Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS209242.roa
File: AS209242.roa (raw, json)
Hash identifier: RmSN/ed6F6hLt9EsqHn1kkASLktm/euZifioyx5xYxA=
Subject key identifier: A2:F1:DB:C0:97:03:E6:DD:0C:BD:D5:7F:21:F3:2B:A4:33:DE:D9:42
Certificate issuer: /CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Certificate serial: 1EEFD3216249EAB67795A3F2622B8635AE4629E0
Authority key identifier: 4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS209242.roa
Signing time: Tue 13 Aug 2024 16:16:41 +0000
ROA not before: Tue 13 Aug 2024 16:11:41 +0000
ROA not after: Tue 12 Aug 2025 16:16:41 +0000
asID: 209242
IP address blocks: 66.225.252.0/24 maxlen: 24
204.93.210.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
1e:ef:d3:21:62:49:ea:b6:77:95:a3:f2:62:2b:86:35:ae:46:29:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Validity
Not Before: Aug 13 16:11:41 2024 GMT
Not After : Aug 12 16:16:41 2025 GMT
Subject: CN=A2F1DBC09703E6DD0CBDD57F21F32BA433DED942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:18:4d:8c:e8:29:87:29:56:e5:40:c2:28:89:
47:0d:25:81:85:e0:6e:d2:17:82:2b:3c:7e:b7:97:
ea:d4:a7:cf:d9:2d:69:7a:47:ab:f8:21:fd:e2:6c:
35:0b:b8:07:a1:1c:18:c1:3b:c6:b0:71:43:f7:de:
62:36:b5:d3:9e:7a:59:92:9f:7b:25:ea:a8:cb:ba:
e4:62:dc:07:7f:c8:8b:7a:2f:2e:aa:c9:1d:65:36:
27:f9:93:02:fb:e2:2e:4e:1f:8f:53:39:18:5c:91:
4f:7e:09:f8:a8:e0:03:b7:a7:a8:ff:1f:26:fa:ed:
7f:14:0d:c7:f4:97:68:8e:00:9f:4c:b2:03:c5:43:
12:58:52:3f:0b:5e:d5:ff:68:30:0b:ea:11:c4:6a:
95:e7:67:f4:43:5d:d9:35:3c:c7:4d:f9:7b:a5:01:
f0:01:72:0c:c3:97:71:4e:40:f0:2d:54:89:15:d7:
21:10:c8:29:e7:29:d7:82:ef:ff:e2:fd:82:be:04:
8b:4a:cf:a3:21:eb:9e:f4:d4:d8:f2:9a:7c:ea:42:
d6:30:82:e9:5f:ea:21:c0:f7:2d:1b:ac:ac:01:6a:
99:57:af:fd:97:57:68:fe:97:1d:6a:b4:72:f2:56:
11:f9:a9:18:72:1e:dc:91:fd:e8:93:04:d1:82:51:
a9:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A2:F1:DB:C0:97:03:E6:DD:0C:BD:D5:7F:21:F3:2B:A4:33:DE:D9:42
X509v3 Authority Key Identifier:
keyid:4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/4F061F3AB9863828F7633EBC46300F9B7E877ABC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS209242.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.225.252.0/24
204.93.210.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:eb:b1:f9:8a:4a:ba:7e:62:17:7e:c7:df:ab:08:38:6c:41:
b3:4c:46:72:53:fd:15:55:ae:0e:41:70:66:a3:00:da:6d:70:
ed:fe:c8:62:08:ab:a2:28:ad:ca:ba:f9:99:79:8f:2a:11:52:
cf:e6:cb:1c:5d:a9:83:bc:5c:4f:3a:bd:74:69:ae:94:ee:32:
