Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2b71043a-784f-4c14-8051-a00191c3b8a3.roa
File: 2b71043a-784f-4c14-8051-a00191c3b8a3.roa (raw, json)
Hash identifier: YCuPawouNv3znvOayngLB5KfdHiTkMHbubGSDym3Bho=
Subject key identifier: 4D:1E:F4:5D:01:9C:16:E6:E8:57:FB:0E:4A:11:C4:92:CB:0D:12:29
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 42558A2E3C5336D8D2E02AD0BD5BCB7ED5B672FE
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2b71043a-784f-4c14-8051-a00191c3b8a3.roa
Signing time: Tue 21 Jan 2025 00:00:00 +0000
ROA not before: Tue 21 Jan 2025 00:00:00 +0000
ROA not after: Tue 25 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:1ff9:6000::/40 maxlen: 48
Validation: Failed, certificate revoked on Tue 28 Jan 2025 19:39:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
42:55:8a:2e:3c:53:36:d8:d2:e0:2a:d0:bd:5b:cb:7e:d5:b6:72:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Jan 21 00:00:00 2025 GMT
Not After : Feb 25 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:5f:fd:a4:8b:da:0d:7d:4f:82:0f:d6:1a:07:
c0:13:a3:36:e3:5c:37:61:34:e7:b5:4c:59:48:7d:
58:cd:a9:39:6b:9a:2e:4a:ff:53:75:dd:64:80:e2:
e3:f4:67:f3:2d:1e:99:ef:77:91:d8:a0:e3:21:31:
6f:c0:97:fa:87:e4:70:f8:b7:48:98:6e:a2:28:a1:
bf:ee:20:61:37:17:30:8a:02:e0:7c:21:ed:45:65:
a7:ea:d3:73:7e:0e:1b:07:70:82:d1:d1:8b:13:7e:
d7:b9:15:d5:d2:85:b3:d2:f2:33:13:54:6e:7d:66:
43:23:28:f4:f7:9c:f6:a2:a4:19:e6:bb:04:96:5a:
e2:ee:25:c7:e0:04:55:3f:1c:e2:1a:b3:b1:b7:b6:
64:fb:ba:35:d1:be:a3:57:d9:17:c9:df:e3:cd:e1:
cf:87:cf:e9:02:be:01:09:68:43:d9:2e:6f:fa:fb:
7d:23:c7:78:83:aa:84:cf:8d:bb:2e:80:8d:bd:fe:
8e:41:ba:90:2b:62:2e:52:f5:3c:97:f8:1e:0d:f6:
93:35:cf:e4:4a:0c:c4:f1:c7:21:64:1a:11:c8:51:
49:e5:b4:ef:91:ba:43:cf:ff:5a:9a:d3:12:0b:05:
55:36:e3:d3:cd:2c:c2:c7:54:d5:59:c8:6c:a7:f7:
8d:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:1E:F4:5D:01:9C:16:E6:E8:57:FB:0E:4A:11:C4:92:CB:0D:12:29
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/2b71043a-784f-4c14-8051-a00191c3b8a3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1ff9:6000::/40
Signature Algorithm: sha256WithRSAEncryption
d6:e6:96:54:ab:07:ef:cb:fa:2f:72:64:c4:35:83:b0:55:6a:
4a:16:9f:c0:68:ea:9b:15:18:60:f9:c4:5f:f8:cb:ef:2b:20:
e6:73:cf:cd:b0:15:44:3a:7f:64:fe:9c:27:b1:32:30:ca:a7:
29:06:e2:5f:0b:85:35:d4:10:0c:bc:a9:d7:c1:05:fc:a3:32:
74:63:9e:3f:a0:4c:99:61:0f:45:01:ce:d0:00:08:ee:77:66:
32:4c:89:3d:23:0a:32:f4:91:a7:f4:3f:27:7e:71:b1:f4:56:
b6:72:49:bc:54:51:a9:82:ac:46:cd:09:d7:ac:1d:72:63:08:
b6:53:9d:36:87:d2:de:a1:08:3c:c2:83:f0:b4:a5:c0:4b:a8:
4f:59:23:98:a9:e5:76:9f:13:7f:80:f5:75:54:24:04:80:63:
75:92:fc:dd:af:77:2a:c2:fb:91:38:66:2d:48:7b:b3:b9:c6:
c3:a7:4c:ec:03:21:f3:1d:31:ba:b4:0f:11:2d:83:21:5c:08:
df:3b:54:45:68:3a:90:69:91:f3:1b:08:21:8b:e9:a1:eb:97:
41:46:a6:f9:f7:44:93:82:c6:32:42:9a:a6:40:13:9c:af:b5:
e4:74:a2:eb:7a:38:94:66:6d:61:e4:2a:32:eb:94:e8:52:31:
90:07:33:55
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUQlWKLjxTNtjS4CrQvVvLftW2cv4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMTIxMDAwMDAwWhcNMjUwMjI1MjM1OTU5
WjB6MUkwRwYDVQQFE0BkYTRjMTkyMjQ5Y2RkZGE4MzAwMmZjNDhlMGJmN2I1Njdk
N2JiNDc2ZTVkMzEyNjc5YTFkMmJmNzFkZTA3NjY3MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDHX/2ki9oNfU+CD9YaB8ATozbjXDdhNOe1TFlIfVjNqTlr
mi5K/1N13WSA4uP0Z/MtHpnvd5HYoOMhMW/Al/qH5HD4t0iYbqIoob/uIGE3FzCK
AuB8Ie1FZafq03N+DhsHcILR0YsTfte5FdXShbPS8jMTVG59ZkMjKPT3nPaipBnm
uwSWWuLuJcfgBFU/HOIas7G3tmT7ujXRvqNX2RfJ3+PN4c+Hz+kCvgEJaEPZLm/6
+30jx3iDqoTPjbsugI29/o5BupArYi5S9TyX+B4N9pM1z+RKDMTxxyFkGhHIUUnl
tO+RukPP/1qa0xILBVU249PNLMLHVNVZyGyn940hAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUTR70XQGcFuboV/sOShHEkssNEikwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzJiNzEwNDNhLTc4NGYtNGMxNC04MDUxLWEwMDE5MWMzYjhhMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB/5YDANBgkqhkiG9w0BAQsFAAOCAQEA1uaWVKsH78v6L3JkxDWDsFVq
ShafwGjqmxUYYPnEX/jL7ysg5nPPzbAVRDp/ZP6cJ7EyMMqnKQbiXwuFNdQQDLyp
18EF/KMydGOeP6BMmWEPRQHO0AAI7ndmMkyJPSMKMvSRp/Q/J35xsfRWtnJJvFRR
qYKsRs0J16wdcmMItlOdNofS3qEIPMKD8LSlwEuoT1kjmKnldp8Tf4D1dVQkBIBj
dZL83a93KsL7kThmLUh7s7nGw6dM7AMh8x0xurQPES2DIVwI3ztURWg6kGmR8xsI
IYvpoeuXQUam+fdEk4LGMkKapkATnK+15HSi63o4lGZtYeQqMuuU6FIxkAczVQ==
-----END CERTIFICATE-----
Generated at Sun Feb 16 15:05:14 2025 by rpki-client