Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cd978e93-78e3-4819-98ef-c0d56f21b920.roa
File: cd978e93-78e3-4819-98ef-c0d56f21b920.roa (raw, json)
Hash identifier: ojqoqY3PlvIKDbpo9YfiDEgRRyYY27+Fw7M+8jPzuvQ=
Subject key identifier: 05:C7:A5:F0:DD:44:41:43:81:86:BD:C3:72:D3:BD:F2:F3:6F:AE:B1
Certificate issuer: /CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Certificate serial: 70A74F633BB50DE82FD51B1816345E0D5BA64BE5
Authority key identifier: 2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cd978e93-78e3-4819-98ef-c0d56f21b920.roa
Signing time: Mon 06 Jan 2025 00:00:00 +0000
ROA not before: Mon 06 Jan 2025 00:00:00 +0000
ROA not after: Mon 10 Feb 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2600:f0f0:553f::/48 maxlen: 48
Validation: Failed, certificate revoked on Mon 06 Jan 2025 23:22:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
70:a7:4f:63:3b:b5:0d:e8:2f:d5:1b:18:16:34:5e:0d:5b:a6:4b:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08
Validity
Not Before: Jan 6 00:00:00 2025 GMT
Not After : Feb 10 23:59:59 2025 GMT
Subject: serialNumber=1516be51c3ad9e2a3d9c3938d576e178f3f243329d355b9bf34a1c517b98bf2d, CN=fbb27576-cac2-4381-9a53-6c15e0dc26ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:a9:49:eb:cd:82:4d:f9:d1:e2:48:55:41:4e:
39:1f:20:9a:3b:eb:14:9b:33:b0:49:aa:3c:02:00:
1e:b0:be:12:28:f7:ae:88:c3:7e:6c:8c:65:d2:01:
e7:a3:2e:a1:62:f9:9e:d8:16:20:5c:78:65:6b:94:
2a:9f:c1:ca:b3:7c:fd:f1:26:17:04:dc:24:5e:d8:
8e:58:87:01:d2:01:b3:19:79:ec:10:d7:0d:f3:c5:
f2:2b:ba:54:f9:1d:5c:1f:df:25:40:77:18:87:c2:
cc:b3:6d:86:97:54:0e:f8:ce:70:0e:48:43:92:0a:
35:b5:3f:f4:59:64:6a:b3:27:e9:41:7a:27:3e:af:
dd:ec:a2:ee:69:e3:04:ee:d5:f1:af:5c:89:05:60:
2c:58:34:69:c6:fb:26:1c:e3:66:8d:ae:93:93:ae:
c9:60:a4:d9:49:e5:da:5e:35:9a:db:1c:62:1d:0e:
9e:4c:3c:5f:31:85:eb:2b:94:c7:d9:d5:7a:04:0c:
24:a4:54:e2:c2:14:22:a6:db:92:59:b9:78:29:98:
7d:2f:89:2b:e9:2b:40:c6:97:ba:ee:e7:77:bf:fe:
1b:5d:3d:eb:68:fc:c3:7e:b9:59:67:4c:ea:b4:b9:
95:53:88:a0:da:ba:96:c7:2f:eb:bc:22:fe:aa:86:
24:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:C7:A5:F0:DD:44:41:43:81:86:BD:C3:72:D3:BD:F2:F3:6F:AE:B1
X509v3 Authority Key Identifier:
keyid:2E:18:E2:08:A1:82:57:1B:09:7D:D2:23:A7:16:9E:40:EB:E9:89:3D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/6a9537a8-a685-4b48-9fa8-8362e4fc47ae/b5845c307d0bf61b134b8ab711545826b1707fd5f0af84da08.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/cd978e93-78e3-4819-98ef-c0d56f21b920.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/517f3ed7-58b5-4796-be37-14d62e48f056/C_YbE0uKtxFUWCaxcH_V8K-E2gg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2600:f0f0:553f::/48
Signature Algorithm: sha256WithRSAEncryption
6a:4e:c7:43:94:78:63:95:19:db:2c:7b:53:86:e2:06:ae:fc:
