Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS19318.roa
File: AS19318.roa (raw, json)
Hash identifier: iYP1JQttVldnTon5W7CfY5suVBNm5aOwi2qS1vaaT7Y=
Subject key identifier: D3:E2:33:BD:79:FD:0A:62:91:B5:DB:57:C4:E5:DA:DF:43:09:E0:A3
Certificate issuer: /CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Certificate serial: 41069C7B1F34DA72B25F7D2610755AE9BC5672B0
Authority key identifier: 4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS19318.roa
Signing time: Fri 23 Aug 2024 20:34:24 +0000
ROA not before: Fri 23 Aug 2024 20:29:24 +0000
ROA not after: Fri 22 Aug 2025 20:34:24 +0000
asID: 19318
IP address blocks: 66.225.229.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
41:06:9c:7b:1f:34:da:72:b2:5f:7d:26:10:75:5a:e9:bc:56:72:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Validity
Not Before: Aug 23 20:29:24 2024 GMT
Not After : Aug 22 20:34:24 2025 GMT
Subject: CN=D3E233BD79FD0A6291B5DB57C4E5DADF4309E0A3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:e2:b4:14:ea:df:51:55:ab:8f:0d:79:57:c2:
25:b8:72:1f:07:cc:ec:75:c0:94:22:7c:b4:f3:1e:
03:57:9d:db:7b:1b:17:dc:bc:d6:39:da:67:46:a4:
78:06:b6:3e:24:c6:e6:92:39:2f:39:35:3e:85:10:
da:42:e4:12:49:04:18:5f:98:c4:f3:91:16:5d:24:
b0:9a:b4:53:ff:e0:b4:18:00:4e:7e:47:07:bd:e5:
9a:ca:bf:3d:5a:b0:91:78:24:10:4e:01:72:9b:c5:
cb:72:4c:d9:18:d7:df:99:19:d9:79:ac:e3:e2:ed:
20:13:af:3a:c7:33:11:83:60:7a:14:33:0e:b9:3f:
c3:3a:67:cf:09:5d:52:28:40:e6:05:51:02:66:ab:
78:32:07:31:72:32:f5:c5:ad:e0:3e:66:e6:a4:10:
b2:d8:a0:b6:75:ca:60:50:ce:e2:cf:61:ae:8b:af:
ff:98:3a:1d:90:cc:4a:91:99:00:84:bb:e5:83:f1:
bd:fc:8e:05:9e:73:96:ac:47:02:db:27:2c:a0:b3:
ee:de:dd:5f:0d:2f:71:81:5b:29:8b:4f:93:df:66:
86:61:75:56:90:83:49:dc:a7:02:29:47:4c:07:98:
00:be:be:e6:ad:c5:2c:1f:82:f8:0a:5e:ba:ad:c6:
14:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:E2:33:BD:79:FD:0A:62:91:B5:DB:57:C4:E5:DA:DF:43:09:E0:A3
X509v3 Authority Key Identifier:
keyid:4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/4F061F3AB9863828F7633EBC46300F9B7E877ABC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS19318.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.225.229.0/24
Signature Algorithm: sha256WithRSAEncryption
65:8a:72:29:0a:9c:48:07:5d:5b:3a:21:4b:8a:40:bf:80:f7:
30:e4:d3:c4:40:94:83:e4:6e:5c:3d:bc:e2:c7:79:15:73:ff:
1c:c1:a9:24:9f:c1:d2:52:df:ba:87:33:44:2d:02:90:67:2b:
