Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/8b3bc4e7-5070-4a5b-b2fc-778381232bc5.roa
File: 8b3bc4e7-5070-4a5b-b2fc-778381232bc5.roa (raw, json)
Hash identifier: KqYypbjq2mhd9fUx8mxHfNapiib3AxND8lTywIctl94=
Subject key identifier: B8:E0:A2:E4:27:BD:D9:E9:22:F5:0E:E2:D6:99:C8:75:7B:E4:24:48
Certificate issuer: /CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Certificate serial: 44EFD5CFC5433864C4D7CF6FE0E5D748A27D87
Authority key identifier: 6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/8b3bc4e7-5070-4a5b-b2fc-778381232bc5.roa
Signing time: Tue 20 May 2025 18:00:22 +0000
ROA not before: Tue 20 May 2025 18:00:22 +0000
ROA not after: Tue 24 Jun 2025 23:59:59 +0000
asID: 16509
IP address blocks: 35.96.112.0/20 maxlen: 20
Validation: Failed, certificate revoked on Wed 04 Jun 2025 22:38:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
44:ef:d5:cf:c5:43:38:64:c4:d7:cf:6f:e0:e5:d7:48:a2:7d:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c
Validity
Not Before: May 20 18:00:22 2025 GMT
Not After : Jun 24 23:59:59 2025 GMT
Subject: serialNumber=80cccb0a9f751bd6d4a184c56e027557d242e4edb46c12188d279c46b033187f, CN=8cd8442f-235f-4171-84e6-8e1007a64c60
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d9:28:e6:ae:ac:5b:99:ac:b9:9d:53:7e:19:
7e:b1:06:4f:e1:45:86:0d:bf:69:32:dc:af:50:54:
6b:1d:b2:44:b3:4e:a9:90:e7:27:b9:59:d7:de:66:
f4:1a:28:fa:cd:a1:c9:d1:dc:ee:6d:96:18:d4:0a:
2a:34:7c:bd:06:9e:51:f6:eb:7c:1f:88:b9:ee:3c:
75:fa:03:f0:41:e1:40:a1:b9:52:e2:63:53:82:f6:
2a:cb:1c:8d:a7:5a:6f:1f:7d:18:31:29:07:ad:2e:
01:2a:6f:e0:07:d4:c8:ee:6f:30:08:b6:02:d0:13:
8d:dc:fa:1d:0a:12:5e:28:cd:8f:38:36:0b:73:9a:
45:37:02:9e:81:70:87:5d:b9:2f:cf:58:08:29:93:
77:32:4b:5d:6e:26:93:33:fd:1e:6f:8c:46:f5:9c:
81:a5:6e:20:4f:5c:42:93:96:dd:8e:c0:86:32:ba:
da:0b:37:4a:ce:ff:ed:d6:9b:68:4e:4d:40:99:b7:
71:8d:ea:86:a2:d8:4d:fa:e3:b0:0c:2a:f8:e6:29:
aa:8a:d6:57:32:22:4d:6e:b5:af:ff:25:dc:10:b5:
88:66:34:76:20:04:ba:12:0e:71:1e:5f:c4:d2:ca:
27:29:30:e6:15:15:96:15:a4:8d:af:10:ed:a2:05:
81:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B8:E0:A2:E4:27:BD:D9:E9:22:F5:0E:E2:D6:99:C8:75:7B:E4:24:48
X509v3 Authority Key Identifier:
keyid:6A:CC:3E:7D:A2:E7:6D:99:11:0F:D6:39:C4:13:7E:42:42:99:70:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/6755970c-4747-499d-9774-5e1308c501a7/9ab015f3826e013512a45298a42f2baba1fa72f8d27938878c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/8b3bc4e7-5070-4a5b-b2fc-778381232bc5.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/e72d8db0-4728-4fc1-bdd8-471129866362/bgE1EqRSmKQvK6uh-nL40nk4h4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
35.96.112.0/20
Signature Algorithm: sha256WithRSAEncryption
