Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b1eae43-0942-4239-94c6-a530231bc334.roa
File: 5b1eae43-0942-4239-94c6-a530231bc334.roa (raw, json)
Hash identifier: XYipbbb03M3dXpWg1kaS+hYSbgyBx6ZRtiZt5rzYpIY=
Subject key identifier: BA:CA:4B:D0:7A:08:99:C2:A8:46:65:51:33:11:57:0A:93:E5:62:B8
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 1CEDADAC21E735F5D419A07AC033C43B8857A537
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b1eae43-0942-4239-94c6-a530231bc334.roa
Signing time: Sat 22 Feb 2025 00:00:56 +0000
ROA not before: Sat 22 Feb 2025 00:00:56 +0000
ROA not after: Sat 29 Mar 2025 23:59:59 +0000
asID: 16509
IP address blocks: 13.152.0.0/16 maxlen: 24
Validation: Failed, certificate revoked on Tue 25 Feb 2025 17:38:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1c:ed:ad:ac:21:e7:35:f5:d4:19:a0:7a:c0:33:c4:3b:88:57:a5:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Feb 22 00:00:56 2025 GMT
Not After : Mar 29 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:65:e9:fb:5f:4e:1f:64:fc:6b:10:f2:f6:50:
13:c0:f2:a1:05:fb:10:b1:39:4a:40:dc:e3:71:da:
e3:04:74:31:3f:1b:9a:14:22:73:d4:42:d2:9f:e6:
39:86:0e:79:18:42:af:52:e1:d3:22:3c:b3:95:2c:
de:e3:d3:ab:03:95:b1:99:51:10:af:6a:e9:70:62:
ea:8c:ef:7d:22:cb:2a:f3:19:29:75:9b:a1:79:f1:
d8:6d:6f:03:fe:e9:ef:71:8e:58:2a:7d:48:53:8b:
73:21:c0:61:ee:fe:0b:f1:68:8e:d5:47:a3:41:c8:
86:16:50:f0:a2:cd:b4:80:47:93:f7:57:ed:92:d2:
dd:93:a7:85:89:79:be:0d:5e:67:f0:fb:e1:62:7d:
19:44:6e:d0:13:50:5b:ac:b3:1b:b3:1a:81:d0:76:
6a:e7:e7:09:58:6e:b8:5c:72:cf:22:0c:33:11:84:
c0:dd:1e:72:79:ee:0c:68:ee:88:d2:5d:c7:8b:9a:
c8:b2:5a:9b:e0:c5:3f:e3:1f:a5:6e:1c:75:9e:10:
75:b9:8c:36:14:f0:61:4d:a9:25:86:1a:bd:e0:83:
64:43:fa:cc:62:5b:9f:15:b6:ef:8c:14:26:8f:b1:
af:99:7a:7a:ad:3f:ee:4f:e4:59:21:ec:df:c1:59:
46:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BA:CA:4B:D0:7A:08:99:C2:A8:46:65:51:33:11:57:0A:93:E5:62:B8
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/5b1eae43-0942-4239-94c6-a530231bc334.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
13.152.0.0/16
Signature Algorithm: sha256WithRSAEncryption
28:66:93:bc:64:7e:59:95:e9:1c:86:72:aa:32:4a:9d:f6:4c:
eb:95:6c:ad:62:dc:77:19:41:fa:59:f1:79:e6:e7:50:8f:5e:
c9:c4:59:fd:44:09:4f:d4:36:fb:0f:08:91:fa:07:b1:08:d6:
71:78:0b:14:2c:4c:ad:f8:e8:9a:22:e8:03:19:ca:31:92:70:
8a:ca:13:1f:0c:b3:31:1c:7d:6c:87:56:50:89:1a:d8:2f:44:
f9:6f:50:23:b5:8f:3f:4d:53:f7:64:b0:05:e6:f1:a6:13:9c:
51:16:51:ed:7d:3b:88:cc:68:ed:70:80:8c:f9:d1:99:d4:57:
51:2e:03:19:13:a2:0c:35:40:7a:c6:7f:d1:a7:cf:e6:44:78:
3d:94:69:16:8d:8d:d2:9d:c2:29:fd:17:62:e3:e2:83:32:29:
0b:79:02:46:ae:80:8a:87:0a:5a:74:a7:31:ec:0e:e8:d0:1f:
5f:0d:21:c3:03:58:7f:1f:64:8c:c8:e9:c5:9c:27:7c:40:91:
4a:e7:c6:89:b0:88:6e:02:bf:d8:65:8c:ac:c1:08:fc:14:fc:
03:8a:06:d8:35:b9:70:4d:65:93:4a:21:06:d5:f2:04:05:e7:
e8:4e:ca:19:41:b9:27:44:ba:19:d4:8a:3f:61:7b:18:fb:1d:
d5:96:df:d0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgIUHO2trCHnNfXUGaB6wDPEO4hXpTcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjIyMDAwMDU2WhcNMjUwMzI5MjM1OTU5
WjB6MUkwRwYDVQQFE0A2NmJkZjlkMDAyNWU5ZGU5NTY1YjA4ZDlmZDkzYmI0NjA5
Mjc2NjdmZTRlM2Y4ZmM2Yjg0YjJlOTFkM2RiOGJhMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDdZen7X04fZPxrEPL2UBPA8qEF+xCxOUpA3ONx2uMEdDE/
G5oUInPUQtKf5jmGDnkYQq9S4dMiPLOVLN7j06sDlbGZURCvaulwYuqM730iyyrz
GSl1m6F58dhtbwP+6e9xjlgqfUhTi3MhwGHu/gvxaI7VR6NByIYWUPCizbSAR5P3
V+2S0t2Tp4WJeb4NXmfw++FifRlEbtATUFussxuzGoHQdmrn5wlYbrhccs8iDDMR
hMDdHnJ57gxo7ojSXceLmsiyWpvgxT/jH6VuHHWeEHW5jDYU8GFNqSWGGr3gg2RD
+sxiW58Vtu+MFCaPsa+ZenqtP+5P5Fkh7N/BWUaxAgMBAAGjggKwMIICrDAdBgNV
HQ4EFgQUuspL0HoImcKoRmVRMxFXCpPlYrgwHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyLzViMWVhZTQzLTA5NDItNDIzOS05NGM2LWE1MzAyMzFiYzMzNC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHgYIKwYBBQUHAQcBAf8EDzANMAsEAgAB
MAUDAwANmDANBgkqhkiG9w0BAQsFAAOCAQEAKGaTvGR+WZXpHIZyqjJKnfZM65Vs
rWLcdxlB+lnxeebnUI9eycRZ/UQJT9Q2+w8IkfoHsQjWcXgLFCxMrfjomiLoAxnK
MZJwisoTHwyzMRx9bIdWUIka2C9E+W9QI7WPP01T92SwBebxphOcURZR7X07iMxo
7XCAjPnRmdRXUS4DGROiDDVAesZ/0afP5kR4PZRpFo2N0p3CKf0XYuPigzIpC3kC
Rq6AiocKWnSnMewO6NAfXw0hwwNYfx9kjMjpxZwnfECRSufGibCIbgK/2GWMrMEI
/BT8A4oG2DW5cE1lk0ohBtXyBAXn6E7KGUG5J0S6GdSKP2F7GPsd1Zbf0A==
-----END CERTIFICATE-----
Generated at Thu Mar 13 23:32:33 2025 by rpki-client