Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/fd301105-a881-4a2a-95e1-385b5e3720b1.roa
File: fd301105-a881-4a2a-95e1-385b5e3720b1.roa (raw, json)
Hash identifier: VGrljxHX1inqOzRA+SmEbMz2wBdMSKsUk+/+TxxA4Wo=
Subject key identifier: 34:F3:E0:2A:59:BC:63:50:D4:90:C8:B9:8C:AD:4D:C6:6B:43:91:78
Certificate issuer: /CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Certificate serial: 34F1A2E42154D2F59D55C1283687A1B01362A1B5
Authority key identifier: 15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/fd301105-a881-4a2a-95e1-385b5e3720b1.roa
Signing time: Mon 22 Apr 2024 00:00:00 +0000
ROA not before: Mon 22 Apr 2024 00:00:00 +0000
ROA not after: Mon 27 May 2024 23:59:59 +0000
asID: 14618
IP address blocks: 173.82.27.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
34:f1:a2:e4:21:54:d2:f5:9d:55:c1:28:36:87:a1:b0:13:62:a1:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107
Validity
Not Before: Apr 22 00:00:00 2024 GMT
Not After : May 27 23:59:59 2024 GMT
Subject: serialNumber=782369ccb96aa1d48b9ea91389ab943ff9870410a64fb87ebbf463de6ca5c16d, CN=35095e3e-84cb-4ad0-bda1-6c6f8da69f61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:0e:70:f4:18:ac:52:a9:70:79:e8:bd:74:db:
c9:c2:26:99:32:f7:a4:11:af:58:06:1e:55:9c:dc:
14:bf:5d:09:7a:15:d2:bb:af:19:d5:2f:2b:ec:d3:
eb:eb:53:1f:26:fb:23:88:78:1c:30:55:c7:1c:ab:
0d:33:4d:98:eb:74:6f:d4:69:63:7b:23:27:28:09:
60:68:0c:13:23:71:66:5e:51:25:a7:22:3e:a9:ad:
88:03:1f:da:2c:a7:9e:1a:11:80:06:27:42:47:48:
0a:2c:42:a2:f4:48:10:ee:ea:a2:f3:8c:a2:e4:19:
2b:7a:0b:a1:e6:2f:96:b0:57:82:61:c1:8a:69:16:
0b:d2:fb:26:e1:7a:c0:f2:a5:05:96:e9:72:06:8e:
20:df:68:43:1e:35:2b:42:22:1d:1c:fc:7a:af:16:
95:1a:ca:97:53:18:bd:2e:11:6a:d6:d7:a8:51:9c:
64:ee:7a:e9:31:e7:29:ce:74:ac:23:48:1a:67:56:
6e:90:0f:13:e3:6a:92:d8:20:78:02:30:b2:20:d1:
f7:3b:60:b6:82:25:85:ac:e9:50:ff:d0:f2:87:43:
ba:38:a4:85:bb:56:ee:4d:0b:04:86:34:33:02:79:
13:f0:fc:04:c5:7f:35:9b:e5:55:c8:ca:d0:26:a7:
73:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
34:F3:E0:2A:59:BC:63:50:D4:90:C8:B9:8C:AD:4D:C6:6B:43:91:78
X509v3 Authority Key Identifier:
keyid:15:F4:EF:04:F5:AF:23:96:C9:5F:16:42:E3:79:07:8B:48:8C:16:0B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/5b7fb122-dfdf-4c0c-b90d-3bc7a5feb82b/aaa76394-48fc-4ff3-b6aa-0693c55d758f/1b1fe67321cf669f9c2b75369cc0fdd38c163c58b1d42d0107.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/fd301105-a881-4a2a-95e1-385b5e3720b1.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/ff9fa84e-9783-4a0b-a58d-6dc8e2433d33/z2afnCt1NpzA_dOMFjxYsdQtAQc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
173.82.27.0/24
Signature Algorithm: sha256WithRSAEncryption
23:c8:9a:99:de:3a:36:02:2b:6d:d1:cc:ba:85:d1:99:9e:84:
09:33:25:65:d6:fc:6b:75:05:ac:77:1e:1a:78:91:25:6f:b4:
02:a3:f8:ab:4a:15:cc:ea:ef:7e:15:4e:3d:de:26:f4:61:6e:
