Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/87b38010-5926-4dbd-ae6d-2bdcbac9ca00.roa
File: 87b38010-5926-4dbd-ae6d-2bdcbac9ca00.roa (raw, json)
Hash identifier: bMBmHsahQbSBv5V2vbQKVxnz3O5s0lW8kmkV2ljghuw=
Subject key identifier: 47:88:C6:21:EA:EF:58:52:FA:9E:5B:7E:BA:96:04:DB:94:F7:C4:2B
Certificate issuer: /CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Certificate serial: 0F83861029F1ABD37FF625BA07C6954AF850E03C
Authority key identifier: 15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/87b38010-5926-4dbd-ae6d-2bdcbac9ca00.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 66.152.181.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
0f:83:86:10:29:f1:ab:d3:7f:f6:25:ba:07:c6:95:4a:f8:50:e0:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: CN=35095e3e-84cb-4ad0-bda1-6c6f8da69f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:6b:0f:14:24:5f:53:d3:ab:dc:71:2d:87:25:
31:78:0a:d8:c8:8f:ab:f1:6d:35:72:ea:d7:5c:50:
d5:69:83:83:31:58:14:f6:1e:d1:e4:9c:ba:70:b0:
d9:cd:b1:09:db:3c:43:5b:e9:e1:58:c3:b5:26:00:
43:f9:15:26:99:61:33:bb:ff:08:ad:8f:4e:2e:59:
b7:39:05:48:ba:f3:1c:fd:8d:06:55:c7:94:ca:3c:
18:60:51:8f:a9:4e:27:75:da:8a:91:f0:90:ed:ff:
60:a9:54:c6:e3:4b:0f:96:7d:44:21:61:56:09:02:
46:43:ca:ff:42:e9:e0:aa:46:76:53:59:73:56:96:
ba:ce:0b:c5:ed:80:5a:43:59:3a:06:69:de:5f:0a:
7d:85:94:ef:bc:fa:d1:c4:f5:1b:d3:37:b4:c9:6f:
a3:bc:75:95:c1:e5:4c:b3:e7:bb:0f:d3:ea:e1:85:
2d:21:2b:6f:df:60:06:83:5a:45:9c:d0:7f:b9:a8:
d7:4e:e4:a5:5c:87:2d:ad:96:ba:54:d1:79:2f:ed:
73:28:8a:87:d4:c8:20:6d:11:24:31:ff:d5:f9:74:
f6:37:b7:ce:f0:be:11:fb:76:ae:03:63:19:df:9e:
e1:ce:e3:e8:19:e2:21:62:b2:5f:02:f8:a7:f1:21:
86:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:88:C6:21:EA:EF:58:52:FA:9E:5B:7E:BA:96:04:DB:94:F7:C4:2B
X509v3 Authority Key Identifier:
keyid:15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/87b38010-5926-4dbd-ae6d-2bdcbac9ca00.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/z2afnCt1NpzA_dOMFjxYsdQtAQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.152.181.0/24
Signature Algorithm: sha256WithRSAEncryption
a1:bd:50:78:8e:09:47:2e:79:1f:a7:59:6e:ae:04:e0:c0:6c:
f6:34:32:39:8a:53:84:b4:e5:3d:e0:33:4a:d2:22:e9:41:1a:
15:cc:b8:81:22:a6:92:82:5c:18:f2:09:5e:20:a5:a4:96:d9:
c0:29:33:40:56:95:db:b5:0a:84:d9:7f:81:c1:6d:0d:45:76:
7d:ad:e6:c1:8f:ac:57:1d:4d:3c:a0:2f:94:55:b0:15:07:f9:
22:92:eb:75:df:cf:d3:57:39:70:11:4a:af:db:49:bb:ab:34:
