Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS16509.roa
File: AS16509.roa (raw, json)
Hash identifier: aNQVOZbbk9COz4whF6RRje3V5h+pnyEIgvnRL3IxN7o=
Subject key identifier: CA:AA:34:CF:1C:F0:EC:50:F8:9B:02:97:85:3C:DF:42:43:B7:B6:46
Certificate issuer: /CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Certificate serial: 3ADDC74089DDC1254D3313DEB502553E1E6BB6C1
Authority key identifier: 4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS16509.roa
Signing time: Tue 10 Sep 2024 08:36:13 +0000
ROA not before: Tue 10 Sep 2024 08:31:13 +0000
ROA not after: Tue 09 Sep 2025 08:36:13 +0000
asID: 16509
IP address blocks: 64.202.96.0/24 maxlen: 24
205.234.204.0/24 maxlen: 24
216.246.3.0/24 maxlen: 24
216.246.99.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
3a:dd:c7:40:89:dd:c1:25:4d:33:13:de:b5:02:55:3e:1e:6b:b6:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Validity
Not Before: Sep 10 08:31:13 2024 GMT
Not After : Sep 9 08:36:13 2025 GMT
Subject: CN=CAAA34CF1CF0EC50F89B0297853CDF4243B7B646
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:9f:54:d0:00:49:cd:93:cf:d6:34:36:4c:c1:
16:e7:8c:b9:a2:a8:aa:f5:7a:f6:44:23:1c:35:10:
e7:0d:75:ca:35:b8:64:5f:a8:69:5c:bd:37:16:08:
df:85:4f:33:43:2a:2c:a9:b9:c0:fe:91:ed:02:5b:
33:a9:a1:4c:3c:e8:1a:21:47:b9:79:84:34:6e:61:
ef:11:6b:8d:70:12:7f:81:3d:aa:a8:ad:1a:6e:39:
db:c4:ab:da:c0:0d:d3:a6:17:ac:39:7d:01:89:a6:
ca:0c:b6:7a:21:39:82:c8:87:16:9a:5e:6e:d7:1e:
97:8b:ad:1f:73:fc:db:b2:29:7d:0a:f3:a3:0c:00:
1d:47:fc:27:79:50:07:f4:29:1a:50:41:ec:aa:5d:
54:70:76:a0:f5:a4:6f:28:75:20:97:5a:99:a8:33:
84:fe:a5:6f:70:a2:7f:ed:60:27:83:22:39:27:87:
68:e7:c0:82:70:7a:9b:81:33:47:b6:c9:9d:4b:a4:
d3:e5:ea:fc:11:33:c0:32:c1:6c:55:57:47:d4:cb:
78:c3:24:b5:9e:60:39:78:ee:65:60:05:53:43:64:
0c:21:ef:2a:c2:19:40:27:75:2a:86:42:30:7b:09:
6b:2c:09:d7:01:cc:7c:db:0f:6b:88:f5:db:87:e8:
2f:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:AA:34:CF:1C:F0:EC:50:F8:9B:02:97:85:3C:DF:42:43:B7:B6:46
X509v3 Authority Key Identifier:
keyid:4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/4F061F3AB9863828F7633EBC46300F9B7E877ABC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS16509.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.202.96.0/24
205.234.204.0/24
216.246.3.0/24
216.246.99.0/24
Signature Algorithm: sha256WithRSAEncryption
09:01:d3:c1:22:4a:87:3a:9b:d0:21:9a:18:cc:ec:b8:49:4b:
21:24:da:eb:16:a0:b5:61:9e:f2:27:42:1a:92:fe:06:70:27:
ce:e7:76:37:d7:b9:92:50:cd:e5:34:30:06:9e:5c:8b:5d:4e:
db:9b:b8:01:5e:a6:30:3b:44:e6:cb:df:e8:de:4b:b3:df:b8:
52:2b:1a:2d:f8:a9:fa:c1:5f:40:ca:31:4e:0b:14:c6:0e:c5:
8f:5f:97:4d:fc:a0:f8:27:e2:23:82:51:0b:74:ea:63:9a:70:
81:33:e1:fc:99:67:4f:40:6a:4a:c9:d2:5c:c1:ce:8c:0f:4a:
3d:5e:1a:fb:4d:12:f6:c2:b5:74:00:33:e9:4c:65:08:c4:47:
b0:e3:db:07:2d:db:2c:ba:28:c5:8d:b4:d0:84:ef:20:8a:df:
bf:3d:aa:98:92:31:c3:b1:45:0e:b0:6a:5b:c7:b3:70:67:6d:
f5:7f:54:83:c3:d1:10:c0:a8:7f:0a:3d:53:25:7b:f6:ff:f2:
ef:09:c9:9e:b9:81:15:73:cf:00:7d:15:ac:49:ef:45:9e:17:
30:7e:56:9e:c6:22:35:b3:31:bb:ea:d9:13:6a:c5:00:71:bb:
95:b2:b9:c0:1e:09:b5:55:fb:c0:59:60:33:73:85:85:1e:4e:
a9:7d:9c:f8
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgIUOt3HQIndwSVNMxPetQJVPh5rtsEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNjk2MjZjMmUwYjk2NGVkNWU4YmE2YTZmM2VkMGZkNjM2
Y2YzNjQ1ZDZjY2I2MTIzYjkwHhcNMjQwOTEwMDgzMTEzWhcNMjUwOTA5MDgzNjEz
WjAzMTEwLwYDVQQDEyhDQUFBMzRDRjFDRjBFQzUwRjg5QjAyOTc4NTNDREY0MjQz
QjdCNjQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwZ9U0ABJzZPP
1jQ2TMEW54y5oqiq9Xr2RCMcNRDnDXXKNbhkX6hpXL03FgjfhU8zQyosqbnA/pHt
AlszqaFMPOgaIUe5eYQ0bmHvEWuNcBJ/gT2qqK0abjnbxKvawA3TphesOX0BiabK
DLZ6ITmCyIcWml5u1x6Xi60fc/zbsil9CvOjDAAdR/wneVAH9CkaUEHsql1UcHag
9aRvKHUgl1qZqDOE/qVvcKJ/7WAngyI5J4do58CCcHqbgTNHtsmdS6TT5er8ETPA
MsFsVVdH1Mt4wyS1nmA5eO5lYAVTQ2QMIe8qwhlAJ3UqhkIwewlrLAnXAcx82w9r
iPXbh+gvWQIDAQABo4ICkDCCAowwHQYDVR0OBBYEFMqqNM8c8OxQ+JsCl4U830JD
t7ZGMB8GA1UdIwQYMBaAFE8GHzq5hjgo92M+vEYwD5t+h3q8MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODY5M2YwNjAwMTg2YzZlN2ZkOGQzNjYwLzAv
NEYwNjFGM0FCOTg2MzgyOEY3NjMzRUJDNDYzMDBGOUI3RTg3N0FCQy5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3
ZTk3MWFjL2FkOWIzMDEwLTMxMTYtNDY0ZS04YzU4LTk1ODY1MDBmMTcwMS82OTYy
NmMyZTBiOTY0ZWQ1ZThiYTZhNmYzZWQwZmQ2MzZjZjM2NDVkNmNjYjYxMjNiOS5j
ZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NjkzZjA2MDAxODZjNmU3ZmQ4
ZDM2NjAvMC9BUzE2NTA5LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMDEG
CCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAQMpgAwQAzerMAwQA2PYDAwQA2PZj
MA0GCSqGSIb3DQEBCwUAA4IBAQAJAdPBIkqHOpvQIZoYzOy4SUshJNrrFqC1YZ7y
J0Iakv4GcCfO53Y317mSUM3lNDAGnlyLXU7bm7gBXqYwO0Tmy9/o3kuz37hSKxot
+Kn6wV9AyjFOCxTGDsWPX5dN/KD4J+IjglELdOpjmnCBM+H8mWdPQGpKydJcwc6M
D0o9Xhr7TRL2wrV0ADPpTGUIxEew49sHLdssuijFjbTQhO8git+/PaqYkjHDsUUO
sGpbx7NwZ231f1SDw9EQwKh/Cj1TJXv2//LvCcmeuYEVc88AfRWsSe9Fnhcwflae
xiI1szG76tkTasUAcbuVsrnAHgm1VfvAWWAzc4WFHk6pfZz4
-----END CERTIFICATE-----
Generated at Fri Nov 15 19:49:50 2024 by rpki-client on console-fra.rpki-client.org