Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/963986ba-6a5a-40f6-ba16-3677e546949c.roa
File: 963986ba-6a5a-40f6-ba16-3677e546949c.roa (raw, json)
Hash identifier: JLQLT/JMh3XN2EKYfXT3mOzr1Fr/UFBNMKbm5cbvp24=
Subject key identifier: AD:F3:F8:4F:06:8D:6F:90:B1:3D:FF:A8:DF:15:ED:A2:55:87:DD:BD
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 751B27CD21AF90D01F96D9FC726654490D8C69F2
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/963986ba-6a5a-40f6-ba16-3677e546949c.roa
Signing time: Tue 25 Mar 2025 23:13:13 +0000
ROA not before: Tue 25 Mar 2025 23:13:13 +0000
ROA not after: Tue 29 Apr 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Mar 2025 23:33:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
75:1b:27:cd:21:af:90:d0:1f:96:d9:fc:72:66:54:49:0d:8c:69:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Mar 25 23:13:13 2025 GMT
Not After : Apr 29 23:59:59 2025 GMT
Subject: CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:57:8c:97:55:e3:bf:de:ab:1a:15:d5:57:fd:
c3:da:15:93:13:84:4a:98:49:a0:7b:c2:44:f1:2f:
0d:0b:1b:fc:e0:4a:b5:f6:18:25:cb:0f:d5:40:77:
84:c3:c4:8c:36:a6:0d:8c:e1:03:35:ec:cd:74:72:
ed:cd:84:1f:9d:20:75:0f:41:74:f4:66:a7:b1:c7:
e7:76:30:30:fb:49:6d:96:a9:6b:1b:6d:40:12:1f:
e7:5c:10:50:04:34:ba:3e:d1:96:46:0d:22:ba:93:
b4:7e:a7:1d:76:6b:f0:79:ee:79:7f:25:8a:78:ab:
24:b0:aa:38:07:64:81:18:75:ef:b3:46:b1:2d:08:
c6:c7:ea:2d:08:76:e8:ce:a5:46:c2:0e:62:f3:15:
de:ea:24:52:23:fe:57:5d:18:78:3e:64:39:8a:fa:
fe:f3:90:3c:ba:be:80:17:56:62:ab:58:25:de:3d:
58:c7:d7:b4:c3:d2:b4:bc:7f:1a:52:c3:92:a0:a0:
74:9f:5b:a5:e9:0b:a2:06:d4:4b:1b:73:2a:1c:b1:
06:ee:36:32:69:9c:ce:46:35:2c:a2:f0:17:ee:bd:
98:0d:d7:9e:df:e8:d8:9c:ed:23:11:98:f9:25:58:
8f:4b:63:c5:5b:34:48:39:a7:3f:8f:90:ec:e4:7c:
f2:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:F3:F8:4F:06:8D:6F:90:B1:3D:FF:A8:DF:15:ED:A2:55:87:DD:BD
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/963986ba-6a5a-40f6-ba16-3677e546949c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:16:eb:c5:1c:00:6f:57:f2:39:22:04:86:d9:94:bf:86:9c:
a3:81:f8:e7:9a:f5:5c:dd:e8:f0:a8:6b:3b:c2:e7:f7:43:78:
e2:77:68:59:02:30:b7:1d:96:37:72:e4:6e:5a:30:01:a9:fb:
98:15:ce:71:a5:d9:da:a8:69:c8:3c:2a:9f:65:d6:4d:73:a2:
4c:08:a3:3a:c2:7a:ad:27:34:b7:32:fe:5d:3c:7b:3a:2d:13:
90:79:9a:73:0a:2a:ce:d4:4a:f1:10:af:64:86:47:ed:ff:f6:
ae:e3:75:6a:68:dc:78:71:f0:56:e1:dd:2d:15:fb:43:11:ae:
cf:b0:fb:fe:67:fc:63:ca:f0:89:ce:f2:97:40:cc:c2:d0:5a:
47:1f:74:7c:6d:af:b7:fd:b7:03:6b:cc:12:74:11:51:2b:1f:
68:fc:52:70:05:8a:4f:ab:04:4a:a6:3b:c5:d4:73:4c:c9:65:
e2:58:ec:02:9b:62:4f:7c:10:b3:53:c7:b2:3e:b9:f5:00:72:
7a:e4:bb:7c:cc:d1:a2:84:1a:fb:84:93:aa:2b:4b:7b:b3:92:
71:27:ef:5c:db:e9:a6:66:d5:50:12:2d:6b:07:18:7e:ea:ee:
e2:1e:cc:9c:5e:a9:41:de:a4:33:56:11:d5:be:4d:d9:81:fa:
c7:29:d7:1b
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUdRsnzSGvkNAfltn8cmZUSQ2MafIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwMzI1MjMxMzEzWhcNMjUwNDI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2MTQxZThjYzhhM2NhMmFkNjcyMzY2YmZmMDIzNzgzN2Zj
NzgwMjdmZjhmNGI0YzgwODRmOTJhNzU3YTUxNGI0MS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCyV4yXVeO/3qsaFdVX/cPaFZMThEqYSaB7wkTxLw0LG/zg
SrX2GCXLD9VAd4TDxIw2pg2M4QM17M10cu3NhB+dIHUPQXT0Zqexx+d2MDD7SW2W
qWsbbUASH+dcEFAENLo+0ZZGDSK6k7R+px12a/B57nl/JYp4qySwqjgHZIEYde+z
RrEtCMbH6i0IdujOpUbCDmLzFd7qJFIj/lddGHg+ZDmK+v7zkDy6voAXVmKrWCXe
PVjH17TD0rS8fxpSw5KgoHSfW6XpC6IG1EsbcyocsQbuNjJpnM5GNSyi8BfuvZgN
157f6Nic7SMRmPklWI9LY8VbNEg5pz+PkOzkfPKjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUrfP4TwaNb5CxPf+o3xXtolWH3b0wHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2Lzk2Mzk4NmJhLTZhNWEtNDBmNi1iYTE2LTM2NzdlNTQ2OTQ5Yy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAH8W68UcAG9X8jkiBIbZlL+GnKOB
+Oea9Vzd6PCoazvC5/dDeOJ3aFkCMLcdljdy5G5aMAGp+5gVznGl2dqoacg8Kp9l
1k1zokwIozrCeq0nNLcy/l08ezotE5B5mnMKKs7USvEQr2SGR+3/9q7jdWpo3Hhx
8Fbh3S0V+0MRrs+w+/5n/GPK8InO8pdAzMLQWkcfdHxtr7f9twNrzBJ0EVErH2j8
UnAFik+rBEqmO8XUc0zJZeJY7AKbYk98ELNTx7I+ufUAcnrku3zM0aKEGvuEk6or
S3uzknEn71zb6aZm1VASLWsHGH7q7uIezJxeqUHepDNWEdW+TdmB+scp1xs=
-----END CERTIFICATE-----
Generated at Sun Apr 6 02:23:24 2025 by rpki-client