Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/52a2c121-7afd-4f02-a6c6-7fa5cf35f7b4.roa
File: 52a2c121-7afd-4f02-a6c6-7fa5cf35f7b4.roa (raw, json)
Hash identifier: Jt58f/SKDOzNyr9u4pjEplZvaHUfwdMEflx6LBwQHrU=
Subject key identifier: FE:BB:EA:51:48:BE:25:2A:D4:03:54:F0:CB:DC:D3:D8:03:0B:02:88
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 34FFE7E94B6C2BA14175824CC94E47E59B8C9036
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/52a2c121-7afd-4f02-a6c6-7fa5cf35f7b4.roa
Signing time: Wed 12 Mar 2025 00:20:24 +0000
ROA not before: Wed 12 Mar 2025 00:20:24 +0000
ROA not after: Wed 16 Apr 2025 23:59:59 +0000
asID: 8987
IP address blocks: 199.183.144.0/20 maxlen: 24
Validation: Failed, certificate revoked on Tue 18 Mar 2025 17:39:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:ff:e7:e9:4b:6c:2b:a1:41:75:82:4c:c9:4e:47:e5:9b:8c:90:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Mar 12 00:20:24 2025 GMT
Not After : Apr 16 23:59:59 2025 GMT
Subject: serialNumber=de2b248bd6ec9a2c63fac0289d372e4e4b3a64f5c9fe9a66fd8bf80ef8543a05, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:3e:79:e6:48:2f:e5:e1:32:18:e2:34:bd:11:
27:ae:aa:e0:4e:cd:d1:b0:d8:ce:e0:62:8b:b1:2c:
41:35:6e:39:94:be:fa:51:b3:a1:71:4e:fe:1d:b6:
44:11:3c:0e:75:13:54:87:28:4c:be:b4:91:ba:ff:
3e:30:e6:7d:00:9d:8f:b3:44:92:d5:19:f9:2f:74:
cf:e6:6c:00:f2:93:dc:98:56:a1:29:6e:9a:46:43:
2f:81:5b:d2:9f:71:86:66:05:72:4f:eb:2d:9a:ee:
9b:e2:93:db:3e:a7:d4:3d:d9:70:52:2d:5b:75:56:
b3:a5:54:9a:77:99:28:16:01:c3:f4:a9:ed:6a:7c:
d9:2c:05:a5:a5:8a:a7:47:85:01:97:29:79:e0:80:
6d:fc:9a:b2:0d:9b:a2:a1:66:bb:cc:8f:a6:05:bc:
90:a4:3c:a0:52:01:f0:f2:5a:d9:55:8d:0e:45:25:
ec:31:8e:68:10:dd:c9:63:68:d4:59:ce:4f:38:a2:
f5:87:7c:1a:14:ba:be:34:93:6c:33:1b:2a:48:76:
cc:b5:ea:4a:59:e2:99:ea:af:95:38:e1:2a:20:ae:
27:17:cc:75:8e:63:55:37:b3:a8:26:eb:7a:59:f0:
fd:17:b2:7a:4b:25:40:2a:5c:e9:b4:41:94:e5:d4:
93:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:BB:EA:51:48:BE:25:2A:D4:03:54:F0:CB:DC:D3:D8:03:0B:02:88
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/52a2c121-7afd-4f02-a6c6-7fa5cf35f7b4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
199.183.144.0/20
Signature Algorithm: sha256WithRSAEncryption
ba:e0:a9:cd:27:4e:4d:c5:11:d3:b9:1b:4b:b4:a4:b3:17:88:
fe:2c:1e:6b:8d:01:22:cf:a3:3a:d3:63:0b:c1:ef:0f:ab:09:
ae:e6:e2:dc:85:2e:ef:30:fd:40:dc:92:8c:09:81:e3:fe:15:
7c:b3:c6:d2:51:df:0b:e8:31:00:bf:43:50:c1:97:c4:a4:87:
ad:de:72:43:f9:7c:6c:4a:06:05:2f:6b:0f:46:20:1a:9a:b8:
f4:ff:cf:88:91:e6:33:52:c8:27:35:dc:1d:70:79:50:e9:c5:
b1:46:f1:aa:47:6b:96:84:a4:bf:99:d3:c3:4c:31:31:db:c1:
e4:2e:d1:45:85:3e:88:d9:ca:4e:3b:10:ca:8c:ec:a9:7b:97:
ef:23:b6:65:78:1e:c9:c0:db:8d:74:10:e8:92:d1:06:d6:b4:
a8:85:22:4f:ea:80:ef:da:35:63:55:7f:07:4d:1c:1d:66:98:
fc:46:f0:ab:70:36:61:9a:a4:40:a5:d9:fd:53:6c:4f:b9:38:
5d:ef:4f:bd:07:77:02:37:51:a8:9e:62:ec:83:8d:ac:3f:2a:
d8:43:31:35:71:27:cf:14:3e:a7:02:4c:ae:26:95:10:cf:88:
98:86:ec:6c:61:61:4e:01:0f:4b:5f:bc:0a:fc:54:89:8d:2a:
83:99:e6:cf
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNP/n6UtsK6FBdYJMyU5H5ZuMkDYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMzEyMDAyMDI0WhcNMjUwNDE2MjM1OTU5
WjB6MUkwRwYDVQQFE0BkZTJiMjQ4YmQ2ZWM5YTJjNjNmYWMwMjg5ZDM3MmU0ZTRi
M2E2NGY1YzlmZTlhNjZmZDhiZjgwZWY4NTQzYTA1MS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCMPnnmSC/l4TIY4jS9ESeuquBOzdGw2M7gYouxLEE1bjmU
vvpRs6FxTv4dtkQRPA51E1SHKEy+tJG6/z4w5n0AnY+zRJLVGfkvdM/mbADyk9yY
VqEpbppGQy+BW9KfcYZmBXJP6y2a7pvik9s+p9Q92XBSLVt1VrOlVJp3mSgWAcP0
qe1qfNksBaWliqdHhQGXKXnggG38mrINm6KhZrvMj6YFvJCkPKBSAfDyWtlVjQ5F
JewxjmgQ3cljaNRZzk84ovWHfBoUur40k2wzGypIdsy16kpZ4pnqr5U44SogricX
zHWOY1U3s6gm63pZ8P0XsnpLJUAqXOm0QZTl1JOjAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQU/rvqUUi+JSrUA1Twy9zT2AMLAogwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzUyYTJjMTIxLTdhZmQtNGYwMi1hNmM2LTdmYTVjZjM1ZjdiNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBATHt5AwDQYJKoZIhvcNAQELBQADggEBALrgqc0nTk3FEdO5G0u0pLMXiP4s
HmuNASLPozrTYwvB7w+rCa7m4tyFLu8w/UDckowJgeP+FXyzxtJR3wvoMQC/Q1DB
l8Skh63eckP5fGxKBgUvaw9GIBqauPT/z4iR5jNSyCc13B1weVDpxbFG8apHa5aE
pL+Z08NMMTHbweQu0UWFPojZyk47EMqM7Kl7l+8jtmV4HsnA2410EOiS0QbWtKiF
Ik/qgO/aNWNVfwdNHB1mmPxG8KtwNmGapECl2f1TbE+5OF3vT70HdwI3UaieYuyD
jaw/KthDMTVxJ88UPqcCTK4mlRDPiJiG7GxhYU4BD0tfvAr8VImNKoOZ5s8=
-----END CERTIFICATE-----
Generated at Wed Apr 16 16:54:38 2025 by rpki-client