Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2c837d4d-146b-47e4-b979-502038c6a592.roa
File: 2c837d4d-146b-47e4-b979-502038c6a592.roa (raw, json)
Hash identifier: HBktTRcAVyXZgb3X7YzOw2vAFaJaDtZAjMcF4GOFxC0=
Subject key identifier: 32:28:59:AE:39:A0:7B:4B:D0:E0:DD:BB:B4:63:5A:1B:5A:51:2E:A2
Certificate issuer: /CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Certificate serial: 5E1CF92B38DE1E854A669C7BD26B83A14C1AD981
Authority key identifier: 55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2c837d4d-146b-47e4-b979-502038c6a592.roa
Signing time: Mon 07 Jul 2025 06:53:17 +0000
ROA not before: Mon 07 Jul 2025 06:53:17 +0000
ROA not after: Mon 11 Aug 2025 23:59:59 +0000
asID: 400098
IP address blocks: 199.36.120.0/24 maxlen: 24
Validation: Failed, certificate revoked on Mon 07 Jul 2025 07:13:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5e:1c:f9:2b:38:de:1e:85:4a:66:9c:7b:d2:6b:83:a1:4c:1a:d9:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d
Validity
Not Before: Jul 7 06:53:17 2025 GMT
Not After : Aug 11 23:59:59 2025 GMT
Subject: serialNumber=a636d4579df5c3d50648d0d633386a537bd0c9dba1eb522dcdf25448bda498cf, CN=c0ce23ea-43fc-4be4-beee-c01478122a0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:e8:55:55:4c:30:39:06:ad:62:c3:e4:a2:0e:
98:79:ab:57:cb:88:f4:23:43:17:c7:ca:6e:17:bd:
c5:b7:49:b0:77:88:6c:4c:27:39:dd:05:85:c6:46:
8a:a7:78:9c:31:9d:63:ac:b5:a9:58:12:5d:18:8f:
38:ec:dd:12:0a:67:11:75:9d:a4:81:f9:3e:8e:9e:
90:bc:71:a4:f2:97:fd:c8:d2:11:0d:c8:14:10:5e:
e0:ac:d9:e4:5c:85:71:78:12:64:b9:c2:13:d5:52:
6f:bc:06:3f:2b:4c:c5:54:ab:83:0b:68:5c:c0:b6:
b3:35:3e:81:6c:8b:08:db:ff:75:c3:77:f3:26:2f:
f2:a1:ba:8e:9d:de:f5:8b:db:7f:35:a0:ae:2e:7f:
85:e4:34:74:9e:95:e3:32:16:49:a5:cc:ed:80:58:
b3:8b:8c:1c:06:93:c5:45:7c:b2:66:7d:cb:e5:3e:
fb:0f:bf:4c:69:0a:84:1c:9e:34:b2:e4:8f:be:fd:
65:84:5c:77:06:d1:c0:33:ef:41:30:da:15:13:f9:
6c:da:24:b4:07:9a:1d:9f:16:13:f9:fe:03:dc:4c:
a3:af:74:89:73:7d:f0:ed:f0:0e:c7:e7:07:55:d6:
09:e6:b0:a7:dd:b4:5e:38:79:c1:c5:ca:ef:54:87:
77:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
32:28:59:AE:39:A0:7B:4B:D0:E0:DD:BB:B4:63:5A:1B:5A:51:2E:A2
X509v3 Authority Key Identifier:
keyid:55:A8:DD:45:D9:44:13:F9:D1:92:F5:2C:63:CE:8C:FB:C6:14:96:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/0357272c-a79a-45bf-9586-92dd49ef3223/1433ebff-dfd6-4c5c-b7ff-99c85139d4a8/278aab878f2662ce14e905e18ebcb7522f92b3684bc4865b4d.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/2c837d4d-146b-47e4-b979-502038c6a592.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/16f1ffee-7461-4674-bb05-fddefa9a02c6/JmLOFOkF4Y68t1IvkrNoS8SGW00.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.36.120.0/24
Signature Algorithm: sha256WithRSAEncryption
