Route Origin Authorization
$ rpki-client -vvf rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/ac683038-c192-4fba-ae61-c511683cdb6a/bec336fd-d4b4-3253-9c31-f0450ed95fc7.roa
File: bec336fd-d4b4-3253-9c31-f0450ed95fc7.roa (raw, json)
Hash identifier: yN5WWlYyAlFXASVq5cT2yAbeWLLD2bwkwhenJUjlZMY=
Subject key identifier: E8:1C:51:5F:BE:44:FD:06:6A:26:FC:4E:CA:32:80:8E:D1:6C:20:0E
Certificate issuer: /CN=ac683038-c192-4fba-ae61-c511683cdb6a
Certificate serial: 010D0C9F432858383524F945C17C0EA268F2A5A0
Authority key identifier: D1:F4:1D:DB:27:4E:3B:A0:A5:7B:4B:11:17:C9:16:5D:85:21:1E:11
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/ac683038-c192-4fba-ae61-c511683cdb6a.cer
Subject info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/ac683038-c192-4fba-ae61-c511683cdb6a/bec336fd-d4b4-3253-9c31-f0450ed95fc7.roa
Signing time: Mon 07 Dec 2020 05:00:00 +0000
ROA not before: Mon 07 Dec 2020 05:00:00 +0000
ROA not after: Mon 13 Mar 2023 04:00:00 +0000
asID: 13549
IP address blocks: 64.7.160.0/19 maxlen: 24
209.103.224.0/19 maxlen: 24
2604:8fc0::/32 maxlen: 34
2606:3d00::/32 maxlen: 34
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:0d:0c:9f:43:28:58:38:35:24:f9:45:c1:7c:0e:a2:68:f2:a5:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ac683038-c192-4fba-ae61-c511683cdb6a
Validity
Not Before: Dec 7 05:00:00 2020 GMT
Not After : Mar 13 04:00:00 2023 GMT
Subject: CN=f79120ac-1a84-4e24-9db1-b0d7085cdf87
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:12:e0:0c:64:08:bc:a7:94:93:4e:57:54:85:
d1:66:47:19:f5:0b:7d:4c:21:82:58:45:6b:0d:fa:
4f:7b:5f:c4:53:05:31:e0:1c:48:a7:3f:89:9c:94:
fd:cd:db:b3:e2:df:f3:ac:03:11:7b:88:fb:bc:9c:
40:76:33:3b:7e:89:7c:03:6c:e5:ad:d5:09:05:8b:
52:ca:a1:77:0b:16:68:71:a4:d9:86:26:f3:59:d6:
c7:1e:b9:bf:4c:4d:fd:79:78:0b:bd:19:e6:96:74:
05:bd:8c:87:b5:9d:d9:84:c3:3d:22:97:56:ca:6b:
ad:f9:45:91:8b:99:1c:0f:05:06:a0:1c:3a:e2:23:
d4:8c:9b:f1:3e:63:c4:23:1f:3c:8b:3c:ab:d5:78:
b0:02:81:64:4a:84:b4:d6:33:32:75:03:d8:db:3a:
0c:e8:13:57:65:5b:19:64:21:4b:9d:43:c6:34:f4:
5c:35:ef:c3:b7:6a:e3:d4:a4:f3:9b:ed:5a:cf:74:
4e:da:46:ca:83:41:3b:81:d0:ea:39:b6:a8:c5:ec:
