Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc03b0b8-dc48-442a-b40c-185ce689ee9e.roa
File: dc03b0b8-dc48-442a-b40c-185ce689ee9e.roa (raw, json)
Hash identifier: vCpvIcW3FnIJ5BVKqYBWi/RwpNnaKGRWJe4Lzgy8J9s=
Subject key identifier: 8D:D1:91:9B:0A:DF:ED:2F:35:97:AE:C5:BE:4A:C6:4B:AE:23:46:4E
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 2144CBD2BB63A98004EF3F9BEB9C1AA24EFDE147
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc03b0b8-dc48-442a-b40c-185ce689ee9e.roa
Signing time: Tue 04 Feb 2025 00:00:00 +0000
ROA not before: Tue 04 Feb 2025 00:00:00 +0000
ROA not after: Tue 11 Mar 2025 23:59:59 +0000
asID: 8987
IP address blocks: 2600:1f38:2000::/40 maxlen: 40
Validation: Failed, certificate revoked on Tue 04 Feb 2025 15:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
21:44:cb:d2:bb:63:a9:80:04:ef:3f:9b:eb:9c:1a:a2:4e:fd:e1:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Feb 4 00:00:00 2025 GMT
Not After : Mar 11 23:59:59 2025 GMT
Subject: CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:e0:1c:60:df:2b:35:f7:1b:db:45:a4:e7:b3:
44:98:cc:1e:c3:97:b1:f4:af:5b:a7:e1:18:d2:38:
9c:cd:2c:c6:78:49:99:af:2a:45:4e:b0:b5:c7:cc:
af:0b:0f:47:ab:08:f1:67:b2:59:03:a2:fb:f6:69:
e9:62:b8:6b:9e:77:d9:b6:a9:fb:bc:8c:82:c3:8a:
c7:7d:8c:13:9b:81:50:2f:a3:34:cd:23:16:03:64:
13:36:e4:67:6d:cd:0d:f2:d3:85:19:d8:3c:eb:50:
e9:5a:6f:e4:12:b5:fc:7d:8e:d1:c1:8c:10:cd:86:
19:37:c3:d3:73:e4:68:99:e6:27:89:e8:bc:6b:dc:
32:22:8b:df:20:c2:0e:04:cd:6e:4a:e6:1e:4a:4d:
8e:b6:a0:90:92:e5:c3:dd:0b:df:ac:43:cd:f8:01:
2c:6b:83:4f:ce:84:9f:53:dc:46:c9:6b:fc:b0:46:
24:d9:22:f4:0b:be:97:31:03:c3:de:9b:9c:89:9f:
48:58:05:2b:22:a9:42:1e:f7:5b:67:8c:a6:69:a4:
2d:cc:2d:b1:73:29:58:09:06:33:6b:0e:f4:a7:e3:
d6:ad:66:22:c7:28:d8:ae:8f:90:1f:ff:f4:e5:81:
e7:2d:22:41:ec:de:ca:75:f7:6b:02:07:12:09:1d:
82:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:D1:91:9B:0A:DF:ED:2F:35:97:AE:C5:BE:4A:C6:4B:AE:23:46:4E
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/dc03b0b8-dc48-442a-b40c-185ce689ee9e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:1f38:2000::/40
Signature Algorithm: sha256WithRSAEncryption
8e:5f:b6:8e:34:d7:49:8d:ee:59:9f:e8:e9:d1:e0:c1:f2:fd:
dd:b7:dd:8f:18:db:7b:83:b9:d9:33:c3:a8:cd:18:5c:3b:58:
36:b6:26:96:a7:fa:52:9c:b2:22:81:aa:e1:b4:f6:63:17:51:
4c:70:db:94:b0:47:90:8c:d0:20:91:6a:37:6f:90:f9:90:1a:
b6:c5:33:c8:7a:79:f8:c5:c8:34:75:56:db:1a:44:f8:7a:39:
da:d8:07:b2:99:f1:2a:cd:68:71:7b:40:71:f1:e6:33:61:36:
58:2f:02:b7:a8:96:c0:96:79:38:f3:a3:13:ad:f4:88:ab:a9:
63:79:c0:40:1c:c2:30:e8:3a:0e:90:e7:f1:17:43:54:59:dc:
ca:fe:cd:e2:39:a9:8a:7c:d3:58:ba:6d:d5:96:42:f0:b5:a1:
87:0a:0d:94:74:d4:f8:f9:bd:d9:79:06:35:af:68:32:cd:d4:
5a:39:79:3c:06:e1:9b:ee:29:4c:c4:09:26:9e:4c:a2:4b:8d:
4b:47:cb:a5:e4:95:e9:2f:56:19:b5:60:6c:7d:21:56:86:06:
5a:b7:ed:18:43:21:14:9e:83:58:42:25:06:b2:28:aa:a3:db:
ff:12:97:ed:64:b7:6b:e7:fe:65:de:6d:40:0f:f9:9a:ca:bc:
04:13:e6:ec
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUIUTL0rtjqYAE7z+b65waok794UcwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNmVkODhjYWQxMWZlYWM3NzQ0OWYwMThkNDJiZTM1OGVi
MzcxMDdkYmU4Y2I3MWQwYTcwHhcNMjUwMjA0MDAwMDAwWhcNMjUwMzExMjM1OTU5
WjB6MUkwRwYDVQQFE0A4ZWJhOTIxNWNiYThlN2JjODUzNWFlYzA5NDM4YmMzMTEy
NjIzMDA3MGQ0MGRjODk4NmI4ODZlZjMwYWFmNGRkMS0wKwYDVQQDEyRiMjVjOTcw
Zi1kODEzLTQ0NWMtYmZlMi02MjY2ODUxOGM4N2UwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCL4Bxg3ys19xvbRaTns0SYzB7Dl7H0r1un4RjSOJzNLMZ4
SZmvKkVOsLXHzK8LD0erCPFnslkDovv2aeliuGued9m2qfu8jILDisd9jBObgVAv
ozTNIxYDZBM25GdtzQ3y04UZ2DzrUOlab+QStfx9jtHBjBDNhhk3w9Nz5GiZ5ieJ
6Lxr3DIii98gwg4EzW5K5h5KTY62oJCS5cPdC9+sQ834ASxrg0/OhJ9T3EbJa/yw
RiTZIvQLvpcxA8Pem5yJn0hYBSsiqUIe91tnjKZppC3MLbFzKVgJBjNrDvSn49at
ZiLHKNiuj5Af//TlgectIkHs3sp192sCBxIJHYK9AgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUjdGRmwrf7S81l67FvkrGS64jRk4wHwYDVR0jBBgwFoAUEF3XjVV4QKtD
Xb0VISCPKfpJP64wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzJhMjQ2OTQ3LTJkNjItNGE2Yy1iYTA1LTg3MTg3ZjAwOTliMi8xYmEzMDJiOC04
ZGFiLTQ5MWQtYjllZC1kN2M5MmQwMzBkODIvNmVkODhjYWQxMWZlYWM3NzQ0OWYw
MThkNDJiZTM1OGViMzcxMDdkYmU4Y2I3MWQwYTcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMtMDk3
MjVjMDQyOTQyL2RjMDNiMGI4LWRjNDgtNDQyYS1iNDBjLTE4NWNlNjg5ZWU5ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzIwYWEzMjliLWZjNTItNGM2MS1iZjUz
LTA5NzI1YzA0Mjk0Mi9fcXgzUko4QmpVSy1OWTZ6Y1FmYjZNdHgwS2MuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgAmAB84IDANBgkqhkiG9w0BAQsFAAOCAQEAjl+2jjTXSY3uWZ/o6dHgwfL9
3bfdjxjbe4O52TPDqM0YXDtYNrYmlqf6UpyyIoGq4bT2YxdRTHDblLBHkIzQIJFq
N2+Q+ZAatsUzyHp5+MXINHVW2xpE+Ho52tgHspnxKs1ocXtAcfHmM2E2WC8Ct6iW
wJZ5OPOjE630iKupY3nAQBzCMOg6DpDn8RdDVFncyv7N4jmpinzTWLpt1ZZC8LWh
hwoNlHTU+Pm92XkGNa9oMs3UWjl5PAbhm+4pTMQJJp5MokuNS0fLpeSV6S9WGbVg
bH0hVoYGWrftGEMhFJ6DWEIlBrIoqqPb/xKX7WS3a+f+Zd5tQA/5msq8BBPm7A==
-----END CERTIFICATE-----
Generated at Wed Feb 5 16:00:36 2025 by rpki-client