Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c5e869f4-a046-4227-a965-632f217c044e.roa
File: c5e869f4-a046-4227-a965-632f217c044e.roa (raw, json)
Hash identifier: CXPjvpprjOYgs7lUsdMve8Z2Q5mKeBT+sAHyU16EjRg=
Subject key identifier: A4:FC:58:CC:40:86:6A:02:CD:21:DD:00:0E:4E:EB:FF:B7:5D:5C:91
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 3C050D07A219E0C354F4FEC1917950672D9040DE
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c5e869f4-a046-4227-a965-632f217c044e.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:f00c:8000::/39 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Jan 2025 23:40:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3c:05:0d:07:a2:19:e0:c3:54:f4:fe:c1:91:79:50:67:2d:90:40:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=37ec550dce7a3d655b025b3a1f11ccc28dc8e1528a7004bb3fa42b5e5d0e5190, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:8a:7d:5f:2f:92:8e:5c:c3:7b:5d:f4:f3:ca:
8a:ad:c0:d2:0c:c2:ad:3e:3f:4b:5a:d3:5c:7e:45:
d9:e1:65:f6:fc:18:1b:4c:f0:4f:70:ca:ad:7a:49:
47:12:85:bb:4e:b5:13:6d:54:48:30:93:d3:01:27:
2a:0d:a3:f5:62:69:0e:7b:a6:fa:3d:85:4c:7e:3d:
a2:d0:6d:b4:6f:6c:69:0c:d4:68:a6:7d:f8:6d:7e:
5b:73:15:a8:5f:08:24:ee:bb:db:f1:30:ef:09:6f:
c3:04:b1:ad:b3:2e:9e:65:3d:7b:0a:aa:a8:0c:3b:
8d:fc:c9:c6:cf:39:b7:d0:bc:e9:88:c8:8a:82:67:
e8:98:ae:02:0f:ed:42:80:f7:af:be:db:27:50:00:
c6:7d:c3:e4:0d:0d:83:5e:a3:39:c0:42:43:36:7c:
16:98:6a:d5:fa:7d:3d:82:85:41:16:aa:6f:c9:5a:
1b:15:40:b7:c9:f0:0f:aa:71:f7:1e:1a:c9:09:b7:
bb:cf:ed:61:b6:d4:ee:7a:ef:2b:77:92:23:87:a7:
fb:9f:29:fa:a0:8b:c5:02:2f:2c:2a:a3:b9:c4:9d:
59:67:2e:3f:8b:2f:14:21:00:89:2a:6c:d5:d3:01:
81:3d:05:0e:f0:e8:b6:13:b4:de:7b:19:b1:33:86:
8f:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:FC:58:CC:40:86:6A:02:CD:21:DD:00:0E:4E:EB:FF:B7:5D:5C:91
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/c5e869f4-a046-4227-a965-632f217c044e.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f00c:8000::/39
Signature Algorithm: sha256WithRSAEncryption
27:76:9f:8e:53:a6:aa:60:20:67:86:33:2f:85:35:ca:c7:ec:
54:8e:87:84:cb:23:94:73:f3:ec:02:0c:98:87:bd:26:c2:ac:
2f:ea:94:87:f3:35:76:42:5c:f0:07:6c:d8:6f:5f:49:78:81:
d1:bb:22:52:1e:5d:51:55:bb:b7:7d:70:d3:c5:a1:f9:4f:ac:
6a:84:1c:2b:24:88:ec:ca:77:91:91:98:56:82:7a:8a:e9:51:
9c:14:40:2d:a5:0b:0d:4c:46:fa:7d:68:fd:82:b2:98:07:e9:
c0:23:e3:4b:a8:2b:5a:a8:55:e3:44:0c:89:ae:6e:ca:1f:3c:
e0:b8:6b:1a:3f:15:dc:61:3a:df:b9:00:9b:7a:db:dd:0b:22:
3c:49:2a:53:9b:ed:0a:88:e2:c2:2d:91:ee:a0:2b:ae:42:28:
da:b8:5c:9c:da:e4:c1:a3:ce:3f:76:dc:37:6b:54:a3:a7:ac:
e9:c3:36:fa:6f:ea:a9:0d:17:af:43:9f:58:ec:39:3e:d8:7b:
1a:cb:25:25:f5:bf:60:f7:d8:25:13:89:b0:66:6c:84:b2:e3:
60:ed:7d:73:f2:06:e2:50:10:4e:38:56:36:50:84:db:98:bd:
60:59:82:47:76:3b:d1:ce:69:f2:86:ab:9c:1a:47:b8:da:ca:
3a:c6:6e:c4
-----BEGIN CERTIFICATE-----
MIIF+jCCBOKgAwIBAgIUPAUNB6IZ4MNU9P7BkXlQZy2QQN4wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AzN2VjNTUwZGNlN2EzZDY1NWIwMjViM2ExZjExY2NjMjhk
YzhlMTUyOGE3MDA0YmIzZmE0MmI1ZTVkMGU1MTkwMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCjin1fL5KOXMN7XfTzyoqtwNIMwq0+P0ta01x+RdnhZfb8
GBtM8E9wyq16SUcShbtOtRNtVEgwk9MBJyoNo/ViaQ57pvo9hUx+PaLQbbRvbGkM
1GimffhtfltzFahfCCTuu9vxMO8Jb8MEsa2zLp5lPXsKqqgMO438ycbPObfQvOmI
yIqCZ+iYrgIP7UKA96++2ydQAMZ9w+QNDYNeoznAQkM2fBaYatX6fT2ChUEWqm/J
WhsVQLfJ8A+qcfceGskJt7vP7WG21O567yt3kiOHp/ufKfqgi8UCLywqo7nEnVln
Lj+LLxQhAIkqbNXTAYE9BQ7w6LYTtN57GbEzho9BAgMBAAGjggKzMIICrzAdBgNV
HQ4EFgQUpPxYzECGagLNId0ADk7r/7ddXJEwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2M1ZTg2OWY0LWEwNDYtNDIyNy1hOTY1LTYzMmYyMTdjMDQ0ZS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIQYIKwYBBQUHAQcBAf8EEjAQMA4EAgAC
MAgDBgEmAPAMgDANBgkqhkiG9w0BAQsFAAOCAQEAJ3afjlOmqmAgZ4YzL4U1ysfs
VI6HhMsjlHPz7AIMmIe9JsKsL+qUh/M1dkJc8Ads2G9fSXiB0bsiUh5dUVW7t31w
08Wh+U+saoQcKySI7Mp3kZGYVoJ6iulRnBRALaULDUxG+n1o/YKymAfpwCPjS6gr
WqhV40QMia5uyh884LhrGj8V3GE637kAm3rb3QsiPEkqU5vtCojiwi2R7qArrkIo
2rhcnNrkwaPOP3bcN2tUo6es6cM2+m/qqQ0Xr0OfWOw5Pth7GsslJfW/YPfYJROJ
sGZshLLjYO19c/IG4lAQTjhWNlCE25i9YFmCR3Y70c5p8oarnBpHuNrKOsZuxA==
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org