0d:fb:19:7a:ca:f8:46:0b:f6:c4:12:b4:21:41:cc:
79:b1:37:d9:e1:17:ee:7e:ed:ef:73:10:d4:0f:db:
01:fe:9f:4d:3e:00:78:b8:f5:27:90:3c:16:f6:5d:
5e:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:1C:51:5F:BE:44:FD:06:6A:26:FC:4E:CA:32:80:8E:D1:6C:20:0E
Subject Information Access:
Signed Object - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/ac683038-c192-4fba-ae61-c511683cdb6a/bec336fd-d4b4-3253-9c31-f0450ed95fc7.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/ac683038-c192-4fba-ae61-c511683cdb6a/ac683038-c192-4fba-ae61-c511683cdb6a.crl
X509v3 Authority Key Identifier:
keyid:D1:F4:1D:DB:27:4E:3B:A0:A5:7B:4B:11:17:C9:16:5D:85:21:1E:11
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/746e0111-fafb-430f-b778-d204cfcd99a8/ac683038-c192-4fba-ae61-c511683cdb6a.cer
sbgp-ipAddrBlock: critical
IPv4:
64.7.160.0/19
209.103.224.0/19
IPv6:
2604:8fc0::/32
2606:3d00::/32
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://www.arin.net/resources/rpki/cps.html
Signature Algorithm: sha256WithRSAEncryption
a3:7b:b1:09:64:cf:e3:1e:4f:ca:d5:a6:21:c9:17:e4:b4:b2:
1e:90:fd:d9:ce:54:31:31:52:b7:91:a5:66:39:b8:54:29:0b:
a8:53:1e:d5:e6:b4:53:28:17:ab:b7:87:a0:2c:2b:a5:4b:e2:
32:d4:4e:6b:d1:e3:cf:0a:70:84:c9:2a:58:ed:56:ee:07:8f:
20:77:10:82:94:e0:7a:de:8d:4a:a2:af:bd:8e:01:1c:90:4a:
52:27:67:1f:21:71:89:17:39:96:60:e6:b0:92:66:23:58:d5:
57:29:0f:0e:51:1b:7d:96:f6:71:76:20:1e:97:73:c4:0e:eb:
26:e4:4f:67:a7:c0:e6:39:c2:95:89:bc:08:82:2e:54:fa:31:
77:2e:3e:04:be:eb:5c:59:28:eb:eb:24:68:9e:20:be:66:b9:
fc:bd:1f:df:ca:61:d6:93:83:e1:e5:b7:a1:eb:1e:1b:27:58:
4a:9c:ee:77:d4:fb:f7:43:34:2b:63:3b:d1:98:91:38:6a:5b:
7e:7c:eb:a7:24:ea:fa:9b:12:55:ec:b9:66:6d:c2:a8:00:a6:
18:47:e1:c8:bf:e3:2f:9e:61:f7:7f:06:e1:24:bb:38:e4:85:
cc:18:12:11:b7:4c:e4:e7:e3:c7:a2:87:5e:07:fd:32:81:af:
81:03:0c:07
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgIUAQ0Mn0MoWDg1JPlFwXwOomjypaAwDQYJKoZIhvcNAQEL
BQAwLzEtMCsGA1UEAxMkYWM2ODMwMzgtYzE5Mi00ZmJhLWFlNjEtYzUxMTY4M2Nk
YjZhMB4XDTIwMTIwNzA1MDAwMFoXDTIzMDMxMzA0MDAwMFowLzEtMCsGA1UEAxMk
Zjc5MTIwYWMtMWE4NC00ZTI0LTlkYjEtYjBkNzA4NWNkZjg3MIIBIjANBgkqhkiG