21:20:fc:7b:ba:59:a7:d8:02:db:ec:a2:ac:51:d8:17:3c:e0:
f5:ff:17:b5:3e:f4:46:4a:f3:e7:59:df:8f:36:1d:f0:76:a3:
37:0f:57:b8:59:a0:72:bd:38:8c:aa:e4:61:63:60:17:18:fd:
b2:c3:c5:bd:74:c3:ee:f6:8e:5f:05:fa:f7:10:29:9c:9c:33:
46:b7:dc:e8:ff:da:8d:7f:e7:d8:94:fb:ff:cd:f2:be:77:2b:
96:c1:1e:95:b7:85:89:ed:73:b2:e2:75:88:6e:1e:eb:39:4e:
14:44:1e:ad:26:75:17:43:89:18:1f:b2:95:e7:3e:b5:dd:6b:
d4:97:cd:13:0d:2f:85:45:8c:06:ef:5b:be:e2:f0:f6:de:40:
ae:48:e6:50:44:53:f4:a2:73:b8:e8:aa:1c:bb:e9:44:d5:cd:
be:9c:3f:05:c6:ce:56:83:f5:25:cb:90:ca:38:ca:1d:0e:6b:
ce:71:1e:a0
-----BEGIN CERTIFICATE-----
MIIFhTCCBG2gAwIBAgIUHu/TIWJJ6rZ3laPyYiuGNa5GKeAwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNjk2MjZjMmUwYjk2NGVkNWU4YmE2YTZmM2VkMGZkNjM2
Y2YzNjQ1ZDZjY2I2MTIzYjkwHhcNMjQwODEzMTYxMTQxWhcNMjUwODEyMTYxNjQx
WjAzMTEwLwYDVQQDEyhBMkYxREJDMDk3MDNFNkREMENCREQ1N0YyMUYzMkJBNDMz
REVEOTQyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsxhNjOgphylW
5UDCKIlHDSWBheBu0heCKzx+t5fq1KfP2S1peker+CH94mw1C7gHoRwYwTvGsHFD
995iNrXTnnpZkp97Jeqoy7rkYtwHf8iLei8uqskdZTYn+ZMC++IuTh+PUzkYXJFP
fgn4qOADt6eo/x8m+u1/FA3H9JdojgCfTLIDxUMSWFI/C17V/2gwC+oRxGqV52f0
Q13ZNTzHTfl7pQHwAXIMw5dxTkDwLVSJFdchEMgp5ynXgu//4v2CvgSLSs+jIeue
9NTY8pp86kLWMILpX+ohwPctG6ysAWqZV6/9l1do/pcdarRy8lYR+akYch7ckf3o
kwTRglGp7QIDAQABo4IChTCCAoEwHQYDVR0OBBYEFKLx28CXA+bdDL3VfyHzK6Qz
3tlCMB8GA1UdIwQYMBaAFE8GHzq5hjgo92M+vEYwD5t+h3q8MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODY5M2YwNjAwMTg2YzZlN2ZkOGQzNjYwLzAv
NEYwNjFGM0FCOTg2MzgyOEY3NjMzRUJDNDYzMDBGOUI3RTg3N0FCQy5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3
ZTk3MWFjL2FkOWIzMDEwLTMxMTYtNDY0ZS04YzU4LTk1ODY1MDBmMTcwMS82OTYy
NmMyZTBiOTY0ZWQ1ZThiYTZhNmYzZWQwZmQ2MzZjZjM2NDVkNmNjYjYxMjNiOS5j
ZXIwcAYIKwYBBQUHAQsEZDBiMGAGCCsGAQUFBzALhlRyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NjkzZjA2MDAxODZjNmU3ZmQ4
ZDM2NjAvMC9BUzIwOTI0Mi5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAl
BggrBgEFBQcBBwEB/wQWMBQwEgQCAAEwDAMEAELh/AMEAMxd0jANBgkqhkiG9w0B
AQsFAAOCAQEAauux+YpKun5iF37H36sIOGxBs0xGclP9FVWuDkFwZqMA2m1w7f7I
Ygiroiityrr5mXmPKhFSz+bLHF2pg7xcTzq9dGmulO4yISD8e7pZp9gC2+yirFHY
Fzzg9f8XtT70Rkrz51nfjzYd8HajNw9XuFmgcr04jKrkYWNgFxj9ssPFvXTD7vaO
XwX69xApnJwzRrfc6P/ajX/n2JT7/83yvncrlsEelbeFie1zsuJ1iG4e6zlOFEQe
rSZ1F0OJGB+ylec+td1r1JfNEw0vhUWMBu9bvuLw9t5ArkjmUERT9KJzuOiqHLvp
RNXNvpw/BcbOVoP1JcuQyjjKHQ5rznEeoA==
-----END CERTIFICATE-----
Generated at Fri Nov 15 20:45:04 2024 by rpki-client on console-ams.rpki-client.org