Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/8d6d9814-49b3-4488-826b-915afeee0001.roa
File: 8d6d9814-49b3-4488-826b-915afeee0001.roa (raw, json)
Hash identifier: sS0YtcwUoXZPXW5Un1hoTuXIGfYW3P4voEiXzbWJN6c=
Subject key identifier: 81:42:41:63:F4:8A:17:03:06:6C:D2:DD:31:83:4C:68:8A:2D:5E:0C
Certificate issuer: /CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Certificate serial: 68198385A835D06F42917414E2E0475EE2586439
Authority key identifier: 15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/8d6d9814-49b3-4488-826b-915afeee0001.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 173.82.27.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:19:83:85:a8:35:d0:6f:42:91:74:14:e2:e0:47:5e:e2:58:64:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=274ea62a38ceffcb3ccddb89da320684deed711b06bb3fbef9066c0c6da8a24d, CN=35095e3e-84cb-4ad0-bda1-6c6f8da69f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:7b:17:4d:16:26:3f:82:e4:30:d4:7a:91:7f:
54:b0:a1:c1:51:52:6d:da:41:00:93:e8:cf:6d:15:
af:73:aa:e7:d3:e1:fb:26:10:9e:5e:18:3f:5c:1a:
da:76:80:8e:99:89:cc:c9:be:9c:f7:82:42:59:d3:
69:2e:ef:98:ff:a7:65:b4:43:1c:18:90:d8:9c:72:
56:74:47:bd:08:db:ea:20:33:a3:11:b4:70:5a:99:
b9:58:39:b7:bb:89:9b:27:b8:24:35:07:83:99:b8:
88:16:27:ef:23:50:a7:0a:4e:bf:cc:f1:25:3b:c6:
28:99:0e:bb:e8:ce:52:76:da:99:af:88:ed:83:ef:
c5:90:ca:a0:9a:c8:37:6d:92:4f:39:f0:14:f2:6b:
c2:29:00:52:c2:7f:88:ec:42:89:ed:00:e6:e5:ca:
d7:c5:eb:0d:f1:2a:54:6d:cc:40:16:e0:49:f8:ce:
51:17:91:10:8a:6b:5f:12:45:d6:fd:08:c2:91:69:
6d:b8:f5:00:d9:d4:83:ad:c4:e1:e8:e4:4c:e8:3e:
b8:05:6e:fd:e7:26:e0:da:ef:cd:7a:1a:fa:35:3a:
f5:7c:77:50:e3:d9:7f:57:69:70:bb:b5:10:45:14:
ea:c2:52:65:62:64:db:cf:f0:52:3d:e4:bf:03:34:
a5:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
81:42:41:63:F4:8A:17:03:06:6C:D2:DD:31:83:4C:68:8A:2D:5E:0C
X509v3 Authority Key Identifier:
keyid:15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/8d6d9814-49b3-4488-826b-915afeee0001.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/z2afnCt1NpzA_dOMFjxYsdQtAQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
173.82.27.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:98:ea:5e:d0:5a:6e:f6:38:ff:f6:9d:b4:70:36:b8:90:45:
7f:e8:8f:3a:1a:3f:80:ce:10:3e:3c:d9:57:b5:fb:a6:f5:66:
be:66:38:b3:1c:e7:68:53:94:f5:90:b4:63:28:e5:e6:45:25:
48:2e:35:4e:5b:3e:53:b2:c5:14:41:dc:23:e1:d2:94:ab:6a:
11:e4:52:61:be:25:1f:39:8b:18:1e:75:9a:b7:33:21:bc:7f:
8c:38:ca:b7:71:a2:9f:4c:36:c5:41:9b:11:8a:37:6b:f1:ae:
5c:cd:22:dd:0a:2c:6d:00:a1:44:87:d7:7f:d8:86:27:78:cd:
59:f4:30:27:61:2b:2c:90:62:61:33:0f:42:04:26:43:b4:ca:
2d:d3:71:17:74:14:5e:b5:6d:74:f2:b9:45:ec:71:fd:e7:24:
c2:b1:ac:d7:e7:8e:40:40:06:15:29:c1:47:c9:bf:82:81:5d:
75:5a:59:de:11:c5:b2:f3:e9:b3:33:03:a1:e5:6d:4e:4f:32:
0e:32:2f:57:08:54:f0:71:bf:4c:43:1b:88:b8:51:34:01:b2:
a1:e5:26:91:a3:b8:85:f5:ba:4f:9c:a9:4d:48:99:74:4e:2f:
83:b7:97:96:27:7a:dd:b6:a7:42:88:48:3a:96:92:38:85:1e:
a9:2e:58:38
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUaBmDhag10G9CkXQU4uBHXuJYZDkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMWIxZmU2NzMyMWNmNjY5ZjljMmI3NTM2OWNjMGZkZDM4
YzE2M2M1OGIxZDQyZDAxMDcwHhcNMjQwNDIyMDAwMDAwWhcNMjQwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0AyNzRlYTYyYTM4Y2VmZmNiM2NjZGRiODlkYTMyMDY4NGRl
ZWQ3MTFiMDZiYjNmYmVmOTA2NmMwYzZkYThhMjRkMS0wKwYDVQQDEyQzNTA5NWUz
ZS04NGNiLTRhZDAtYmRhMS02YzZmOGRhNjlmNjEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQC+exdNFiY/guQw1HqRf1SwocFRUm3aQQCT6M9tFa9zqufT
4fsmEJ5eGD9cGtp2gI6ZiczJvpz3gkJZ02ku75j/p2W0QxwYkNicclZ0R70I2+og
M6MRtHBamblYObe7iZsnuCQ1B4OZuIgWJ+8jUKcKTr/M8SU7xiiZDrvozlJ22pmv
iO2D78WQyqCayDdtkk858BTya8IpAFLCf4jsQontAOblytfF6w3xKlRtzEAW4En4
zlEXkRCKa18SRdb9CMKRaW249QDZ1IOtxOHo5EzoPrgFbv3nJuDa7816Gvo1OvV8
d1Dj2X9XaXC7tRBFFOrCUmViZNvP8FI95L8DNKW/AgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUgUJBY/SKFwMGbNLdMYNMaIotXgwwHwYDVR0jBBgwFoAUFfTvBPWvI5bJ
XxZC43kHi0iMFgswDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi9hYWE3NjM5NC00
OGZjLTRmZjMtYjZhYS0wNjkzYzU1ZDc1OGYvMWIxZmU2NzMyMWNmNjY5ZjljMmI3
NTM2OWNjMGZkZDM4YzE2M2M1OGIxZDQyZDAxMDcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZmY5ZmE4NGUtOTc4My00YTBiLWE1OGQtNmRj
OGUyNDMzZDMzLzhkNmQ5ODE0LTQ5YjMtNDQ4OC04MjZiLTkxNWFmZWVlMDAwMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2ZmOWZhODRlLTk3ODMtNGEwYi1hNThk
LTZkYzhlMjQzM2QzMy96MmFmbkN0MU5wekFfZE9NRmp4WXNkUXRBUWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUhswDQYJKoZIhvcNAQELBQADggEBAC6Y6l7QWm72OP/2nbRwNriQRX/o
jzoaP4DOED482Ve1+6b1Zr5mOLMc52hTlPWQtGMo5eZFJUguNU5bPlOyxRRB3CPh
0pSrahHkUmG+JR85ixgedZq3MyG8f4w4yrdxop9MNsVBmxGKN2vxrlzNIt0KLG0A
oUSH13/Yhid4zVn0MCdhKyyQYmEzD0IEJkO0yi3TcRd0FF61bXTyuUXscf3nJMKx
rNfnjkBABhUpwUfJv4KBXXVaWd4RxbLz6bMzA6HlbU5PMg4yL1cIVPBxv0xDG4i4
UTQBsqHlJpGjuIX1uk+cqU1ImXROL4O3l5Ynet22p0KISDqWkjiFHqkuWDg=
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:52:02 2024 by rpki-client on console-ams.rpki-client.org