f9:db:d8:19:63:54:9e:82:86:e6:f0:cd:d5:37:23:6b:e0:a4:
7e:a2:f2:0b:c2:f7:c6:b9:1c:bb:ae:a9:29:81:f7:0a:9d:82:
51:34:dd:9b:42:7a:24:b1:83:5a:93:85:26:8c:74:54:8f:01:
0c:8a:cb:97:6d:f6:32:05:6b:fe:89:40:d0:ff:86:60:20:06:
e4:bf:71:09:d6:7e:c6:4d:ae:85:7f:a2:37:71:5c:b6:22:a6:
a7:f7:a7:f7:3e:da:f0:b1:d7:8a:14:ff:dc:0d:f2:1c:7c:60:
e9:c2:ba:fd:01:f2:75:18:6d:38:51:c5:16:40:6c:b8:6a:94:
7c:c7:a1:0b:04:90:b2:27:19:73:fa:06:06:1c:2a:08:c4:aa:
48:d5:4c:9e
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUD4OGECnxq9N/9iW6B8aVSvhQ4DwwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMWIxZmU2NzMyMWNmNjY5ZjljMmI3NTM2OWNjMGZkZDM4
YzE2M2M1OGIxZDQyZDAxMDcwHhcNMjQwNDIyMDAwMDAwWhcNMjQwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A0MTQ3ZDhkYWQzN2Y0N2JhMWIzZDQ2NmJhMGIxZmRiMTg2
N2IxMWVkYjQ5MDI5NzllYTIwYzM2YjhlMjhhZDc0MS0wKwYDVQQDEyQzNTA5NWUz
ZS04NGNiLTRhZDAtYmRhMS02YzZmOGRhNjlmNjEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCqaw8UJF9T06vccS2HJTF4CtjIj6vxbTVy6tdcUNVpg4Mx
WBT2HtHknLpwsNnNsQnbPENb6eFYw7UmAEP5FSaZYTO7/witj04uWbc5BUi68xz9
jQZVx5TKPBhgUY+pTid12oqR8JDt/2CpVMbjSw+WfUQhYVYJAkZDyv9C6eCqRnZT
WXNWlrrOC8XtgFpDWToGad5fCn2FlO+8+tHE9RvTN7TJb6O8dZXB5Uyz57sP0+rh
hS0hK2/fYAaDWkWc0H+5qNdO5KVchy2tlrpU0Xkv7XMoiofUyCBtESQx/9X5dPY3
t87wvhH7dq4DYxnfnuHO4+gZ4iFisl8C+KfxIYadAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUR4jGIervWFL6nlt+upYE25T3xCswHwYDVR0jBBgwFoAUFfTvBPWvI5bJ
XxZC43kHi0iMFgswDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi9hYWE3NjM5NC00
OGZjLTRmZjMtYjZhYS0wNjkzYzU1ZDc1OGYvMWIxZmU2NzMyMWNmNjY5ZjljMmI3
NTM2OWNjMGZkZDM4YzE2M2M1OGIxZDQyZDAxMDcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZmY5ZmE4NGUtOTc4My00YTBiLWE1OGQtNmRj
OGUyNDMzZDMzLzg3YjM4MDEwLTU5MjYtNGRiZC1hZTZkLTJiZGNiYWM5Y2EwMC5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2ZmOWZhODRlLTk3ODMtNGEwYi1hNThk
LTZkYzhlMjQzM2QzMy96MmFmbkN0MU5wekFfZE9NRmp4WXNkUXRBUWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBABCmLUwDQYJKoZIhvcNAQELBQADggEBAKG9UHiOCUcueR+nWW6uBODAbPY0
MjmKU4S05T3gM0rSIulBGhXMuIEippKCXBjyCV4gpaSW2cApM0BWldu1CoTZf4HB
bQ1Fdn2t5sGPrFcdTTygL5RVsBUH+SKS63Xfz9NXOXARSq/bSburNPnb2BljVJ6C
hubwzdU3I2vgpH6i8gvC98a5HLuuqSmB9wqdglE03ZtCeiSxg1qThSaMdFSPAQyK
y5dt9jIFa/6JQND/hmAgBuS/cQnWfsZNroV/ojdxXLYipqf3p/c+2vCx14oU/9wN
8hx8YOnCuv0B8nUYbThRxRZAbLhqlHzHoQsEkLInGXP6BgYcKgjEqkjVTJ4=
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:12:43 2025 by rpki-client