0b:cb:95:83:1e:0e:c1:3e:26:8d:ae:56:e2:12:a0:cc:b9:4d:
1c:04:5f:13:1b:86:2f:69:4a:b6:8c:e3:31:94:48:6a:aa:e6:
6f:10:b3:ef:92:e9:e3:c7:d4:54:e4:bc:ff:a0:ef:21:b5:42:
27:9f:0b:60:bd:3d:23:02:da:e9:92:d4:a5:74:9e:56:90:5c:
a0:b3:69:82:7f:8e:4e:5a:bc:3b:77:eb:00:51:07:ac:ef:b8:
7f:70:40:39:6d:67:0a:ba:95:c7:03:70:8e:5a:e0:4c:16:0a:
ce:8e:fc:6c:d8:68:c7:1e:ea:0e:71:36:20:e7:4e:c4:10:fa:
b1:8a:e0:b8:8e:7c:56:60:0a:fa:af:a4:bf:ce:f4:c4:de:a6:
16:26:75:2f:68:65:0c:7f:fd:71:1d:77:a6:64:c8:f6:c2:ea:
4c:5b:70:fd:5b:47:52:3d:ba:70:be:1c:2e:a7:da:7f:2d:fb:
fe:70:4e:ff:5b:09:de:33:ee:d8:a0:7f:ba:69:00:0a:79:ae:
55:d4:50:76:73:10:cd:06:a6:f4:0f:01:86:26:7e:de:d9:44:
2e:08:cc:1b:b9:7e:63:17:52:a4:30:34:fc:eb:52:51:9c:68:
f7:d6:71:47
-----BEGIN CERTIFICATE-----
MIIF+zCCBOOgAwIBAgIUcKdPYzu1Degv1RsYFjReDVumS+UwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyYjU4NDVjMzA3ZDBiZjYxYjEzNGI4YWI3MTE1NDU4MjZi
MTcwN2ZkNWYwYWY4NGRhMDgwHhcNMjUwMTA2MDAwMDAwWhcNMjUwMjEwMjM1OTU5
WjB6MUkwRwYDVQQFE0AxNTE2YmU1MWMzYWQ5ZTJhM2Q5YzM5MzhkNTc2ZTE3OGYz
ZjI0MzMyOWQzNTViOWJmMzRhMWM1MTdiOThiZjJkMS0wKwYDVQQDEyRmYmIyNzU3
Ni1jYWMyLTQzODEtOWE1My02YzE1ZTBkYzI2ZmYwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDVqUnrzYJN+dHiSFVBTjkfIJo76xSbM7BJqjwCAB6wvhIo
966Iw35sjGXSAeejLqFi+Z7YFiBceGVrlCqfwcqzfP3xJhcE3CRe2I5YhwHSAbMZ
eewQ1w3zxfIrulT5HVwf3yVAdxiHwsyzbYaXVA74znAOSEOSCjW1P/RZZGqzJ+lB
eic+r93sou5p4wTu1fGvXIkFYCxYNGnG+yYc42aNrpOTrslgpNlJ5dpeNZrbHGId
Dp5MPF8xhesrlMfZ1XoEDCSkVOLCFCKm25JZuXgpmH0viSvpK0DGl7ru53e//htd
Peto/MN+uVlnTOq0uZVTiKDaupbHL+u8Iv6qhiT5AgMBAAGjggK0MIICsDAdBgNV
HQ4EFgQUBcel8N1EQUOBhr3DctO98vNvrrEwHwYDVR0jBBgwFoAULhjiCKGCVxsJ
fdIjpxaeQOvpiT0wDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzUyMWViMzNmLTk2NzItNGNkOS1hY2NlLTEzNzIyN2U5NzFhYy82YTk1MzdhOC1h
Njg1LTRiNDgtOWZhOC04MzYyZTRmYzQ3YWUvYjU4NDVjMzA3ZDBiZjYxYjEzNGI4
YWI3MTE1NDU4MjZiMTcwN2ZkNWYwYWY4NGRhMDguY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvNTE3ZjNlZDctNThiNS00Nzk2LWJlMzctMTRk
NjJlNDhmMDU2L2NkOTc4ZTkzLTc4ZTMtNDgxOS05OGVmLWMwZDU2ZjIxYjkyMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lLzUxN2YzZWQ3LTU4YjUtNDc5Ni1iZTM3
LTE0ZDYyZTQ4ZjA1Ni9DX1liRTB1S3R4RlVXQ2F4Y0hfVjhLLUUyZ2cuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwIgYIKwYBBQUHAQcBAf8EEzARMA8EAgAC
MAkDBwAmAPDwVT8wDQYJKoZIhvcNAQELBQADggEBAGpOx0OUeGOVGdsse1OG4gau
/AvLlYMeDsE+Jo2uVuISoMy5TRwEXxMbhi9pSraM4zGUSGqq5m8Qs++S6ePH1FTk
vP+g7yG1QiefC2C9PSMC2umS1KV0nlaQXKCzaYJ/jk5avDt36wBRB6zvuH9wQDlt
Zwq6lccDcI5a4EwWCs6O/GzYaMce6g5xNiDnTsQQ+rGK4LiOfFZgCvqvpL/O9MTe
phYmdS9oZQx//XEdd6ZkyPbC6kxbcP1bR1I9unC+HC6n2n8t+/5wTv9bCd4z7tig
f7ppAAp5rlXUUHZzEM0GpvQPAYYmft7ZRC4IzBu5fmMXUqQwNPzrUlGcaPfWcUc=
-----END CERTIFICATE-----
Generated at Tue Jan 7 05:36:24 2025 by rpki-client on console-fra.rpki-client.org