9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoBLgDGQIvKeUk05XVIXRZkcZ9Qt9TCGCWEVr
DfpPe1/EUwUx4BxIpz+JnJT9zduz4t/zrAMRe4j7vJxAdjM7fol8A2zlrdUJBYtS
yqF3CxZocaTZhibzWdbHHrm/TE39eXgLvRnmlnQFvYyHtZ3ZhMM9IpdWymut+UWR
i5kcDwUGoBw64iPUjJvxPmPEIx88izyr1XiwAoFkSoS01jMydQPY2zoM6BNXZVsZ
ZCFLnUPGNPRcNe/Dt2rj1KTzm+1az3RO2kbKg0E7gdDqObaoxewN+xl6yvhGC/bE
ErQhQcx5sTfZ4Rfufu3vcxDUD9sB/p9NPgB4uPUnkDwW9l1e4QIDAQABo4IDcTCC
A20wHQYDVR0OBBYEFOgcUV++RP0Gaib8TsoygI7RbCAOMIHlBggrBgEFBQcBCwSB
2DCB1TCB0gYIKwYBBQUHMAuGgcVyc3luYzovL3Jwa2kuYXJpbi5uZXQvcmVwb3Np
dG9yeS9hcmluLXJwa2ktdGEvNWU0YTIzZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRh
MjE1N2QzLzc0NmUwMTExLWZhZmItNDMwZi1iNzc4LWQyMDRjZmNkOTlhOC9hYzY4
MzAzOC1jMTkyLTRmYmEtYWU2MS1jNTExNjgzY2RiNmEvYmVjMzM2ZmQtZDRiNC0z
MjUzLTljMzEtZjA0NTBlZDk1ZmM3LnJvYTCB3AYDVR0fBIHUMIHRMIHOoIHLoIHI
hoHFcnN5bmM6Ly9ycGtpLmFyaW4ubmV0L3JlcG9zaXRvcnkvYXJpbi1ycGtpLXRh
LzVlNGEyM2VhLWU4MGEtNDAzZS1iMDhjLTIxNzFkYTIxNTdkMy83NDZlMDExMS1m
YWZiLTQzMGYtYjc3OC1kMjA0Y2ZjZDk5YTgvYWM2ODMwMzgtYzE5Mi00ZmJhLWFl
NjEtYzUxMTY4M2NkYjZhL2FjNjgzMDM4LWMxOTItNGZiYS1hZTYxLWM1MTE2ODNj
ZGI2YS5jcmwwHwYDVR0jBBgwFoAU0fQd2ydOO6Cle0sRF8kWXYUhHhEwDgYDVR0P
AQH/BAQDAgeAMIHABggrBgEFBQcBAQSBszCBsDCBrQYIKwYBBQUHMAKGgaByc3lu
YzovL3Jwa2kuYXJpbi5uZXQvcmVwb3NpdG9yeS9hcmluLXJwa2ktdGEvNWU0YTIz
ZWEtZTgwYS00MDNlLWIwOGMtMjE3MWRhMjE1N2QzLzc0NmUwMTExLWZhZmItNDMw
Zi1iNzc4LWQyMDRjZmNkOTlhOC9hYzY4MzAzOC1jMTkyLTRmYmEtYWU2MS1jNTEx
NjgzY2RiNmEuY2VyMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQFQAegAwQF
0WfgMBQEAgACMA4DBQAmBI/AAwUAJgY9ADBUBgNVHSABAf8ESjBIMEYGCCsGAQUF
Bw4CMDowOAYIKwYBBQUHAgEWLGh0dHBzOi8vd3d3LmFyaW4ubmV0L3Jlc291cmNl
cy9ycGtpL2Nwcy5odG1sMA0GCSqGSIb3DQEBCwUAA4IBAQCje7EJZM/jHk/K1aYh
yRfktLIekP3ZzlQxMVK3kaVmObhUKQuoUx7V5rRTKBert4egLCulS+Iy1E5r0ePP
CnCEySpY7VbuB48gdxCClOB63o1Koq+9jgEckEpSJ2cfIXGJFzmWYOawkmYjWNVX
KQ8OURt9lvZxdiAel3PEDusm5E9np8DmOcKVibwIgi5U+jF3Lj4EvutcWSjr6yRo
niC+Zrn8vR/fymHWk4Ph5beh6x4bJ1hKnO531Pv3QzQrYzvRmJE4alt+fOunJOr6
mxJV7LlmbcKoAKYYR+HIv+MvnmH3fwbhJLs45IXMGBIRt0zk5+PHoodeB/0yga+B
AwwH
-----END CERTIFICATE-----
Generated at Wed Jul 19 23:39:21 2023 by rpki-client on console-fra.rpki-client.org