51:32:74:95:7c:fa:f1:fd:50:61:d7:7a:80:20:c8:6f:e7:e1:
e4:3e:51:7f:32:65:81:96:f5:a8:e4:cf:00:3c:07:18:9e:bb:
e4:b4:b0:5b:a5:be:8f:99:b7:ee:44:0c:b0:02:b6:f2:6b:b6:
f7:c9:ad:01:ec:5e:4f:cd:df:9d:45:cf:92:8d:92:f5:f4:ee:
14:5a:e0:d0:f7:9c:a3:a0:e7:e6:06:9d:a6:e9:30:2c:fb:22:
d5:38:98:db:cc:93:47:4b:30:64:db:eb:6f:fd:00:c1:81:e6:
30:8f:57:42:ea:7f:dd:2d:c8:5a:25:e9:41:2a:ff:df:a3:ef:
82:04:51:a6:95:01:8e:94:85:89:13:82:23:ab:80:c9:7d:5f:
ad:17:0e:36:49:08:c1:96:2e:90:9a:b6:f5:62:46:03:85:ff:
a8:6e:a5:60:ee:c6:98:7a:c2:16:b7:ec:0e:3f:23:f6:84:9f:
b6:e8:b4:4c:85:44:6a:12:5e:2f:33:1d:86:bc:f6:54:32:b4:
93:4a:da:1d:be:11:fa:1c:dc:5b:79:3f:8a:dc:f3:45:f1:54:
e9:96:8b:98:05:37:c0:bf:c9:79:88:15:48:a3:06:48:d3:da:
8d:81:dc:c8:86:7e:f6:eb:1c:0f:6e:76:60:7f:e7:9e:69:cc:
5a:14:40:1a
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUXhz5KzjeHoVKZpx70muDoUwa2YEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMjc4YWFiODc4ZjI2NjJjZTE0ZTkwNWUxOGViY2I3NTIy
ZjkyYjM2ODRiYzQ4NjViNGQwHhcNMjUwNzA3MDY1MzE3WhcNMjUwODExMjM1OTU5
WjB6MUkwRwYDVQQFE0BhNjM2ZDQ1NzlkZjVjM2Q1MDY0OGQwZDYzMzM4NmE1Mzdi
ZDBjOWRiYTFlYjUyMmRjZGYyNTQ0OGJkYTQ5OGNmMS0wKwYDVQQDEyRjMGNlMjNl
YS00M2ZjLTRiZTQtYmVlZS1jMDE0NzgxMjJhMGUwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDO6FVVTDA5Bq1iw+SiDph5q1fLiPQjQxfHym4XvcW3SbB3
iGxMJzndBYXGRoqneJwxnWOstalYEl0Yjzjs3RIKZxF1naSB+T6OnpC8caTyl/3I
0hENyBQQXuCs2eRchXF4EmS5whPVUm+8Bj8rTMVUq4MLaFzAtrM1PoFsiwjb/3XD
d/MmL/Khuo6d3vWL2381oK4uf4XkNHSeleMyFkmlzO2AWLOLjBwGk8VFfLJmfcvl
PvsPv0xpCoQcnjSy5I++/WWEXHcG0cAz70Ew2hUT+WzaJLQHmh2fFhP5/gPcTKOv
dIlzffDt8A7H5wdV1gnmsKfdtF44ecHFyu9Uh3edAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUMihZrjmge0vQ4N27tGNaG1pRLqIwHwYDVR0jBBgwFoAUVajdRdlEE/nR
kvUsY86M+8YUlrgwDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzAzNTcyNzJjLWE3OWEtNDViZi05NTg2LTkyZGQ0OWVmMzIyMy8xNDMzZWJmZi1k
ZmQ2LTRjNWMtYjdmZi05OWM4NTEzOWQ0YTgvMjc4YWFiODc4ZjI2NjJjZTE0ZTkw
NWUxOGViY2I3NTIyZjkyYjM2ODRiYzQ4NjViNGQuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMTZmMWZmZWUtNzQ2MS00Njc0LWJiMDUtZmRk
ZWZhOWEwMmM2LzJjODM3ZDRkLTE0NmItNDdlNC1iOTc5LTUwMjAzOGM2YTU5Mi5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzE2ZjFmZmVlLTc0NjEtNDY3NC1iYjA1
LWZkZGVmYTlhMDJjNi9KbUxPRk9rRjRZNjh0MUl2a3JOb1M4U0dXMDAuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBADHJHgwDQYJKoZIhvcNAQELBQADggEBAFEydJV8+vH9UGHXeoAgyG/n4eQ+
UX8yZYGW9ajkzwA8Bxieu+S0sFulvo+Zt+5EDLACtvJrtvfJrQHsXk/N351Fz5KN
kvX07hRa4ND3nKOg5+YGnabpMCz7ItU4mNvMk0dLMGTb62/9AMGB5jCPV0Lqf90t
yFol6UEq/9+j74IEUaaVAY6UhYkTgiOrgMl9X60XDjZJCMGWLpCatvViRgOF/6hu
pWDuxph6wha37A4/I/aEn7botEyFRGoSXi8zHYa89lQytJNK2h2+Efoc3Ft5P4rc
80XxVOmWi5gFN8C/yXmIFUijBkjT2o2B3MiGfvbrHA9udmB/555pzFoUQBo=
-----END CERTIFICATE-----
Generated at Mon Jul 7 11:04:33 2025 by rpki-client