9e:8d:c9:9f:47:1b:44:96:16:ed:75:f0:78:80:57:ed:b1:9f:
30:ec:69:23:32:f3:0c:bb:d1:2f:ec:b4:af:e6:9b:f5:56:75:
80:2b:d5:9f:ad:d7:f6:f7:ae:e4:87:a6:39:ce:a0:11:29:3e:
75:ff:fb:0d:c9:e9:6f:e9:b1:6f:80:17:a3:65:75:2d:3e:39:
e4:93:58:d2:94:2e:dd:f9:91:c2:7a:66:26:1e:0c:18:35:3d:
c1:f1:1d:e2:8e:cd:43:c1:0c:50:0e:54:86:11:1f:18:f5:5c:
d7:ad:77:82:0c:7f:14:93:f2:67:50:ca:5c:4d:72:a2:00:ef:
39:fd:25:71:99:c8:00:d0:0b:a3:97:ee:84:87:db:03:a0:b9:
b7:77:d3:c5:b6:76:b5:1e:e0:56:3b:12:5f:0d:42:f5:d4:cb:
1c:5d:d3:73:f0:87:31:b1:f3:fa:96:0f:3d:54:cc:84:bf:4b:
e4:29:00:6f:69:19:01:14:60:02:9c:53:ba:7e:00:2d:cf:aa:
66:79:a4:13
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIUQQacex802nKyX30mEHVa6bxWcrAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNjk2MjZjMmUwYjk2NGVkNWU4YmE2YTZmM2VkMGZkNjM2
Y2YzNjQ1ZDZjY2I2MTIzYjkwHhcNMjQwODIzMjAyOTI0WhcNMjUwODIyMjAzNDI0
WjAzMTEwLwYDVQQDEyhEM0UyMzNCRDc5RkQwQTYyOTFCNURCNTdDNEU1REFERjQz
MDlFMEEzMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6uK0FOrfUVWr
jw15V8IluHIfB8zsdcCUIny08x4DV53bexsX3LzWOdpnRqR4BrY+JMbmkjkvOTU+
hRDaQuQSSQQYX5jE85EWXSSwmrRT/+C0GABOfkcHveWayr89WrCReCQQTgFym8XL
ckzZGNffmRnZeazj4u0gE686xzMRg2B6FDMOuT/DOmfPCV1SKEDmBVECZqt4Mgcx
cjL1xa3gPmbmpBCy2KC2dcpgUM7iz2Gui6//mDodkMxKkZkAhLvlg/G9/I4FnnOW
rEcC2ycsoLPu3t1fDS9xgVspi0+T32aGYXVWkINJ3KcCKUdMB5gAvr7mrcUsH4L4
Cl66rcYURwIDAQABo4ICfjCCAnowHQYDVR0OBBYEFNPiM715/QpikbXbV8Tl2t9D
CeCjMB8GA1UdIwQYMBaAFE8GHzq5hjgo92M+vEYwD5t+h3q8MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODY5M2YwNjAwMTg2YzZlN2ZkOGQzNjYwLzAv
NEYwNjFGM0FCOTg2MzgyOEY3NjMzRUJDNDYzMDBGOUI3RTg3N0FCQy5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3
ZTk3MWFjL2FkOWIzMDEwLTMxMTYtNDY0ZS04YzU4LTk1ODY1MDBmMTcwMS82OTYy
NmMyZTBiOTY0ZWQ1ZThiYTZhNmYzZWQwZmQ2MzZjZjM2NDVkNmNjYjYxMjNiOS5j
ZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NjkzZjA2MDAxODZjNmU3ZmQ4
ZDM2NjAvMC9BUzE5MzE4LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAQuHlMA0GCSqGSIb3DQEBCwUAA4IB
AQBlinIpCpxIB11bOiFLikC/gPcw5NPEQJSD5G5cPbzix3kVc/8cwakkn8HSUt+6
hzNELQKQZyuejcmfRxtElhbtdfB4gFftsZ8w7GkjMvMMu9Ev7LSv5pv1VnWAK9Wf
rdf2967kh6Y5zqARKT51//sNyelv6bFvgBejZXUtPjnkk1jSlC7d+ZHCemYmHgwY
NT3B8R3ijs1DwQxQDlSGER8Y9VzXrXeCDH8Uk/JnUMpcTXKiAO85/SVxmcgA0Auj
l+6Eh9sDoLm3d9PFtna1HuBWOxJfDUL11MscXdNz8IcxsfP6lg89VMyEv0vkKQBv
aRkBFGACnFO6fgAtz6pmeaQT
-----END CERTIFICATE-----
Generated at Fri Nov 15 19:49:50 2024 by rpki-client on console-fra.rpki-client.org