Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade82d5de4101837fd0df0a70c8/0/AS209181.roa
File: AS209181.roa (raw, json)
Hash identifier: 9wPY+XTuj628R/EzTKlw5vzFjAgqx6OP3HHhmYSSWXo=
Subject key identifier: A2:37:9A:95:2A:22:43:16:34:1C:6D:11:57:84:61:72:70:9A:AF:F2
Certificate issuer: /CN=ec93568485034d6f590126278015e55786765323f329d6aa05
Certificate serial: 2562CF4BA6C60D03441EBE74E0FE85F86F5425A1
Authority key identifier: BB:27:B3:7B:58:F0:56:06:E1:5F:52:CA:24:2E:A1:D4:FE:B6:B3:04
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/c556b910-dc6c-4228-adf3-8828ac96ee60/ec93568485034d6f590126278015e55786765323f329d6aa05.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade82d5de4101837fd0df0a70c8/0/AS209181.roa
Signing time: Tue 30 Jul 2024 14:23:43 +0000
ROA not before: Tue 30 Jul 2024 14:18:43 +0000
ROA not after: Tue 29 Jul 2025 14:23:43 +0000
asID: 209181
IP address blocks: 23.156.240.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
25:62:cf:4b:a6:c6:0d:03:44:1e:be:74:e0:fe:85:f8:6f:54:25:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec93568485034d6f590126278015e55786765323f329d6aa05
Validity
Not Before: Jul 30 14:18:43 2024 GMT
Not After : Jul 29 14:23:43 2025 GMT
Subject: CN=A2379A952A224316341C6D1157846172709AAFF2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:a4:5e:1c:e9:2a:0b:d3:58:4d:16:71:30:41:
be:86:8e:b7:7c:31:7c:2e:4c:72:75:22:78:01:85:
dc:be:c8:c2:53:a1:c6:99:aa:ca:c6:c5:70:ca:bb:
c2:7c:81:09:81:14:37:88:a8:2e:d0:48:c7:e2:cb:
36:b5:44:4b:db:8a:7a:f3:fe:dc:ca:3d:54:32:16:
01:61:54:6a:1a:97:4e:1f:4d:3f:7b:25:f4:3f:b3:
ce:7b:70:a3:56:b0:48:17:bd:e1:bf:85:43:3a:80:
4d:54:50:ee:29:82:e5:46:2d:a3:a6:4d:cc:36:b9:
7e:e8:e4:ff:b3:e8:44:6e:09:85:47:a4:3e:38:b2:
f8:3c:43:41:fc:c1:30:d8:ad:01:1f:e7:9a:e5:11:
36:f2:44:97:25:c7:51:37:b6:0e:50:10:5c:d9:87:
d8:b1:f4:2b:28:35:11:5e:b1:61:42:73:7f:03:db:
1d:94:8d:c2:6b:32:85:2b:20:b4:87:5a:3a:4b:be:
06:0b:d9:34:61:8a:b1:ec:8b:a3:55:1f:66:e0:06:
d6:b4:c9:af:83:0c:0d:31:70:dd:8e:72:3e:46:12:
d9:4b:7f:c6:6a:7f:ec:e9:4d:8e:10:99:30:a2:1a:
d1:ad:e7:2a:ac:81:ea:4c:c4:58:23:e8:34:de:48:
76:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:37:9A:95:2A:22:43:16:34:1C:6D:11:57:84:61:72:70:9A:AF:F2
X509v3 Authority Key Identifier:
keyid:BB:27:B3:7B:58:F0:56:06:E1:5F:52:CA:24:2E:A1:D4:FE:B6:B3:04
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de4101837fd0df0a70c8/0/BB27B37B58F05606E15F52CA242EA1D4FEB6B304.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/c556b910-dc6c-4228-adf3-8828ac96ee60/ec93568485034d6f590126278015e55786765323f329d6aa05.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade82d5de4101837fd0df0a70c8/0/AS209181.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
