Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/dd10bb4a-3f20-4b55-818b-a5d8d8de948e.roa
File: dd10bb4a-3f20-4b55-818b-a5d8d8de948e.roa (raw, json)
Hash identifier: W5d1mQHgPXvL77wxKL8/gGVl+c4cjQ3CdoEPjuLwZOc=
Subject key identifier: 88:9A:08:5A:8E:C5:88:F8:23:5C:81:7E:28:92:F6:C7:4D:52:26:DA
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 7760A8C02358DFA75B702A63BA5540E0F507C650
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/dd10bb4a-3f20-4b55-818b-a5d8d8de948e.roa
Signing time: Thu 22 May 2025 09:28:19 +0000
ROA not before: Thu 22 May 2025 09:28:19 +0000
ROA not after: Thu 26 Jun 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Thu 22 May 2025 09:43:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
77:60:a8:c0:23:58:df:a7:5b:70:2a:63:ba:55:40:e0:f5:07:c6:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: May 22 09:28:19 2025 GMT
Not After : Jun 26 23:59:59 2025 GMT
Subject: serialNumber=72d28ecc1f57c6112dc425fb0ab0e177dd7c33be0d899e31cc8999c1f1d9c3f0, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:47:14:a0:45:d4:4d:9a:07:70:7f:b0:95:9c:
ff:47:53:a4:6e:3a:66:b2:51:87:e9:ae:a7:42:df:
bd:ca:ee:ff:c4:6f:62:fd:d0:8d:f9:5f:3c:5c:21:
aa:75:e4:07:e3:5b:2c:09:58:b0:27:78:af:bf:35:
13:a0:72:98:98:c4:4f:cb:55:fc:1d:39:79:7b:4c:
fe:3d:7d:14:b6:b2:69:05:ab:8e:11:a3:e2:ef:60:
70:d4:10:ae:fa:2f:d4:8a:b8:38:5b:05:a5:b7:c7:
f2:bd:f0:47:d4:c8:08:6d:27:65:aa:b2:7f:6a:9c:
56:cd:9f:bc:9a:40:21:65:03:66:3f:b1:b9:65:a9:
af:6b:6b:75:48:fd:8c:36:d7:80:78:8a:8e:e2:9f:
17:06:41:07:af:46:95:b6:a3:42:94:68:15:6e:b1:
2c:68:43:2a:f9:21:0b:c3:de:02:f7:a2:d8:c6:22:
06:a1:09:9e:58:79:65:34:11:d4:64:9c:56:b2:23:
b9:84:da:ce:76:56:ba:29:5f:54:92:63:9d:33:eb:
b4:34:a8:f7:7c:d1:a3:4a:de:7b:28:60:73:f7:38:
b9:28:20:62:84:bb:7a:cc:7c:3c:61:5a:e0:49:e3:
aa:85:b5:20:37:a7:d3:9a:88:28:1a:25:6d:18:54:
b2:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:9A:08:5A:8E:C5:88:F8:23:5C:81:7E:28:92:F6:C7:4D:52:26:DA
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/dd10bb4a-3f20-4b55-818b-a5d8d8de948e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
88:f4:3d:25:34:6b:2f:15:ed:89:09:23:b0:72:4b:c6:6a:8f:
9d:3e:a0:e8:7a:af:18:e2:50:44:4b:6c:f2:dd:07:7e:df:02:
3a:11:48:2d:a5:19:11:bb:7d:29:c6:7e:c6:e4:73:3e:2b:b3:
92:38:a4:22:7f:15:27:f9:4f:44:4f:64:b8:75:b2:a3:46:37:
02:21:79:84:7e:ca:ce:e8:d7:fb:b6:41:59:35:c2:ce:ee:4f:
ab:89:d6:da:9c:d2:04:04:2e:65:a7:b8:20:79:18:c0:03:ad:
d5:13:65:f0:18:a7:7d:30:75:e9:04:4f:d3:40:88:cb:b1:7d:
5a:33:35:ba:68:66:92:bb:7e:c3:de:29:f7:0f:f1:e6:d4:84:
9b:33:67:ec:26:e2:18:25:1a:f2:ab:8c:96:73:b1:4f:3d:97:
64:9e:95:f6:a2:d1:35:26:6a:c5:91:27:b0:55:a2:60:64:cc:
21:37:82:0f:30:2a:2f:f8:43:01:db:58:dd:d2:fd:79:0e:f8:
4f:5b:d9:e3:50:68:07:e1:96:ed:11:2b:86:fd:b2:15:fc:8f:
ec:18:a5:bf:4d:f2:f8:6d:83:53:58:1e:aa:f6:e7:18:18:9b:
d9:ff:2e:4d:29:a2:ed:49:de:23:05:a8:63:e8:e4:5b:01:9d:
ec:4e:ff:b0
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUd2CowCNY36dbcCpjulVA4PUHxlAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNTIyMDkyODE5WhcNMjUwNjI2MjM1OTU5
WjB6MUkwRwYDVQQFE0A3MmQyOGVjYzFmNTdjNjExMmRjNDI1ZmIwYWIwZTE3N2Rk
N2MzM2JlMGQ4OTllMzFjYzg5OTljMWYxZDljM2YwMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCVRxSgRdRNmgdwf7CVnP9HU6RuOmayUYfprqdC373K7v/E
b2L90I35XzxcIap15AfjWywJWLAneK+/NROgcpiYxE/LVfwdOXl7TP49fRS2smkF
q44Ro+LvYHDUEK76L9SKuDhbBaW3x/K98EfUyAhtJ2Wqsn9qnFbNn7yaQCFlA2Y/
sbllqa9ra3VI/Yw214B4io7inxcGQQevRpW2o0KUaBVusSxoQyr5IQvD3gL3otjG
IgahCZ5YeWU0EdRknFayI7mE2s52VropX1SSY50z67Q0qPd80aNK3nsoYHP3OLko
IGKEu3rMfDxhWuBJ46qFtSA3p9OaiCgaJW0YVLKJAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUiJoIWo7FiPgjXIF+KJL2x01SJtowHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2RkMTBiYjRhLTNmMjAtNGI1NS04MThiLWE1ZDhkOGRlOTQ4ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAIj0PSU0ay8V7YkJI7ByS8Zqj50+
oOh6rxjiUERLbPLdB37fAjoRSC2lGRG7fSnGfsbkcz4rs5I4pCJ/FSf5T0RPZLh1
sqNGNwIheYR+ys7o1/u2QVk1ws7uT6uJ1tqc0gQELmWnuCB5GMADrdUTZfAYp30w
dekET9NAiMuxfVozNbpoZpK7fsPeKfcP8ebUhJszZ+wm4hglGvKrjJZzsU89l2Se
lfai0TUmasWRJ7BVomBkzCE3gg8wKi/4QwHbWN3S/XkO+E9b2eNQaAfhlu0RK4b9
shX8j+wYpb9N8vhtg1NYHqr25xgYm9n/Lk0pou1J3iMFqGPo5FsBnexO/7A=
-----END CERTIFICATE-----
Generated at Tue Jun 17 08:09:48 2025 by rpki-client