Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fb93ff40-e5a4-4ee8-8469-335582128ff1.roa
File: fb93ff40-e5a4-4ee8-8469-335582128ff1.roa (raw, json)
Hash identifier: YqPNpTEiktseowf+j5+rzkNcE0aoYXArkpNgt+G42Fs=
Subject key identifier: 5A:B3:66:03:CB:06:19:97:27:9E:70:A9:AA:82:85:97:A9:D3:B2:8A
Certificate issuer: /CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Certificate serial: 34DAD887A24C1CDEBE8BC4351367FE4E3BEE7B
Authority key identifier: 10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fb93ff40-e5a4-4ee8-8469-335582128ff1.roa
Signing time: Mon 28 Aug 2023 00:00:00 +0000
ROA not before: Mon 28 Aug 2023 00:00:00 +0000
ROA not after: Mon 02 Oct 2023 23:59:59 +0000
asID: 8987
IP address blocks: 15.189.0.0/16 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:da:d8:87:a2:4c:1c:de:be:8b:c4:35:13:67:fe:4e:3b:ee:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7
Validity
Not Before: Aug 28 00:00:00 2023 GMT
Not After : Oct 2 23:59:59 2023 GMT
Subject: serialNumber=f79c6dc75fb02ac2e3ce22a8e49323ddda4650e53d630485d7fbe07a39a237af, CN=b25c970f-d813-445c-bfe2-62668518c87e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:c5:d6:1b:e9:dd:7d:39:3d:73:46:fb:80:33:
0f:42:92:f8:66:e0:b1:d5:d9:ed:20:55:fa:80:29:
2e:8f:1b:e6:6d:9f:ea:81:40:a4:2b:e8:19:ed:d5:
92:fc:b4:1b:7b:4d:03:09:80:a0:05:af:ed:4f:7d:
54:24:97:c5:17:3a:b7:0d:bc:83:e9:35:c4:52:65:
d3:92:6c:7c:53:7f:5e:c6:96:8c:99:bd:a7:2d:6a:
e2:ce:3d:7a:ba:98:8a:d2:05:a2:98:b8:d1:9a:80:
2f:0a:43:d8:cf:3e:07:ca:c4:5d:8f:1d:ff:90:a6:
8e:53:ad:c3:53:56:12:a3:b4:01:49:b1:95:7a:8f:
ff:b0:a0:54:08:5f:f2:25:fa:8e:9c:22:09:1d:68:
ae:1f:ba:fc:ab:a2:91:d4:6e:36:54:dd:fa:71:c6:
7b:47:3c:14:38:71:43:d4:b8:2c:06:9e:45:aa:d9:
27:48:8b:b7:60:7d:82:7c:e2:60:95:ea:df:07:f7:
68:fc:85:53:ca:cf:6d:8a:23:cf:34:e1:44:27:a9:
64:4b:5c:4b:89:d7:4a:de:e8:49:2b:5d:50:74:98:
5b:70:8d:9e:c4:93:7f:f4:df:eb:cd:87:52:0c:0a:
b1:4e:57:bc:2c:6f:8a:16:46:a1:b2:ff:36:74:ce:
f1:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:B3:66:03:CB:06:19:97:27:9E:70:A9:AA:82:85:97:A9:D3:B2:8A
X509v3 Authority Key Identifier:
keyid:10:5D:D7:8D:55:78:40:AB:43:5D:BD:15:21:20:8F:29:FA:49:3F:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/2a246947-2d62-4a6c-ba05-87187f0099b2/1ba302b8-8dab-491d-b9ed-d7c92d030d82/6ed88cad11feac77449f018d42be358eb37107dbe8cb71d0a7.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/fb93ff40-e5a4-4ee8-8469-335582128ff1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/20aa329b-fc52-4c61-bf53-09725c042942/_qx3RJ8BjUK-NY6zcQfb6Mtx0Kc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
15.189.0.0/16
Signature Algorithm: sha256WithRSAEncryption
40:39:bd:6d:84:24:a0:86:d4:c4:2c:f3:e8:ff:01:0c:ca:68:
79:18:93:ae:bd:e0:4f:d9:27:71:01:79:b3:78:f8:81:94:74:
99:38:57:cc:4f:11:1a:b4:e2:e4:f8:45:53:52:9e:b1:a7:18:
2b:f0:39:95:e4:cd:00:f8:2b:e4:48:b4:69:9a:52:7c:aa:12:
