9c434724f42.roa
File: 601c4e57-e923-4e3f-97ca-e9c434724f42.roa (raw, json)
Hash identifier: E3ecas5KcLhqZhkpe21kxav8CH5CamkTbq9ve6szEQs=
Subject key identifier: DE:E5:F2:0B:51:5F:9F:4B:91:38:EE:95:01:63:AF:A9:CD:B7:94:F6
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5514411AEDF75CCF09FE95ED42698C79D0356B24
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/601c4e57-e923-4e3f-97ca-e9c434724f42.roa
Signing time: Sun 01 Jun 2025 11:48:21 +0000
ROA not before: Sun 01 Jun 2025 11:48:21 +0000
ROA not after: Sun 06 Jul 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Sun 01 Jun 2025 12:08:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
55:14:41:1a:ed:f7:5c:cf:09:fe:95:ed:42:69:8c:79:d0:35:6b:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 1 11:48:21 2025 GMT
Not After : Jul 6 23:59:59 2025 GMT
Subject: serialNumber=4bfb7deb042ee11166886057e3040f32af7dae298fd4ba760f258d382a8ba447, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:e2:e5:6e:3c:8d:d0:f4:86:0d:8b:a5:8c:28:
da:d8:f4:43:00:e2:3a:65:63:ab:6c:1c:a3:5c:75:
b6:3f:dc:70:47:3a:e5:c7:72:66:e6:4c:bf:65:42:
67:7c:b3:d2:98:67:e2:b0:a2:67:47:02:7e:8b:f5:
3e:cb:dd:4e:cf:0f:6a:82:0e:0f:7b:6d:ea:c2:27:
17:6c:c7:b8:cd:62:39:d3:fc:34:9e:6c:5d:3a:0f:
49:b3:c8:26:47:34:46:95:35:0f:1d:0d:72:70:d5:
b8:42:92:bd:42:16:c3:57:9d:9f:f6:0f:12:bb:b7:
ae:c5:3d:8d:08:2a:23:d2:c2:9a:e9:83:15:d5:1e:
2b:dc:8b:52:04:89:4a:85:48:ae:c2:ba:2a:54:91:
19:ff:88:d6:95:5b:e7:07:7b:1a:0f:6a:b7:73:5c:
f3:fe:75:aa:bc:a9:c4:a4:3d:09:a5:fd:6e:38:9d:
45:a8:a0:4a:95:23:79:98:53:bc:87:42:0e:e7:d1:
2c:dc:bb:49:6d:c5:1b:f3:f7:ba:95:5f:ef:15:1d:
aa:96:f2:f5:0f:e7:e1:b9:99:ce:40:24:28:1b:c0:
98:38:a4:58:e9:69:36:2b:f4:df:8b:25:f1:61:a9:
e7:d0:9a:a8:18:c0:89:fb:b0:de:61:37:33:a5:0c:
38:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:E5:F2:0B:51:5F:9F:4B:91:38:EE:95:01:63:AF:A9:CD:B7:94:F6
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/601c4e57-e923-4e3f-97ca-e9c434724f42.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
43:0c:44:58:63:90:3f:5e:70:29:a5:6f:d3:44:8d:82:6f:06:
b8:55:51:52:f1:d8:c2:96:85:e8:4a:39:e2:f1:3c:c7:ed:3d:
45:4a:e4:9c:2a:ce:32:d6:d6:fa:4f:3e:2c:5d:55:99:cd:64:
d8:e6:da:34:58:c8:13:be:9f:bf:3b:b0:9d:f4:64:4e:2d:e9:
17:73:13:52:1d:cd:f1:cf:c7:09:50:a8:6f:36:d6:6e:de:5d:
23:da:62:de:39:d7:69:ea:bb:76:55:88:cb:f5:90:ca:12:4d:
d1:18:a6:f3:bf:92:34:ca:62:20:a8:ce:01:66:3c:5f:26:be:
91:73:50:65:a6:55:ee:18:e3:f1:a4:a9:d2:5c:7d:13:7e:56:
45:58:81:77:23:91:ec:94:b4:54:97:91:30:42:27:d1:4e:41:
82:f9:4b:41:a8:af:51:6e:44:b0:71:f6:78:24:26:3f:2c:fc:
c1:48:35:e4:ed:27:b3:53:9a:b4:8c:7c:1c:f1:ae:d3:45:4d:
67:94:30:d8:8e:8d:e7:eb:ba:f6:d9:40:ae:6c:c4:52:34:57:
79:21:5c:19:f5:fe:8e:cf:a8:cc:91:68:30:72:72:c8:83:e0:
b6:88:a2:25:ff:88:e0:1e:cb:f1:ef:64:d5:cc:6b:32:f2:58:
01:f5:89:81
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUVRRBGu33XM8J/pXtQmmMedA1ayQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNjAxMTE0ODIxWhcNMjUwNzA2MjM1OTU5
WjB6MUkwRwYDVQQFE0A0YmZiN2RlYjA0MmVlMTExNjY4ODYwNTdlMzA0MGYzMmFm
N2RhZTI5OGZkNGJhNzYwZjI1OGQzODJhOGJhNDQ3MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDi4uVuPI3Q9IYNi6WMKNrY9EMA4jplY6tsHKNcdbY/3HBH
OuXHcmbmTL9lQmd8s9KYZ+KwomdHAn6L9T7L3U7PD2qCDg97berCJxdsx7jNYjnT
/DSebF06D0mzyCZHNEaVNQ8dDXJw1bhCkr1CFsNXnZ/2DxK7t67FPY0IKiPSwprp
gxXVHivci1IEiUqFSK7CuipUkRn/iNaVW+cHexoPardzXPP+daq8qcSkPQml/W44
nUWooEqVI3mYU7yHQg7n0Szcu0ltxRvz97qVX+8VHaqW8vUP5+G5mc5AJCgbwJg4
pFjpaTYr9N+LJfFhqefQmqgYwIn7sN5hNzOlDDj1AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU3uXyC1Ffn0uROO6VAWOvqc23lPYwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzYwMWM0ZTU3LWU5MjMtNGUzZi05N2NhLWU5YzQzNDcyNGY0Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAEMMRFhjkD9ecCmlb9NEjYJvBrhV
UVLx2MKWhehKOeLxPMftPUVK5JwqzjLW1vpPPixdVZnNZNjm2jRYyBO+n787sJ30
ZE4t6RdzE1IdzfHPxwlQqG821m7eXSPaYt4512nqu3ZViMv1kMoSTdEYpvO/kjTK
YiCozgFmPF8mvpFzUGWmVe4Y4/GkqdJcfRN+VkVYgXcjkeyUtFSXkTBCJ9FOQYL5
S0Gor1FuRLBx9ngkJj8s/MFINeTtJ7NTmrSMfBzxrtNFTWeUMNiOjefruvbZQK5s
xFI0V3khXBn1/o7PqMyRaDBycsiD4LaIoiX/iOAey/HvZNXMazLyWAH1iYE=
-----END CERTIFICATE-----
Generated at Mon Jun 16 14:09:35 2025 by rpki-client