b6:2c:5d:52:ac:24:54:e0:03:aa:dc:6c:7f:ce:e7:51:15:4c:
00:3b:7e:dd:46:4a:7f:39:35:8f:8c:a3:68:9e:86:e8:a3:f3:
27:4a:49:fc:23:20:c2:4f:38:e9:a8:fd:74:bf:6e:dd:a7:bc:
a7:e6:21:00:72:da:a6:ed:67:01:eb:d7:dd:8a:ec:45:75:77:
74:ac:6d:22:a7:76:23:05:a7:6a:9c:a2:ce:2d:61:9a:56:98:
6a:c9:3d:fb:60:ac:c9:f9:10:84:de:e1:be:6b:53:75:99:f8:
48:f4:4d:d1:fc:24:8a:7b:be:fa:af:47:82:be:a4:80:2a:59:
19:2a:03:26:e4:03:e8:d5:3f:cf:7c:12:62:5f:f2:4e:ac:a7:
3c:98:2a:a4:cc:42:12:ad:80:e5:67:66:29:23:a8:f6:02:c9:
a6:f4:73:ab:ff:ca:9a:af:7b:3e:c8:dc:2a:d2:a7:1c:4a:73:
5d:e5:c6:b6:0d:29:5a:4d:d1:a5:a2:6b:47:b8:a8:87:cc:09:
e6:71:3e:40
-----BEGIN CERTIFICATE-----
MIIF+DCCBOCgAwIBAgIUNPGi5CFU0vWdVcEoNoehsBNiobUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyMWIxZmU2NzMyMWNmNjY5ZjljMmI3NTM2OWNjMGZkZDM4
YzE2M2M1OGIxZDQyZDAxMDcwHhcNMjQwNDIyMDAwMDAwWhcNMjQwNTI3MjM1OTU5
WjB6MUkwRwYDVQQFE0A3ODIzNjljY2I5NmFhMWQ0OGI5ZWE5MTM4OWFiOTQzZmY5
ODcwNDEwYTY0ZmI4N2ViYmY0NjNkZTZjYTVjMTZkMS0wKwYDVQQDEyQzNTA5NWUz
ZS04NGNiLTRhZDAtYmRhMS02YzZmOGRhNjlmNjEwggEiMA0GCSqGSIb3DQEBAQUA
A4IBDwAwggEKAoIBAQDFDnD0GKxSqXB56L1028nCJpky96QRr1gGHlWc3BS/XQl6
FdK7rxnVLyvs0+vrUx8m+yOIeBwwVcccqw0zTZjrdG/UaWN7IycoCWBoDBMjcWZe
USWnIj6prYgDH9osp54aEYAGJ0JHSAosQqL0SBDu6qLzjKLkGSt6C6HmL5awV4Jh
wYppFgvS+ybhesDypQWW6XIGjiDfaEMeNStCIh0c/HqvFpUaypdTGL0uEWrW16hR
nGTueukx5ynOdKwjSBpnVm6QDxPjapLYIHgCMLIg0fc7YLaCJYWs6VD/0PKHQ7o4
pIW7Vu5NCwSGNDMCeRPw/ATFfzWb5VXIytAmp3OLAgMBAAGjggKxMIICrTAdBgNV
HQ4EFgQUNPPgKlm8Y1DUkMi5jK1NxmtDkXgwHwYDVR0jBBgwFoAUFfTvBPWvI5bJ
XxZC43kHi0iMFgswDgYDVR0PAQH/BAQDAgeAMIHzBggrBgEFBQcBAQSB5jCB4zCB
4AYIKwYBBQUHMAKGgdNyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9h
cmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2Qz
LzViN2ZiMTIyLWRmZGYtNGMwYy1iOTBkLTNiYzdhNWZlYjgyYi9hYWE3NjM5NC00
OGZjLTRmZjMtYjZhYS0wNjkzYzU1ZDc1OGYvMWIxZmU2NzMyMWNmNjY5ZjljMmI3
NTM2OWNjMGZkZDM4YzE2M2M1OGIxZDQyZDAxMDcuY2VyMIGeBggrBgEFBQcBCwSB
kTCBjjCBiwYIKwYBBQUHMAuGf3JzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIu
YW1hem9uYXdzLmNvbS92b2x1bWUvZmY5ZmE4NGUtOTc4My00YTBiLWE1OGQtNmRj
OGUyNDMzZDMzL2ZkMzAxMTA1LWE4ODEtNGEyYS05NWUxLTM4NWI1ZTM3MjBiMS5y
b2EwgYgGA1UdHwSBgDB+MHygeqB4hnZyc3luYzovL3Jwa2ktcnN5bmMudXMtZWFz
dC0yLmFtYXpvbmF3cy5jb20vdm9sdW1lL2ZmOWZhODRlLTk3ODMtNGEwYi1hNThk
LTZkYzhlMjQzM2QzMy96MmFmbkN0MU5wekFfZE9NRmp4WXNkUXRBUWMuY3JsMBgG
A1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgAB
MAYDBACtUhswDQYJKoZIhvcNAQELBQADggEBACPImpneOjYCK23RzLqF0ZmehAkz
JWXW/Gt1Bax3Hhp4kSVvtAKj+KtKFczq734VTj3eJvRhbrYsXVKsJFTgA6rcbH/O
51EVTAA7ft1GSn85NY+Mo2iehuij8ydKSfwjIMJPOOmo/XS/bt2nvKfmIQBy2qbt
ZwHr192K7EV1d3SsbSKndiMFp2qcos4tYZpWmGrJPftgrMn5EITe4b5rU3WZ+Ej0
TdH8JIp7vvqvR4K+pIAqWRkqAybkA+jVP898EmJf8k6spzyYKqTMQhKtgOVnZikj
qPYCyab0c6v/ypqvez7I3CrSpxxKc13lxrYNKVpN0aWia0e4qIfMCeZxPkA=
-----END CERTIFICATE-----
Generated at Thu Apr 25 23:52:02 2024 by rpki-client on console-ams.rpki-client.org