23.156.240.0/24
Signature Algorithm: sha256WithRSAEncryption
70:c6:52:46:1f:fd:b2:0c:c2:88:e1:b1:af:e3:3e:35:24:c0:
4a:bc:90:aa:b4:14:eb:21:2c:7b:84:c9:a3:d4:43:32:11:9e:
3d:ff:ac:bc:b7:59:59:45:ab:1a:14:48:32:06:42:bd:42:27:
c7:b8:22:e3:fd:bb:b6:f1:2e:be:3c:43:1f:55:cb:7e:60:be:
06:fb:f1:66:e8:41:69:dc:c2:28:fa:d4:82:6b:ce:8a:e5:03:
46:ce:a6:0d:0b:84:07:b2:e9:9e:bf:af:74:4d:de:bc:21:24:
b5:52:74:3f:8f:46:b7:dc:e6:ee:0e:40:28:b2:7a:3c:1f:07:
38:81:48:8b:35:a7:bf:b1:1a:35:c2:9a:da:fb:1b:0c:a8:7c:
3e:5d:e1:fb:05:f8:c1:12:15:ae:59:8c:02:bd:1c:cc:90:cf:
4f:77:0b:af:cb:b5:b1:86:b5:91:3a:8b:cc:2c:cf:86:b1:1b:
dc:68:ff:53:23:c1:ed:cd:b9:68:2a:1e:e5:22:37:f4:ea:d0:
10:4c:cf:f5:3b:7c:2a:a3:43:34:f4:c3:1b:87:b0:d8:fb:40:
c5:26:40:03:39:1f:81:37:c1:dc:86:b2:7d:32:95:88:92:37:
84:b8:be:cd:cb:59:2e:d9:46:30:3b:b4:08:6e:d8:d6:1e:a7:
e9:2b:2a:84
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIUJWLPS6bGDQNEHr504P6F+G9UJaEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyZWM5MzU2ODQ4NTAzNGQ2ZjU5MDEyNjI3ODAxNWU1NTc4
Njc2NTMyM2YzMjlkNmFhMDUwHhcNMjQwNzMwMTQxODQzWhcNMjUwNzI5MTQyMzQz
WjAzMTEwLwYDVQQDEyhBMjM3OUE5NTJBMjI0MzE2MzQxQzZEMTE1Nzg0NjE3Mjcw
OUFBRkYyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyKReHOkqC9NY
TRZxMEG+ho63fDF8LkxydSJ4AYXcvsjCU6HGmarKxsVwyrvCfIEJgRQ3iKgu0EjH
4ss2tURL24p68/7cyj1UMhYBYVRqGpdOH00/eyX0P7POe3CjVrBIF73hv4VDOoBN
VFDuKYLlRi2jpk3MNrl+6OT/s+hEbgmFR6Q+OLL4PENB/MEw2K0BH+ea5RE28kSX
JcdRN7YOUBBc2YfYsfQrKDURXrFhQnN/A9sdlI3CazKFKyC0h1o6S74GC9k0YYqx
7IujVR9m4AbWtMmvgwwNMXDdjnI+RhLZS3/Gan/s6U2OEJkwohrRrecqrIHqTMRY
I+g03kh2CQIDAQABo4ICfzCCAnswHQYDVR0OBBYEFKI3mpUqIkMWNBxtEVeEYXJw
mq/yMB8GA1UdIwQYMBaAFLsns3tY8FYG4V9SyiQuodT+trMEMA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODJkNWRlNDEwMTgzN2ZkMGRmMGE3MGM4LzAv
QkIyN0IzN0I1OEYwNTYwNkUxNUY1MkNBMjQyRUExRDRGRUI2QjMwNC5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3
ZTk3MWFjL2M1NTZiOTEwLWRjNmMtNDIyOC1hZGYzLTg4MjhhYzk2ZWU2MC9lYzkz
NTY4NDg1MDM0ZDZmNTkwMTI2Mjc4MDE1ZTU1Nzg2NzY1MzIzZjMyOWQ2YWEwNS5j
ZXIwcAYIKwYBBQUHAQsEZDBiMGAGCCsGAQUFBzALhlRyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4MmQ1ZGU0MTAxODM3ZmQwZGYw
YTcwYzgvMC9BUzIwOTE4MS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEABec8DANBgkqhkiG9w0BAQsFAAOC
AQEAcMZSRh/9sgzCiOGxr+M+NSTASryQqrQU6yEse4TJo9RDMhGePf+svLdZWUWr
GhRIMgZCvUInx7gi4/27tvEuvjxDH1XLfmC+BvvxZuhBadzCKPrUgmvOiuUDRs6m
DQuEB7Lpnr+vdE3evCEktVJ0P49Gt9zm7g5AKLJ6PB8HOIFIizWnv7EaNcKa2vsb
DKh8Pl3h+wX4wRIVrlmMAr0czJDPT3cLr8u1sYa1kTqLzCzPhrEb3Gj/UyPB7c25
aCoe5SI39OrQEEzP9Tt8KqNDNPTDG4ew2PtAxSZAAzkfgTfB3IayfTKViJI3hLi+
zctZLtlGMDu0CG7Y1h6n6SsqhA==
-----END CERTIFICATE-----
Generated at Wed Feb 19 22:10:34 2025 by rpki-client