Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/e9c25096-2d5f-4eae-8315-bac6253b15d3.roa
File: e9c25096-2d5f-4eae-8315-bac6253b15d3.roa (raw, json)
Hash identifier: +inaTuCyUVpT7ac75xuwUTlWZ/oBzOBbOrqbj3gs6FE=
Subject key identifier: CB:20:60:3B:64:9A:FA:0D:AF:4B:82:84:E3:CA:C6:79:A3:F6:9E:11
Certificate issuer: /CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Certificate serial: 6C31718E02ACF0B4B8F284C1F0C3E7021F8DE649
Authority key identifier: 15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/e9c25096-2d5f-4eae-8315-bac6253b15d3.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 173.82.183.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6c:31:71:8e:02:ac:f0:b4:b8:f2:84:c1:f0:c3:e7:02:1f:8d:e6:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=eb6c623135ff9c0f8169153f9ab51d6f7ede28b39ad0e974459e4906d5a3b936, CN=35095e3e-84cb-4ad0-bda1-6c6f8da69f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:cc:a4:5d:90:12:1a:da:29:be:25:56:d3:d5:
1e:d4:12:18:6b:c5:00:02:76:8d:3e:85:88:21:ce:
55:4c:70:e9:d8:cc:6c:8a:61:bb:be:f6:d9:ed:b7:
ae:64:b5:09:ed:38:aa:a3:52:70:92:93:48:e0:ca:
fe:59:1f:b8:8a:28:8e:db:ce:83:5f:f4:7c:3c:bb:
53:06:7e:a9:08:d9:e1:bb:ba:83:6a:79:65:f9:fd:
69:5f:0d:bc:4f:c1:6f:88:22:30:15:80:ea:3f:ac:
9a:2d:ce:00:09:3f:cf:3e:d8:6f:02:03:88:3a:8f:
fd:e8:32:fa:71:92:43:4f:a9:fa:c7:da:70:ab:ac:
c5:bd:79:f9:8c:85:26:e9:4c:01:69:3b:7d:19:26:
4a:a3:ad:9f:6a:5f:e5:11:88:1f:32:d5:f2:e9:5a:
4d:ba:2e:b6:2d:4e:44:d3:34:4d:46:c4:43:90:20:
85:09:7c:8c:bc:8f:92:d5:cf:78:52:b7:71:03:0f:
fe:0f:23:75:94:f7:e2:85:cd:c2:48:fd:5e:a5:3f:
85:36:2f:67:e9:09:c0:aa:c0:c8:d1:0c:c6:ee:75:
8a:0a:0e:c8:1a:2b:1f:db:ab:a7:cb:4b:48:b7:26:
4e:85:1e:b4:30:b7:0e:29:46:b8:f4:f2:da:cb:7c:
38:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:20:60:3B:64:9A:FA:0D:AF:4B:82:84:E3:CA:C6:79:A3:F6:9E:11
X509v3 Authority Key Identifier:
keyid:15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/e9c25096-2d5f-4eae-8315-bac6253b15d3.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/z2afnCt1NpzA_dOMFjxYsdQtAQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
173.82.183.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:b0:64:59:91:e1:c7:21:78:5c:9b:20:b0:6b:4a:21:5e:44:
28:27:e3:ed:f5:f4:c5:9b:7d:f8:5b:3e:95:94:b4:9a:fd:d2:
27:dd:f3:21:bb:47:f0:4a:f6:2a:d7:1f:f7:d4:31:f9:db:66:
3c:7c:c2:82:ab:e9:35:51:c7:b9:c1:8b:b6:6e:b7:74:d7:1c:
d9:2e:6d:40:df:0e:2e:99:c8:21:92:b8:f5:98:4f:66:9d:8f:
