Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/8453787b-1b65-4103-a731-dfdc4fc5d6f9.roa
File: 8453787b-1b65-4103-a731-dfdc4fc5d6f9.roa (raw, json)
Hash identifier: umhHdQT+gaLtAX3kdgnwnuQow12WM2LBrXnVHRwpRO0=
Subject key identifier: 4E:25:3F:0D:1A:53:5F:A5:AB:05:A1:61:9B:4D:4A:20:EC:D2:47:15
Certificate issuer: /CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Certificate serial: 2B4D1812A3FB0AC7E76EA37148EB25D870D4E0B6
Authority key identifier: 15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/8453787b-1b65-4103-a731-dfdc4fc5d6f9.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 393929
IP address blocks: 173.82.137.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2b:4d:18:12:a3:fb:0a:c7:e7:6e:a3:71:48:eb:25:d8:70:d4:e0:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=ec4817eac006790d81ce51bf7387a327c235fe805a6596ba8eb381ebacdb09e5, CN=35095e3e-84cb-4ad0-bda1-6c6f8da69f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:81:2a:f5:6e:99:3b:a4:77:dd:02:7f:35:2a:
dd:bc:a8:49:74:d4:8e:2c:53:df:ce:09:61:a5:f3:
e0:cb:59:96:47:5f:e8:d9:bd:60:a1:4b:85:74:46:
4d:34:40:c2:05:fd:f7:c0:10:c8:af:dc:f6:f7:c0:
72:09:cf:71:66:aa:27:38:1f:5d:8e:47:03:7f:bc:
49:39:19:29:a7:e3:17:47:a0:d1:c5:18:91:e4:3b:
fd:90:5f:33:38:3b:6f:0a:10:5a:78:c4:93:fe:47:
c8:c4:a9:7d:a8:df:f7:46:b4:17:70:93:3d:1d:f5:
f9:0b:26:f4:16:db:fe:2a:47:6a:93:bf:38:65:e8:
a4:09:c6:97:6f:11:28:96:0f:e6:81:da:fc:80:a3:
e9:ef:56:86:09:43:b2:f4:04:da:4d:0a:27:6d:be:
46:26:5f:c4:9b:3f:3d:4b:ed:5f:6e:4b:57:d4:0a:
6d:b8:ab:73:47:c5:9c:92:33:89:84:da:4a:1e:86:
e8:f5:92:9d:95:31:67:2c:72:d4:79:cc:87:2c:af:
72:f0:e7:58:e0:df:3a:1b:71:38:03:fd:2d:47:4e:
c8:fb:e9:39:39:09:75:b0:b3:1d:7f:15:ab:18:0d:
3a:9d:7d:92:23:76:ac:15:70:94:a1:a7:95:17:f8:
9b:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:25:3F:0D:1A:53:5F:A5:AB:05:A1:61:9B:4D:4A:20:EC:D2:47:15
X509v3 Authority Key Identifier:
keyid:15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/8453787b-1b65-4103-a731-dfdc4fc5d6f9.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/z2afnCt1NpzA_dOMFjxYsdQtAQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
173.82.137.0/24
Signature Algorithm: sha256WithRSAEncryption
22:43:10:99:ac:05:36:19:0b:65:42:ef:41:7f:5a:68:7a:d5:
5f:1a:98:f0:45:d9:70:5e:03:3c:0b:50:f8:4d:3e:a5:1b:f5:
2b:51:04:db:97:62:3d:d9:69:dd:27:37:c2:fb:9e:51:3d:1c:
ad:6b:6b:78:ff:01:d2:85:d9:48:8e:aa:4f:2f:62:35:98:cb:
dc:55:5e:52:9b:99:5f:5b:15:71:ae:4e:42:eb:44:ed:31:0c:
