Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f2f17235-0559-401a-877f-f4b27ff7852a.roa
File: f2f17235-0559-401a-877f-f4b27ff7852a.roa (raw, json)
Hash identifier: bZon7RdQv5eVAfOxx/XoIKQ4Eob7GrgDhFnotkc+I1k=
Subject key identifier: 57:20:36:D2:18:3B:41:24:C0:58:89:C4:82:95:8B:AB:CC:90:F4:77
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 636DBBDDCE1793D2EF53883D67AA62693E15A561
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f2f17235-0559-401a-877f-f4b27ff7852a.roa
Signing time: Wed 04 Jun 2025 04:28:18 +0000
ROA not before: Wed 04 Jun 2025 04:28:18 +0000
ROA not after: Wed 09 Jul 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 04:48:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
63:6d:bb:dd:ce:17:93:d2:ef:53:88:3d:67:aa:62:69:3e:15:a5:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jun 4 04:28:18 2025 GMT
Not After : Jul 9 23:59:59 2025 GMT
Subject: serialNumber=6bf42163c460735e51aecc59f254020e8162c951362e76f827c18944db620d19, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:89:a2:a4:3d:90:0f:cf:7c:13:31:0c:d6:d1:
a9:e1:2c:56:92:40:ae:fe:88:41:6c:0d:d7:ab:da:
b6:4c:b3:d5:ed:0c:de:49:8c:49:f4:62:3d:f0:e6:
b2:62:e3:b9:ed:ab:00:d2:b4:de:d1:a1:39:76:49:
bd:a6:3f:8b:b7:dd:a1:20:f3:04:b2:10:8e:04:a7:
b1:0f:f5:e4:07:02:70:d0:1c:5b:8d:76:42:89:6d:
5f:a9:18:26:4b:6d:1d:b7:2c:f5:40:48:e6:54:e5:
24:8b:22:7a:16:37:48:7a:fd:df:42:97:8d:9a:c3:
d4:d2:c5:30:1e:13:8a:ee:d4:4e:f1:d1:fd:c8:27:
16:a9:d4:6a:59:54:cb:bb:a8:23:f3:55:65:3c:5b:
a6:20:6a:d2:bb:c5:47:35:71:ea:66:37:d5:69:c8:
73:20:e8:82:8a:21:37:10:5f:69:68:49:8d:49:d4:
19:4c:01:da:42:78:3c:be:c8:e3:e0:04:1f:f3:bc:
9b:91:76:27:ca:10:0c:46:df:18:6f:6b:51:b9:f3:
96:bf:1e:28:21:22:93:5a:33:18:20:04:43:9e:e4:
a9:83:04:63:aa:4f:5e:b8:ce:64:a2:ad:83:f6:af:
fb:37:60:23:1e:64:23:88:70:b3:90:b3:b5:e5:0a:
e8:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:20:36:D2:18:3B:41:24:C0:58:89:C4:82:95:8B:AB:CC:90:F4:77
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/f2f17235-0559-401a-877f-f4b27ff7852a.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
78:ba:e8:65:34:9f:78:ca:49:f3:a6:e4:77:d5:7a:d5:25:b4:
42:69:97:22:7b:9c:68:44:39:2c:e6:88:a0:fa:27:82:e5:2c:
58:df:45:28:52:20:94:56:02:b5:bf:5a:67:fd:71:f1:95:4f:
67:82:2d:bf:fc:18:83:23:7b:12:e0:d1:9d:68:9a:4e:cc:47:
5d:12:30:2a:d9:ae:f2:24:56:ab:1a:43:59:3e:95:20:50:b2:
69:08:ad:7f:5f:32:11:0a:3c:86:49:c5:7a:48:80:63:af:25:
aa:ef:f3:04:eb:49:f6:b5:de:29:01:4b:e4:58:6c:ed:04:52:
b8:e9:b1:a3:73:da:7c:5c:a3:58:24:04:8b:8e:59:58:ff:4a:
6e:60:97:eb:9b:13:26:69:01:62:8f:9d:23:b4:89:a4:4b:5f:
41:a4:a6:a8:ec:03:43:9b:08:43:82:29:68:51:ae:55:d8:3b:
3d:64:01:9c:48:44:28:09:69:6f:c1:da:b0:1d:22:03:e6:89:
56:11:46:da:4e:ee:eb:29:77:dc:fc:61:98:18:1a:5c:9b:6b:
11:60:5e:81:5e:72:79:84:6d:d2:dc:9f:5c:02:05:b7:75:74:
1b:90:87:f1:82:7f:65:ba:ab:7c:3d:fa:eb:c6:b1:2b:4d:9b:
2a:15:d1:84
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUY2273c4Xk9LvU4g9Z6piaT4VpWEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNjA0MDQyODE4WhcNMjUwNzA5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2YmY0MjE2M2M0NjA3MzVlNTFhZWNjNTlmMjU0MDIwZTgx
NjJjOTUxMzYyZTc2ZjgyN2MxODk0NGRiNjIwZDE5MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDZiaKkPZAPz3wTMQzW0anhLFaSQK7+iEFsDder2rZMs9Xt
DN5JjEn0Yj3w5rJi47ntqwDStN7RoTl2Sb2mP4u33aEg8wSyEI4Ep7EP9eQHAnDQ
HFuNdkKJbV+pGCZLbR23LPVASOZU5SSLInoWN0h6/d9Cl42aw9TSxTAeE4ru1E7x
0f3IJxap1GpZVMu7qCPzVWU8W6YgatK7xUc1cepmN9VpyHMg6IKKITcQX2loSY1J
1BlMAdpCeDy+yOPgBB/zvJuRdifKEAxG3xhva1G585a/HighIpNaMxggBEOe5KmD
BGOqT164zmSirYP2r/s3YCMeZCOIcLOQs7XlCuhBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUVyA20hg7QSTAWInEgpWLq8yQ9HcwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2L2YyZjE3MjM1LTA1NTktNDAxYS04NzdmLWY0YjI3ZmY3ODUyYS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAHi66GU0n3jKSfOm5HfVetUltEJp
lyJ7nGhEOSzmiKD6J4LlLFjfRShSIJRWArW/Wmf9cfGVT2eCLb/8GIMjexLg0Z1o
mk7MR10SMCrZrvIkVqsaQ1k+lSBQsmkIrX9fMhEKPIZJxXpIgGOvJarv8wTrSfa1
3ikBS+RYbO0EUrjpsaNz2nxco1gkBIuOWVj/Sm5gl+ubEyZpAWKPnSO0iaRLX0Gk
pqjsA0ObCEOCKWhRrlXYOz1kAZxIRCgJaW/B2rAdIgPmiVYRRtpO7uspd9z8YZgY
GlybaxFgXoFecnmEbdLcn1wCBbd1dBuQh/GCf2W6q3w9+uvGsStNmyoV0YQ=
-----END CERTIFICATE-----
Generated at Mon Jun 16 19:31:26 2025 by rpki-client