Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/7cde6028-d24c-4b9a-a11a-6ca1942cf1c1.roa
File: 7cde6028-d24c-4b9a-a11a-6ca1942cf1c1.roa (raw, json)
Hash identifier: lQUM30L0RyGTDtOQvdg6t3XLRB0ReJDVmPGvM9rlwQg=
Subject key identifier: E0:94:45:6B:E9:61:10:D6:81:06:08:8F:3C:46:A8:82:2F:BC:03:FA
Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial: 2525A3F5573A581AA2980FA606ECA139CE53E64A
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/7cde6028-d24c-4b9a-a11a-6ca1942cf1c1.roa
Signing time: Wed 04 Jun 2025 19:37:07 +0000
ROA not before: Wed 04 Jun 2025 19:37:07 +0000
ROA not after: Wed 09 Jul 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.96.0.0/24 maxlen: 24
Validation: Failed, certificate revoked on Wed 04 Jun 2025 21:22:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:25:a3:f5:57:3a:58:1a:a2:98:0f:a6:06:ec:a1:39:ce:53:e6:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Validity
Not Before: Jun 4 19:37:07 2025 GMT
Not After : Jul 9 23:59:59 2025 GMT
Subject: serialNumber=02fe0d04ce96e4a9b5e9c7eaf0be439c5e1b4176bf2496c0800075da721b14e8, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:ed:f5:52:8c:bd:25:d1:d4:e8:9f:80:b0:49:
be:42:c9:c7:9c:4a:6d:47:b5:e3:5a:3f:9d:2a:d7:
73:b2:92:d5:cf:06:89:f8:38:49:79:d4:4a:46:4c:
bb:44:0a:16:89:4f:d4:24:e1:23:1c:34:87:1c:57:
f4:e3:2a:1a:7a:e7:69:e6:c8:af:57:d8:0e:2b:25:
c7:e3:56:10:fa:78:41:d6:43:1b:47:ee:66:0f:75:
cc:18:8e:62:2d:d8:cb:43:06:ad:66:76:7f:e3:b1:
61:24:2e:da:2a:66:e5:f9:1a:11:dc:2d:84:8b:ad:
e3:0d:8e:41:24:94:5e:de:df:90:3e:3b:e6:53:25:
ad:63:31:f5:2c:be:c3:cb:08:0a:8b:c0:f3:f2:be:
50:73:4e:08:e6:31:99:9d:c7:8c:46:a0:df:b8:a1:
e8:16:4c:82:93:19:93:25:9d:dd:9a:da:9a:a9:b1:
d2:0c:0c:17:ea:61:14:6f:ac:a7:68:36:b0:24:c9:
60:d3:16:0a:79:2f:a4:6c:78:a8:b0:a7:b6:7c:f0:
b3:cc:95:0b:e5:91:d0:99:6f:ff:35:1e:5b:94:fc:
04:43:35:73:3d:84:0c:a7:90:de:b5:ba:44:f7:6c:
79:ab:79:fb:cf:bd:e8:17:3e:f5:f5:c0:57:40:65:
85:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:94:45:6B:E9:61:10:D6:81:06:08:8F:3C:46:A8:82:2F:BC:03:FA
X509v3 Authority Key Identifier:
keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/7cde6028-d24c-4b9a-a11a-6ca1942cf1c1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.96.0.0/24
Signature Algorithm: sha256WithRSAEncryption
38:93:06:e8:33:cc:ec:6c:05:f9:17:ad:4b:65:a4:7d:2f:b6:
8f:49:b3:3c:be:e0:f3:98:8e:ac:67:b6:b1:6d:17:1f:68:93:
17:8d:c2:91:57:6c:55:91:0f:93:d5:ea:73:70:0b:d9:80:64:
2c:7a:5a:3d:b7:06:33:c5:5e:3e:a3:2c:57:e3:ab:93:bb:cf:
f4:39:bc:a4:d5:d9:a5:2e:2e:df:68:ce:d9:24:0d:03:a6:a3:
53:be:ed:3c:54:5a:9b:8b:12:d0:80:31:10:ad:88:8c:2b:c5:
e7:ae:cc:ad:68:0a:a3:26:a8:3b:96:cc:d1:8c:1e:46:41:28:
5b:4f:d4:b6:30:ba:aa:38:30:92:e5:15:8c:47:e8:3d:52:c8:
f4:3d:b5:8b:47:74:dd:41:f2:6b:82:01:74:f5:3f:17:9f:e1:
d4:20:c7:2c:a3:88:50:dd:20:74:cd:cb:67:9a:fb:b0:7c:bc:
d6:ed:ad:63:09:c5:84:2c:27:be:35:f6:41:15:8e:89:ae:3d:
07:21:b3:02:c0:2d:60:0d:2d:1c:5b:1c:a7:d0:b3:a2:35:0e:
6a:c7:24:f9:a3:42:8b:50:a6:c4:23:92:e7:ba:51:99:59:db:
66:e3:62:e2:d5:50:a0:94:6a:92:65:90:0d:a7:ad:8a:c7:cb:
48:d6:8b:22
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUJSWj9Vc6WBqimA+mBuyhOc5T5kowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1Mjk4YTQyZjJiYWJh
MWZhNzJmOGQyNzkzODg3OGMwHhcNMjUwNjA0MTkzNzA3WhcNMjUwNzA5MjM1OTU5
WjB6MUkwRwYDVQQFE0AwMmZlMGQwNGNlOTZlNGE5YjVlOWM3ZWFmMGJlNDM5YzVl
MWI0MTc2YmYyNDk2YzA4MDAwNzVkYTcyMWIxNGU4MS0wKwYDVQQDEyQ4Y2Q4NDQy
Zi0yMzVmLTQxNzEtODRlNi04ZTEwMDdhNjRjNjAwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQD27fVSjL0l0dTon4CwSb5CycecSm1HteNaP50q13OyktXP
Bon4OEl51EpGTLtEChaJT9Qk4SMcNIccV/TjKhp652nmyK9X2A4rJcfjVhD6eEHW
QxtH7mYPdcwYjmIt2MtDBq1mdn/jsWEkLtoqZuX5GhHcLYSLreMNjkEklF7e35A+
O+ZTJa1jMfUsvsPLCAqLwPPyvlBzTgjmMZmdx4xGoN+4oegWTIKTGZMlnd2a2pqp
sdIMDBfqYRRvrKdoNrAkyWDTFgp5L6RseKiwp7Z88LPMlQvlkdCZb/81HluU/ARD
NXM9hAynkN61ukT3bHmrefvPvegXPvX1wFdAZYV7AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU4JRFa+lhENaBBgiPPEaogi+8A/owHwYDVR0jBBgwFoAUasw+faLnbZkR
D9Y5xBN+QkKZcNgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy82NzU1OTcwYy00
NzQ3LTQ5OWQtOTc3NC01ZTEzMDhjNTAxYTcvOWFiMDE1ZjM4MjZlMDEzNTEyYTQ1
Mjk4YTQyZjJiYWJhMWZhNzJmOGQyNzkzODg3OGMuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgtNDcx
MTI5ODY2MzYyLzdjZGU2MDI4LWQyNGMtNGI5YS1hMTFhLTZjYTE5NDJjZjFjMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2U3MmQ4ZGIwLTQ3MjgtNGZjMS1iZGQ4
LTQ3MTEyOTg2NjM2Mi9iZ0UxRXFSU21LUXZLNnVoLW5MNDBuazRoNHcuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBAAjYAAwDQYJKoZIhvcNAQELBQADggEBADiTBugzzOxsBfkXrUtlpH0vto9J
szy+4POYjqxntrFtFx9okxeNwpFXbFWRD5PV6nNwC9mAZCx6Wj23BjPFXj6jLFfj
q5O7z/Q5vKTV2aUuLt9oztkkDQOmo1O+7TxUWpuLEtCAMRCtiIwrxeeuzK1oCqMm
qDuWzNGMHkZBKFtP1LYwuqo4MJLlFYxH6D1SyPQ9tYtHdN1B8muCAXT1Pxef4dQg
xyyjiFDdIHTNy2ea+7B8vNbtrWMJxYQsJ7419kEVjomuPQchswLALWANLRxbHKfQ
s6I1DmrHJPmjQotQpsQjkue6UZlZ22bjYuLVUKCUapJlkA2nrYrHy0jWiyI=
-----END CERTIFICATE-----
Generated at Sun Jun 15 17:11:49 2025 by rpki-client