Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9c515954-c06b-4fbe-bd5b-10154b491b20.roa
File: 9c515954-c06b-4fbe-bd5b-10154b491b20.roa (raw, json)
Hash identifier: DNTTyNPqVicGK+8JLBu2pt+07jB4UQ/K/foHoEEMW8E=
Subject key identifier: 33:C0:A1:37:08:7B:C6:1F:94:DA:82:87:87:78:64:2D:51:95:D7:E1
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 34742C85A8147082826A986A3AE5879D14F7A9EE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9c515954-c06b-4fbe-bd5b-10154b491b20.roa
Signing time: Mon 19 May 2025 17:41:37 +0000
ROA not before: Mon 19 May 2025 17:41:37 +0000
ROA not after: Mon 23 Jun 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2600:1fb9:2000::/40 maxlen: 48
Validation: Failed, certificate revoked on Thu 22 May 2025 01:07:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:74:2c:85:a8:14:70:82:82:6a:98:6a:3a:e5:87:9d:14:f7:a9:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: May 19 17:41:37 2025 GMT
Not After : Jun 23 23:59:59 2025 GMT
Subject: serialNumber=b1560e12825e23828f06d9962fa33a8e561505a9065b37e5fc121b2d46dc181f, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:0c:5d:26:e0:09:d2:1a:59:8f:c0:11:a5:c4:
00:38:fe:79:0b:d8:fb:92:6c:a0:aa:b1:e5:35:d5:
66:c0:5a:33:68:63:eb:45:20:16:78:d0:ba:b4:bf:
36:75:5f:46:b1:dd:d2:b5:75:2a:cf:69:a4:8f:6f:
4f:5e:a7:b9:b3:ee:88:c8:50:1a:22:ee:85:b4:8c:
22:23:37:64:ca:02:22:29:04:b8:32:f5:32:c9:a5:
4d:a7:9d:b6:d9:eb:40:22:cd:9e:51:23:0d:8a:0b:
31:3a:43:88:fb:39:93:ef:4b:55:4d:91:3b:3a:91:
6f:48:77:61:87:11:61:23:10:69:ba:9d:ca:d2:3c:
35:25:26:5d:c9:05:ad:a7:f5:cd:87:79:97:e4:5b:
11:7c:5b:64:54:f7:d1:be:9f:47:a1:13:70:d0:7f:
cf:98:0c:a5:37:f8:c4:8a:eb:09:b6:09:61:32:bc:
95:64:66:ed:e9:55:86:6e:9f:e3:15:98:68:b4:85:
b5:29:d5:e4:5b:b7:32:29:4f:c1:18:40:dc:4e:b0:
e8:92:3a:ec:79:cb:31:0d:aa:91:aa:a4:65:e6:12:
74:e1:c6:49:1a:40:c1:50:8d:a7:d3:b3:97:59:ca:
2f:4b:21:12:f8:c2:f0:c9:f8:36:af:44:e7:07:91:
90:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:C0:A1:37:08:7B:C6:1F:94:DA:82:87:87:78:64:2D:51:95:D7:E1
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/9c515954-c06b-4fbe-bd5b-10154b491b20.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1fb9:2000::/40
Signature Algorithm: sha256WithRSAEncryption
6d:1a:b7:82:f5:11:66:af:b5:07:00:0c:a0:6d:2f:9b:bf:6d:
7f:5e:87:fb:ae:55:b7:9d:dc:7f:d0:f5:98:db:73:c9:e5:31:
53:7f:3c:a6:38:a4:69:11:59:de:25:2a:6d:d1:4b:fd:75:2f:
9f:34:a4:04:ff:22:5f:ea:93:63:b6:45:ed:e5:cc:fa:8f:23:
65:70:52:fc:c6:28:3a:db:3d:a1:02:7a:eb:6d:7f:a5:6b:22:
1c:cf:fe:eb:55:bc:a1:8c:2a:08:fc:3f:70:58:e2:4f:37:68:
9d:e0:d9:8e:a5:43:7f:78:3a:2a:ce:4e:a3:bb:cc:db:4e:26:
72:f2:28:52:ef:72:b7:fb:f7:c6:ed:ae:f2:ee:8f:03:a4:fa:
fb:40:f7:ec:fd:2b:92:ff:25:7b:7c:0e:6b:e7:3b:1a:e0:48:
98:cc:5b:99:7e:09:55:2c:bf:14:82:fd:0d:19:92:1b:33:05:
9a:c6:6d:03:ee:e5:c4:a2:7c:31:f2:61:00:1f:a0:0a:79:5f:
96:38:5d:c7:27:e6:08:5e:ab:78:45:d3:dd:bf:bc:a4:7e:7a:
ae:c8:7d:c4:f6:cf:4d:0d:98:64:f2:ce:9f:01:c8:a2:a8:54:
a0:e0:d3:06:0e:39:7b:c6:15:66:7a:67:14:fe:44:e7:fb:ef:
5c:09:c3:ba
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUNHQshagUcIKCaphqOuWHnRT3qe4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwNTE5MTc0MTM3WhcNMjUwNjIzMjM1OTU5
WjB6MUkwRwYDVQQFE0BiMTU2MGUxMjgyNWUyMzgyOGYwNmQ5OTYyZmEzM2E4ZTU2
MTUwNWE5MDY1YjM3ZTVmYzEyMWIyZDQ2ZGMxODFmMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCvDF0m4AnSGlmPwBGlxAA4/nkL2PuSbKCqseU11WbAWjNo
Y+tFIBZ40Lq0vzZ1X0ax3dK1dSrPaaSPb09ep7mz7ojIUBoi7oW0jCIjN2TKAiIp
BLgy9TLJpU2nnbbZ60AizZ5RIw2KCzE6Q4j7OZPvS1VNkTs6kW9Id2GHEWEjEGm6
ncrSPDUlJl3JBa2n9c2HeZfkWxF8W2RU99G+n0ehE3DQf8+YDKU3+MSK6wm2CWEy
vJVkZu3pVYZun+MVmGi0hbUp1eRbtzIpT8EYQNxOsOiSOux5yzENqpGqpGXmEnTh
xkkaQMFQjafTs5dZyi9LIRL4wvDJ+DavROcHkZDrAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUM8ChNwh7xh+U2oKHh3hkLVGV1+EwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzljNTE1OTU0LWMwNmItNGZiZS1iZDViLTEwMTU0YjQ5MWIyMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB+5IDANBgkqhkiG9w0BAQsFAAOCAQEAbRq3gvURZq+1BwAMoG0vm79t
f16H+65Vt53cf9D1mNtzyeUxU388pjikaRFZ3iUqbdFL/XUvnzSkBP8iX+qTY7ZF
7eXM+o8jZXBS/MYoOts9oQJ6621/pWsiHM/+61W8oYwqCPw/cFjiTzdoneDZjqVD
f3g6Ks5Oo7vM204mcvIoUu9yt/v3xu2u8u6PA6T6+0D37P0rkv8le3wOa+c7GuBI
mMxbmX4JVSy/FIL9DRmSGzMFmsZtA+7lxKJ8MfJhAB+gCnlfljhdxyfmCF6reEXT
3b+8pH56rsh9xPbPTQ2YZPLOnwHIoqhUoODTBg45e8YVZnpnFP5E5/vvXAnDug==
-----END CERTIFICATE-----
Generated at Tue Jun 17 01:11:08 2025 by rpki-client