f0:2b:bc:6c:9f:f0:c4:6a:38:f5:4c:f8:28:53:24:1e:15:36:
d1:b8:8b:92:22:84:d5:1f:c5:69:c8:60:8a:9f:29:cb:88:41:
f5:47:e2:9e:fa:5c:3e:36:a3:fd:7d:4b:8a:a7:ee:0c:f0:f9:
e3:33:6d:bb:40:6c:ab:fa:bc:8e:b0:1f:60:64:d5:a8:49:14:
6c:28:6e:1b:ad:d2:90:e6:eb:b0:05:c3:e2:ce:a5:3b:91:22:
c6:93:3f:e0:a8:95:7c:7d:bf:ab:b0:e6:1d:4a:84:65:16:bf:
88:29:50:0e:32:df:2d:2d:be:ba:27:f5:4b:b9:98:0b:e0:3c:
2c:b4:c9:e6:06:7d:f7:f4:36:2c:f5:cb:4b:13:a1:56:a8:dc:
90:9e:c8:3d:68:2a:c3:4c:06:04:0d:be:68:d8:6d:27:78:ca:
79:a1:02:d3
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUK00YEqP7CsfnbqNxSOsl2HDU4LYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMWIxZmU2NzMyMWNmNjY5ZjljMmI3NTM2OWNjMGZkZDM4
YzE2M2M1OGIxZDQyZDAxMDcwHhcNMjQwNDIyMDAwMDAwWhcNMjQwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYzQ4MTdlYWMwMDY3OTBkODFjZTUxYmY3Mzg3YTMyN2My
MzVmZTgwNWE2NTk2YmE4ZWIzODFlYmFjZGIwOWU1MS0wKwYDVQQDEyQzNTA5NWUz
ZS04NGNiLTRhZDAtYmRhMS02YzZmOGRhNjlmNjEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDegSr1bpk7pHfdAn81Kt28qEl01I4sU9/OCWGl8+DLWZZH
X+jZvWChS4V0Rk00QMIF/ffAEMiv3Pb3wHIJz3Fmqic4H12ORwN/vEk5GSmn4xdH
oNHFGJHkO/2QXzM4O28KEFp4xJP+R8jEqX2o3/dGtBdwkz0d9fkLJvQW2/4qR2qT
vzhl6KQJxpdvESiWD+aB2vyAo+nvVoYJQ7L0BNpNCidtvkYmX8SbPz1L7V9uS1fU
Cm24q3NHxZySM4mE2koehuj1kp2VMWcsctR5zIcsr3Lw51jg3zobcTgD/S1HTsj7
6Tk5CXWwsx1/FasYDTqdfZIjdqwVcJShp5UX+JsLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUTiU/DRpTX6WrBaFhm01KIOzSRxUwHwYDVR0jBBgwFoAUFfTvBPWvI5bJ
XxZC43kHi0iMFgswDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi9hYWE3NjM5NC00
OGZjLTRmZjMtYjZhYS0wNjkzYzU1ZDc1OGYvMWIxZmU2NzMyMWNmNjY5ZjljMmI3
NTM2OWNjMGZkZDM4YzE2M2M1OGIxZDQyZDAxMDcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZmY5ZmE4NGUtOTc4My00YTBiLWE1OGQtNmRj
OGUyNDMzZDMzLzg0NTM3ODdiLTFiNjUtNDEwMy1hNzMxLWRmZGM0ZmM1ZDZmOS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2ZmOWZhODRlLTk3ODMtNGEwYi1hNThk
LTZkYzhlMjQzM2QzMy96MmFmbkN0MU5wekFfZE9NRmp4WXNkUXRBUWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUokwDQYJKoZIhvcNAQELBQADggEBACJDEJmsBTYZC2VC70F/Wmh61V8a
mPBF2XBeAzwLUPhNPqUb9StRBNuXYj3Zad0nN8L7nlE9HK1ra3j/AdKF2UiOqk8v
YjWYy9xVXlKbmV9bFXGuTkLrRO0xDPArvGyf8MRqOPVM+ChTJB4VNtG4i5IihNUf
xWnIYIqfKcuIQfVH4p76XD42o/19S4qn7gzw+eMzbbtAbKv6vI6wH2Bk1ahJFGwo
bhut0pDm67AFw+LOpTuRIsaTP+ColXx9v6uw5h1KhGUWv4gpUA4y3y0tvron9Uu5
mAvgPCy0yeYGfff0Niz1y0sToVao3JCeyD1oKsNMBgQNvmjYbSd4ynmhAtM=
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:52:02 2024 by rpki-client on console-ams.rpki-client.org