Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/f7270640-56b0-4a8b-be84-ff5cf05b0f37.roa
File: f7270640-56b0-4a8b-be84-ff5cf05b0f37.roa (raw, json)
Hash identifier: EdoEGZB8AhaYNCLSZpVrst3UNqwXnDknlFlQpdPL93g=
Subject key identifier: 10:BC:BE:3F:1A:3B:3B:17:47:E2:8D:F8:BB:25:6D:BA:4A:CA:37:B6
Certificate issuer: /CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Certificate serial: 6AD1DA62A9AAEC9C2C45DB8766770C653B3CB030
Authority key identifier: 15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/f7270640-56b0-4a8b-be84-ff5cf05b0f37.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 8987
IP address blocks: 173.82.75.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:d1:da:62:a9:aa:ec:9c:2c:45:db:87:66:77:0c:65:3b:3c:b0:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=57b6a448805610b01904b5728aab7783a0019b0d41dbd4014ce3f46fb414f2cb, CN=35095e3e-84cb-4ad0-bda1-6c6f8da69f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:e4:08:44:21:ec:96:e6:e5:98:9c:9d:04:7d:
dc:aa:83:70:0d:b2:25:55:89:ed:37:9e:06:cf:5d:
7b:d6:ae:51:ad:74:f1:8f:e2:ef:b7:c2:c1:3a:92:
f1:b7:88:27:31:b0:f8:fe:80:f9:8e:f2:20:d8:35:
3d:74:fb:b9:80:3b:20:5d:10:70:ad:1e:34:8b:bd:
d5:69:6e:76:02:53:9f:21:87:ea:77:86:08:ac:92:
02:17:81:9d:77:04:68:d3:ac:00:1c:4a:51:ac:a6:
94:fd:e8:9a:e8:ce:c5:42:4e:89:11:74:4f:81:d0:
0a:f7:9e:17:56:25:13:ba:1a:78:51:29:82:3e:29:
ae:76:a0:7d:4f:e4:61:49:0d:2c:61:bf:39:a0:16:
d2:95:cd:cd:9b:a9:aa:29:ea:07:02:20:31:4a:7c:
60:6c:ff:db:83:0e:69:96:e2:45:bd:a7:83:13:92:
7c:ac:fd:24:17:1d:e1:b5:e6:45:eb:3b:12:76:72:
0b:83:4f:41:9f:8a:ab:ac:23:9b:2d:a6:6f:3a:35:
86:73:c9:2b:f0:f0:21:86:64:c9:3e:03:6c:2a:5d:
b2:ec:7d:3b:cf:a5:15:a4:88:ec:c5:fa:de:27:f7:
bd:9e:cc:71:b4:2a:ba:6b:96:90:20:c3:fa:b8:c9:
09:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
10:BC:BE:3F:1A:3B:3B:17:47:E2:8D:F8:BB:25:6D:BA:4A:CA:37:B6
X509v3 Authority Key Identifier:
keyid:15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/f7270640-56b0-4a8b-be84-ff5cf05b0f37.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/z2afnCt1NpzA_dOMFjxYsdQtAQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
173.82.75.0/24
Signature Algorithm: sha256WithRSAEncryption
a0:e0:40:32:2a:f6:9b:a5:be:3b:7e:46:8f:b8:c1:04:52:5f:
75:76:d0:27:5d:5a:dd:6b:c6:03:ba:eb:a4:bd:56:5f:d0:0f:
a4:69:3a:ca:da:27:d3:06:07:93:35:e1:d1:3d:5f:5e:2d:94:
6d:cc:f4:68:f8:0c:eb:8e:f6:39:ea:81:9b:88:01:1e:13:69:
86:fd:ce:85:60:3c:9e:e7:61:46:18:6f:3b:0d:d1:a1:c2:e3:
f3:28:f7:1a:8a:f9:dc:7c:7b:3e:60:57:d4:ec:ac:47:8e:45:
e7:3f:d8:08:74:6b:eb:a7:22:29:b2:5f:73:fa:7c:06:00:87:
dc:1d:79:24:62:44:e4:05:cc:83:92:90:58:83:38:ca:f5:bc:
a3:1f:4b:b8:c6:fe:e3:e1:34:69:7b:51:64:40:9d:18:dd:22:
2b:3a:86:1b:3a:60:86:58:18:39:55:69:14:e3:66:89:1e:d2:
e8:5e:62:cd:5c:b2:66:be:21:9b:64:13:cf:11:12:b8:7e:17:
24:e9:cb:ad:cd:36:40:24:27:01:b7:3f:ef:aa:33:a8:86:06:
9a:e3:20:54:f0:2e:71:70:c8:58:f1:d8:e0:36:44:09:c0:8c:
5b:4f:30:74:98:6b:3a:55:17:a4:d7:ef:f7:bf:f5:a3:44:de:
38:69:34:df
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUatHaYqmq7JwsRduHZncMZTs8sDAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMWIxZmU2NzMyMWNmNjY5ZjljMmI3NTM2OWNjMGZkZDM4
YzE2M2M1OGIxZDQyZDAxMDcwHhcNMjQwNDIyMDAwMDAwWhcNMjQwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A1N2I2YTQ0ODgwNTYxMGIwMTkwNGI1NzI4YWFiNzc4M2Ew
MDE5YjBkNDFkYmQ0MDE0Y2UzZjQ2ZmI0MTRmMmNiMS0wKwYDVQQDEyQzNTA5NWUz
ZS04NGNiLTRhZDAtYmRhMS02YzZmOGRhNjlmNjEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQCQ5AhEIeyW5uWYnJ0Efdyqg3ANsiVVie03ngbPXXvWrlGt
dPGP4u+3wsE6kvG3iCcxsPj+gPmO8iDYNT10+7mAOyBdEHCtHjSLvdVpbnYCU58h
h+p3hgiskgIXgZ13BGjTrAAcSlGsppT96JrozsVCTokRdE+B0Ar3nhdWJRO6GnhR
KYI+Ka52oH1P5GFJDSxhvzmgFtKVzc2bqaop6gcCIDFKfGBs/9uDDmmW4kW9p4MT
knys/SQXHeG15kXrOxJ2cguDT0GfiqusI5stpm86NYZzySvw8CGGZMk+A2wqXbLs
fTvPpRWkiOzF+t4n972ezHG0KrprlpAgw/q4yQlnAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUELy+Pxo7OxdH4o34uyVtukrKN7YwHwYDVR0jBBgwFoAUFfTvBPWvI5bJ
XxZC43kHi0iMFgswDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi9hYWE3NjM5NC00
OGZjLTRmZjMtYjZhYS0wNjkzYzU1ZDc1OGYvMWIxZmU2NzMyMWNmNjY5ZjljMmI3
NTM2OWNjMGZkZDM4YzE2M2M1OGIxZDQyZDAxMDcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZmY5ZmE4NGUtOTc4My00YTBiLWE1OGQtNmRj
OGUyNDMzZDMzL2Y3MjcwNjQwLTU2YjAtNGE4Yi1iZTg0LWZmNWNmMDViMGYzNy5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2ZmOWZhODRlLTk3ODMtNGEwYi1hNThk
LTZkYzhlMjQzM2QzMy96MmFmbkN0MU5wekFfZE9NRmp4WXNkUXRBUWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUkswDQYJKoZIhvcNAQELBQADggEBAKDgQDIq9pulvjt+Ro+4wQRSX3V2
0CddWt1rxgO666S9Vl/QD6RpOsraJ9MGB5M14dE9X14tlG3M9Gj4DOuO9jnqgZuI
AR4TaYb9zoVgPJ7nYUYYbzsN0aHC4/Mo9xqK+dx8ez5gV9TsrEeORec/2Ah0a+un
IimyX3P6fAYAh9wdeSRiROQFzIOSkFiDOMr1vKMfS7jG/uPhNGl7UWRAnRjdIis6
hhs6YIZYGDlVaRTjZoke0uheYs1csma+IZtkE88RErh+FyTpy63NNkAkJwG3P++q
M6iGBprjIFTwLnFwyFjx2OA2RAnAjFtPMHSYazpVF6TX7/e/9aNE3jhpNN8=
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:52:02 2024 by rpki-client on console-ams.rpki-client.org