35:2d:70:06:d7:f1:bf:63:a8:f0:7c:21:9d:e7:30:1f:ce:1b:
97:ce:7e:ac:06:a5:8b:90:47:4d:64:78:82:85:74:52:ec:a3:
5a:6d:9d:40:d1:c7:8f:e8:39:39:6a:aa:8c:40:df:c4:6b:c4:
f3:a2:6d:d4:12:ee:8d:1c:0b:dc:73:fe:c8:70:53:97:59:4f:
65:6e:53:f4:0f:6c:45:ce:bc:9e:bd:6e:3e:c5:0c:91:c5:fe:
35:f9:01:ee:fd:2c:08:f7:1b:24:fb:04:75:0c:82:38:e6:a2:
8c:76:53:03:aa:f3:7b:36:c0:86:bf:e9:92:c6:09:f2:9b:a8:
b9:ef:2f:1d:f8:d8:4a:76:5c:0c:af:bf:39:e6:30:e9:fe:d8:
b9:ec:68:d5:cd:bd:24:3a:45:3e:7f:37:d8:d1:5e:67:f7:71:
20:53:be:df:42:05:7c:2e:d1:e9:5d:6c:86:c0:38:c8:4d:d3:
6f:0e:bb:c7:44:84:43:4a:da:e0:e5:bc:e9:b3:b9:ba:a8:f5:
83:a2:01:d8:a0:04:09:5e:9d:88:ff:2d:1f:20:3a:56:7b:f6:
f8:f2:5b:2d:a5:55:6f:f0:d9:06:bd:cd:6e:63:7f:e7:85:df:
42:ec:89:4b:ef:6f:b4:c5:50:7b:32:fc:10:a4:d9:b4:4c:3c:
a4:31:76:53
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgITRO/Vz8VDOGTE189v4OXXSKJ9hzANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI5YWIwMTVmMzgyNmUwMTM1MTJhNDUyOThhNDJmMmJhYmEx
ZmE3MmY4ZDI3OTM4ODc4YzAeFw0yNTA1MjAxODAwMjJaFw0yNTA2MjQyMzU5NTla
MHoxSTBHBgNVBAUTQDgwY2NjYjBhOWY3NTFiZDZkNGExODRjNTZlMDI3NTU3ZDI0
MmU0ZWRiNDZjMTIxODhkMjc5YzQ2YjAzMzE4N2YxLTArBgNVBAMTJDhjZDg0NDJm
LTIzNWYtNDE3MS04NGU2LThlMTAwN2E2NGM2MDCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBANHZKOaurFuZrLmdU34ZfrEGT+FFhg2/aTLcr1BUax2yRLNO
qZDnJ7lZ195m9Boo+s2hydHc7m2WGNQKKjR8vQaeUfbrfB+Iue48dfoD8EHhQKG5
UuJjU4L2Ksscjadabx99GDEpB60uASpv4AfUyO5vMAi2AtATjdz6HQoSXijNjzg2
C3OaRTcCnoFwh125L89YCCmTdzJLXW4mkzP9Hm+MRvWcgaVuIE9cQpOW3Y7AhjK6
2gs3Ss7/7dabaE5NQJm3cY3qhqLYTfrjsAwq+OYpqorWVzIiTW61r/8l3BC1iGY0
diAEuhIOcR5fxNLKJykw5hUVlhWkja8Q7aIFgY8CAwEAAaOCArEwggKtMB0GA1Ud
DgQWBBS44KLkJ73Z6SL1DuLWmch1e+QkSDAfBgNVHSMEGDAWgBRqzD59oudtmREP
1jnEE35CQplw2DAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MDM1NzI3MmMtYTc5YS00NWJmLTk1ODYtOTJkZDQ5ZWYzMjIzLzY3NTU5NzBjLTQ3
NDctNDk5ZC05Nzc0LTVlMTMwOGM1MDFhNy85YWIwMTVmMzgyNmUwMTM1MTJhNDUy
OThhNDJmMmJhYmExZmE3MmY4ZDI3OTM4ODc4Yy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS9lNzJkOGRiMC00NzI4LTRmYzEtYmRkOC00NzEx
Mjk4NjYzNjIvOGIzYmM0ZTctNTA3MC00YTViLWIyZmMtNzc4MzgxMjMyYmM1LnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvZTcyZDhkYjAtNDcyOC00ZmMxLWJkZDgt
NDcxMTI5ODY2MzYyL2JnRTFFcVJTbUtRdks2dWgtbkw0MG5rNGg0dy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEw
BgMEBCNgcDANBgkqhkiG9w0BAQsFAAOCAQEANS1wBtfxv2Oo8HwhnecwH84bl85+
rAali5BHTWR4goV0UuyjWm2dQNHHj+g5OWqqjEDfxGvE86Jt1BLujRwL3HP+yHBT
l1lPZW5T9A9sRc68nr1uPsUMkcX+NfkB7v0sCPcbJPsEdQyCOOaijHZTA6rzezbA
hr/pksYJ8puoue8vHfjYSnZcDK+/OeYw6f7Yuexo1c29JDpFPn832NFeZ/dxIFO+
30IFfC7R6V1shsA4yE3Tbw67x0SEQ0ra4OW86bO5uqj1g6IB2KAECV6diP8tHyA6
Vnv2+PJbLaVVb/DZBr3NbmN/54XfQuyJS+9vtMVQezL8EKTZtEw8pDF2Uw==
-----END CERTIFICATE-----
Generated at Tue Jun 17 17:01:16 2025 by rpki-client