7c:a0:6c:b5:fc:d5:49:36:d9:cb:5d:c2:c9:ce:d4:d8:a4:88:
5e:59:30:cd:f4:2b:e7:bb:24:94:c6:ad:d7:c4:22:64:74:09:
81:25:88:ae:c5:27:39:23:09:57:35:26:bf:f0:6b:1b:a4:d1:
60:df:09:60:fa:ca:d7:95:bf:21:38:81:65:18:fa:dd:a0:af:
43:e6:8d:7e:a6:82:3b:f9:6d:49:46:41:e9:c8:17:e7:de:00:
5a:6e:45:b5:92:3a:07:49:4b:dc:f7:e8:8f:a2:bc:7d:49:c4:
3b:94:91:2b:c8:33:fc:7f:b6:30:be:a0:8c:a3:0f:da:bc:b2:
b1:4a:50:25:9c:c6:13:6b:17:18:81:e3:6c:c9:e9:66:67:0c:
49:0e:16:10:fb:18:23:61:c0:c8:c1:d3:aa:87:93:06:92:b1:
56:d1:32:06:a1:78:2e:53:46:8f:ca:55:6c:e0:c5:b2:7b:ec:
09:0f:ed:0a
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgITNNrYh6JMHN6+i8Q1E2f+TjvuezANBgkqhkiG9w0BAQsF
ADA9MTswOQYDVQQDEzI2ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAxOGQ0MmJlMzU4ZWIz
NzEwN2RiZThjYjcxZDBhNzAeFw0yMzA4MjgwMDAwMDBaFw0yMzEwMDIyMzU5NTla
MHoxSTBHBgNVBAUTQGY3OWM2ZGM3NWZiMDJhYzJlM2NlMjJhOGU0OTMyM2RkZGE0
NjUwZTUzZDYzMDQ4NWQ3ZmJlMDdhMzlhMjM3YWYxLTArBgNVBAMTJGIyNWM5NzBm
LWQ4MTMtNDQ1Yy1iZmUyLTYyNjY4NTE4Yzg3ZTCCASIwDQYJKoZIhvcNAQEBBQAD
ggEPADCCAQoCggEBAJfF1hvp3X05PXNG+4AzD0KS+GbgsdXZ7SBV+oApLo8b5m2f
6oFApCvoGe3Vkvy0G3tNAwmAoAWv7U99VCSXxRc6tw28g+k1xFJl05JsfFN/XsaW
jJm9py1q4s49erqYitIFopi40ZqALwpD2M8+B8rEXY8d/5CmjlOtw1NWEqO0AUmx
lXqP/7CgVAhf8iX6jpwiCR1orh+6/KuikdRuNlTd+nHGe0c8FDhxQ9S4LAaeRarZ
J0iLt2B9gnziYJXq3wf3aPyFU8rPbYojzzThRCepZEtcS4nXSt7oSStdUHSYW3CN
nsSTf/Tf682HUgwKsU5XvCxvihZGobL/NnTO8dUCAwEAAaOCArAwggKsMB0GA1Ud
DgQWBBRas2YDywYZlyeecKmqgoWXqdOyijAfBgNVHSMEGDAWgBQQXdeNVXhAq0Nd
vRUhII8p+kk/rjAOBgNVHQ8BAf8EBAMCB4AwgfMGCCsGAQUFBwEBBIHmMIHjMIHg
BggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmluLm5ldC9yZXBvc2l0b3J5L2Fy
aW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2UtYjA4Yy0yMTcxZGEyMTU3ZDMv
MmEyNDY5NDctMmQ2Mi00YTZjLWJhMDUtODcxODdmMDA5OWIyLzFiYTMwMmI4LThk
YWItNDkxZC1iOWVkLWQ3YzkyZDAzMGQ4Mi82ZWQ4OGNhZDExZmVhYzc3NDQ5ZjAx
OGQ0MmJlMzU4ZWIzNzEwN2RiZThjYjcxZDBhNy5jZXIwgZ4GCCsGAQUFBwELBIGR
MIGOMIGLBggrBgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5h
bWF6b25hd3MuY29tL3ZvbHVtZS8yMGFhMzI5Yi1mYzUyLTRjNjEtYmY1My0wOTcy
NWMwNDI5NDIvZmI5M2ZmNDAtZTVhNC00ZWU4LTg0NjktMzM1NTgyMTI4ZmYxLnJv
YTCBiAYDVR0fBIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0
LTIuYW1hem9uYXdzLmNvbS92b2x1bWUvMjBhYTMyOWItZmM1Mi00YzYxLWJmNTMt
MDk3MjVjMDQyOTQyL19xeDNSSjhCalVLLU5ZNnpjUWZiNk10eDBLYy5jcmwwGAYD
VR0gAQH/BA4wDDAKBggrBgEFBQcOAjAeBggrBgEFBQcBBwEB/wQPMA0wCwQCAAEw
BQMDAA+9MA0GCSqGSIb3DQEBCwUAA4IBAQBAOb1thCSghtTELPPo/wEMymh5GJOu
veBP2SdxAXmzePiBlHSZOFfMTxEatOLk+EVTUp6xpxgr8DmV5M0A+CvkSLRpmlJ8
qhJ8oGy1/NVJNtnLXcLJztTYpIheWTDN9CvnuySUxq3XxCJkdAmBJYiuxSc5IwlX
NSa/8GsbpNFg3wlg+srXlb8hOIFlGPrdoK9D5o1+poI7+W1JRkHpyBfn3gBabkW1
kjoHSUvc9+iPorx9ScQ7lJEryDP8f7YwvqCMow/avLKxSlAlnMYTaxcYgeNsyelm
ZwxJDhYQ+xgjYcDIwdOqh5MGkrFW0TIGoXguU0aPylVs4MWye+wJD+0K
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:41:52 2024 by rpki-client on console-fra.rpki-client.org