ac:b0:ad:ee:6e:65:ad:b1:c1:0c:9e:7d:3b:82:b0:08:07:6c:
4d:ce:e8:21:37:32:d5:1f:1f:b2:a3:bf:95:5f:59:05:5e:91:
41:7a:74:31:c2:76:4a:7c:3f:a2:4a:ca:31:fd:5c:b1:9d:6d:
e9:8c:d3:6e:70:76:ee:de:00:31:1d:81:6e:42:f9:a3:d7:d5:
e8:22:b6:31:e1:b9:69:ff:b2:cc:d1:dc:b2:78:10:77:66:1f:
eb:fc:41:93:be:4a:7f:a9:19:0a:cd:78:3f:04:12:44:58:68:
7e:83:9a:80:63:8b:82:5c:72:dc:55:e3:69:0b:70:2a:8e:94:
14:20:35:fa:00:71:bc:d3:0e:72:a9:43:bd:66:2f:dc:9e:eb:
49:37:a3:c3:dc:ae:b5:8c:6f:99:e7:bf:32:22:38:29:b6:41:
e0:62:7c:e6
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUbDFxjgKs8LS48oTB8MPnAh+N5kkwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMWIxZmU2NzMyMWNmNjY5ZjljMmI3NTM2OWNjMGZkZDM4
YzE2M2M1OGIxZDQyZDAxMDcwHhcNMjQwNDIyMDAwMDAwWhcNMjQwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0BlYjZjNjIzMTM1ZmY5YzBmODE2OTE1M2Y5YWI1MWQ2Zjdl
ZGUyOGIzOWFkMGU5NzQ0NTllNDkwNmQ1YTNiOTM2MS0wKwYDVQQDEyQzNTA5NWUz
ZS04NGNiLTRhZDAtYmRhMS02YzZmOGRhNjlmNjEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCazKRdkBIa2im+JVbT1R7UEhhrxQACdo0+hYghzlVMcOnY
zGyKYbu+9tntt65ktQntOKqjUnCSk0jgyv5ZH7iKKI7bzoNf9Hw8u1MGfqkI2eG7
uoNqeWX5/WlfDbxPwW+IIjAVgOo/rJotzgAJP88+2G8CA4g6j/3oMvpxkkNPqfrH
2nCrrMW9efmMhSbpTAFpO30ZJkqjrZ9qX+URiB8y1fLpWk26LrYtTkTTNE1GxEOQ
IIUJfIy8j5LVz3hSt3EDD/4PI3WU9+KFzcJI/V6lP4U2L2fpCcCqwMjRDMbudYoK
DsgaKx/bq6fLS0i3Jk6FHrQwtw4pRrj08trLfDjBAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUyyBgO2Sa+g2vS4KE48rGeaP2nhEwHwYDVR0jBBgwFoAUFfTvBPWvI5bJ
XxZC43kHi0iMFgswDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi9hYWE3NjM5NC00
OGZjLTRmZjMtYjZhYS0wNjkzYzU1ZDc1OGYvMWIxZmU2NzMyMWNmNjY5ZjljMmI3
NTM2OWNjMGZkZDM4YzE2M2M1OGIxZDQyZDAxMDcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZmY5ZmE4NGUtOTc4My00YTBiLWE1OGQtNmRj
OGUyNDMzZDMzL2U5YzI1MDk2LTJkNWYtNGVhZS04MzE1LWJhYzYyNTNiMTVkMy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2ZmOWZhODRlLTk3ODMtNGEwYi1hNThk
LTZkYzhlMjQzM2QzMy96MmFmbkN0MU5wekFfZE9NRmp4WXNkUXRBUWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUrcwDQYJKoZIhvcNAQELBQADggEBAA6wZFmR4ccheFybILBrSiFeRCgn
4+319MWbffhbPpWUtJr90ifd8yG7R/BK9irXH/fUMfnbZjx8woKr6TVRx7nBi7Zu
t3TXHNkubUDfDi6ZyCGSuPWYT2adj6ywre5uZa2xwQyefTuCsAgHbE3O6CE3MtUf
H7Kjv5VfWQVekUF6dDHCdkp8P6JKyjH9XLGdbemM025wdu7eADEdgW5C+aPX1egi
tjHhuWn/sszR3LJ4EHdmH+v8QZO+Sn+pGQrNeD8EEkRYaH6DmoBji4JcctxV42kL
cCqOlBQgNfoAcbzTDnKpQ71mL9ye60k3o8PcrrWMb5nnvzIiOCm2QeBifOY=
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:52:02 2024 by rpki-client on console-ams.rpki-client.org