Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS212238.roa
File: AS212238.roa (raw, json)
Hash identifier: EPMNBO35ztEnv91M4oyx0tqtY+PnrqKGuIWeOXPfbUI=
Subject key identifier: FB:F2:73:CF:9C:68:79:DF:20:B4:C0:4A:AC:77:A6:9E:6C:6E:AC:6B
Certificate issuer: /CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Certificate serial: 7F3B89789B0C7FCAB130DF033546C8553834A285
Authority key identifier: 4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS212238.roa
Signing time: Wed 10 Jul 2024 10:15:45 +0000
ROA not before: Wed 10 Jul 2024 10:10:45 +0000
ROA not after: Wed 09 Jul 2025 10:15:45 +0000
asID: 212238
IP address blocks: 50.31.139.0/24 maxlen: 24
50.31.161.0/24 maxlen: 24
64.202.99.0/24 maxlen: 24
64.202.100.0/24 maxlen: 24
64.202.103.0/24 maxlen: 24
64.202.105.0/24 maxlen: 24
64.202.106.0/24 maxlen: 24
66.225.193.0/24 maxlen: 24
66.225.196.0/24 maxlen: 24
66.225.199.0/24 maxlen: 24
66.225.238.0/24 maxlen: 24
66.225.242.0/24 maxlen: 24
75.102.11.0/24 maxlen: 24
75.102.18.0/24 maxlen: 24
75.102.28.0/24 maxlen: 24
75.102.29.0/24 maxlen: 24
204.93.148.0/24 maxlen: 24
204.93.166.0/24 maxlen: 24
204.93.171.0/24 maxlen: 24
204.93.184.0/24 maxlen: 24
204.93.195.0/24 maxlen: 24
204.93.209.0/24 maxlen: 24
204.93.235.0/24 maxlen: 24
204.93.245.0/24 maxlen: 24
204.93.246.0/24 maxlen: 24
205.234.133.0/24 maxlen: 24
205.234.142.0/24 maxlen: 24
205.234.147.0/24 maxlen: 24
205.234.148.0/24 maxlen: 24
205.234.151.0/24 maxlen: 24
205.234.164.0/24 maxlen: 24
205.234.166.0/24 maxlen: 24
205.234.169.0/24 maxlen: 24
205.234.172.0/24 maxlen: 24
205.234.180.0/24 maxlen: 24
205.234.192.0/24 maxlen: 24
205.234.196.0/24 maxlen: 24
205.234.202.0/24 maxlen: 24
205.234.228.0/24 maxlen: 24
205.234.236.0/24 maxlen: 24
205.234.242.0/24 maxlen: 24
205.234.245.0/24 maxlen: 24
205.234.254.0/24 maxlen: 24
216.246.8.0/24 maxlen: 24
216.246.11.0/24 maxlen: 24
216.246.13.0/24 maxlen: 24
216.246.16.0/24 maxlen: 24
216.246.17.0/24 maxlen: 24
216.246.22.0/24 maxlen: 24
216.246.23.0/24 maxlen: 24
216.246.27.0/24 maxlen: 24
216.246.32.0/24 maxlen: 24
216.246.35.0/24 maxlen: 24
216.246.41.0/24 maxlen: 24
216.246.43.0/24 maxlen: 24
216.246.45.0/24 maxlen: 24
216.246.48.0/24 maxlen: 24
216.246.52.0/24 maxlen: 24
216.246.53.0/24 maxlen: 24
216.246.54.0/24 maxlen: 24
216.246.55.0/24 maxlen: 24
216.246.57.0/24 maxlen: 24
216.246.90.0/24 maxlen: 24
216.246.93.0/24 maxlen: 24
216.246.95.0/24 maxlen: 24
216.246.111.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
7f:3b:89:78:9b:0c:7f:ca:b1:30:df:03:35:46:c8:55:38:34:a2:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Validity
Not Before: Jul 10 10:10:45 2024 GMT
Not After : Jul 9 10:15:45 2025 GMT
Subject: CN=FBF273CF9C6879DF20B4C04AAC77A69E6C6EAC6B
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:21:7c:f9:97:d7:4f:88:e3:2b:cd:9c:2c:36:
c3:15:eb:2b:cd:cb:4c:aa:b8:11:90:5f:1f:30:ab:
48:e9:07:a8:4b:12:f1:77:5b:20:b2:87:a0:47:2c:
53:14:f4:85:26:03:f7:6e:8e:d8:f1:0a:42:c9:ab:
c6:6f:c2:2e:b0:ba:d8:47:ec:24:31:4d:80:89:01:
4b:67:7f:95:7a:37:11:9e:92:e8:02:d7:c0:db:a6:
cc:b0:72:d0:82:eb:c8:a1:d3:67:79:2c:b9:20:c3:
24:dd:26:80:a3:72:22:21:70:33:3d:a4:7b:25:eb:
16:90:54:61:7a:6e:a1:10:a7:80:f3:92:ed:fb:e2:
c0:7f:50:dd:53:e9:f1:4a:07:53:ef:b3:8b:b3:0b:
7c:07:ec:bf:a5:5b:a5:5e:be:76:55:f9:e6:56:d5:
f4:41:3f:a9:b7:bc:37:1e:80:95:0f:cf:03:73:c3:
1f:86:65:b2:b2:26:ae:6f:bf:6f:61:65:50:33:d0:
77:65:59:a2:78:b6:37:ca:db:a4:2a:59:f5:fe:40:
ee:4a:5c:7e:2f:91:f2:17:a0:8b:6a:d3:ae:d7:0d:
7d:e6:66:98:52:75:fd:7a:a1:65:03:d6:0b:ff:a8:
ce:77:af:5d:cf:d3:95:a3:8d:f1:64:a1:d1:eb:7d:
9f:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:F2:73:CF:9C:68:79:DF:20:B4:C0:4A:AC:77:A6:9E:6C:6E:AC:6B
X509v3 Authority Key Identifier:
keyid:4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/4F061F3AB9863828F7633EBC46300F9B7E877ABC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS212238.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
50.31.139.0/24
50.31.161.0/24
64.202.99.0-64.202.100.255
64.202.103.0/24
64.202.105.0-64.202.106.255
66.225.193.0/24
66.225.196.0/24
66.225.199.0/24
66.225.238.0/24
66.225.242.0/24
75.102.11.0/24
75.102.18.0/24
75.102.28.0/23
204.93.148.0/24
204.93.166.0/24
204.93.171.0/24
204.93.184.0/24
204.93.195.0/24
204.93.209.0/24
204.93.235.0/24
204.93.245.0-204.93.246.255
205.234.133.0/24
205.234.142.0/24
205.234.147.0-205.234.148.255
205.234.151.0/24
205.234.164.0/24
205.234.166.0/24
205.234.169.0/24
205.234.172.0/24
205.234.180.0/24
205.234.192.0/24
205.234.196.0/24
205.234.202.0/24
205.234.228.0/24
205.234.236.0/24
205.234.242.0/24
205.234.245.0/24
205.234.254.0/24
216.246.8.0/24
216.246.11.0/24
216.246.13.0/24
216.246.16.0/23
216.246.22.0/23
216.246.27.0/24
216.246.32.0/24
216.246.35.0/24
216.246.41.0/24
216.246.43.0/24
216.246.45.0/24
216.246.48.0/24
216.246.52.0/22
216.246.57.0/24
216.246.90.0/24
216.246.93.0/24
216.246.95.0/24
216.246.111.0/24
Signature Algorithm: sha256WithRSAEncryption
b2:18:09:ce:ab:44:d4:fb:48:cc:a0:30:e4:11:df:16:08:e8:
c1:76:fc:b3:d5:55:79:1e:51:70:ef:eb:ec:bc:54:ab:a7:21:
a7:12:d2:c9:43:46:37:fd:68:89:eb:4e:f6:44:87:62:34:53:
f2:4d:e2:35:c7:57:12:e9:96:95:36:8c:92:3c:62:a8:54:38:
1e:11:9f:c5:4f:54:97:da:b7:05:76:04:1d:f5:d6:b6:05:11:
de:a3:21:28:f1:4c:5d:3b:b1:8f:67:f1:ba:aa:6e:1d:bc:93:
41:50:28:5c:ee:ce:c0:83:d9:dd:dd:c6:e4:d7:99:e0:f2:5c:
39:46:3d:2a:2d:aa:ab:8d:af:f3:31:4c:41:1c:32:b3:02:1c:
4a:54:0e:65:e8:b3:3d:0c:fb:f2:6b:71:7b:a7:79:89:c3:c8:
ff:ca:68:88:9b:0a:3f:92:c2:86:cd:ab:e0:ee:1b:f5:4f:4e:
17:18:2b:77:be:93:6f:fd:9b:2a:c4:3d:6a:08:ee:34:cf:49:
8c:f4:03:bb:50:25:ff:97:d7:7d:1e:b3:7d:86:7c:12:5a:53:
ef:5c:18:90:b4:28:31:93:75:a4:eb:da:8e:5f:78:3c:c4:9a:
9d:7a:56:69:24:c8:3b:c0:52:54:bc:7d:14:ff:36:e5:52:1a:
b9:58:bc:1c
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgIUfzuJeJsMf8qxMN8DNUbIVTg0ooUwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNjk2MjZjMmUwYjk2NGVkNWU4YmE2YTZmM2VkMGZkNjM2
Y2YzNjQ1ZDZjY2I2MTIzYjkwHhcNMjQwNzEwMTAxMDQ1WhcNMjUwNzA5MTAxNTQ1
WjAzMTEwLwYDVQQDEyhGQkYyNzNDRjlDNjg3OURGMjBCNEMwNEFBQzc3QTY5RTZD
NkVBQzZCMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsiF8+ZfXT4jj
K82cLDbDFesrzctMqrgRkF8fMKtI6QeoSxLxd1sgsoegRyxTFPSFJgP3bo7Y8QpC
yavGb8IusLrYR+wkMU2AiQFLZ3+VejcRnpLoAtfA26bMsHLQguvIodNneSy5IMMk
3SaAo3IiIXAzPaR7JesWkFRhem6hEKeA85Lt++LAf1DdU+nxSgdT77OLswt8B+y/
pVulXr52VfnmVtX0QT+pt7w3HoCVD88Dc8MfhmWysiaub79vYWVQM9B3ZVmieLY3
ytukKln1/kDuSlx+L5HyF6CLatOu1w195maYUnX9eqFlA9YL/6jOd69dz9OVo43x
ZKHR632f/wIDAQABo4ID8zCCA+8wHQYDVR0OBBYEFPvyc8+caHnfILTASqx3pp5s
bqxrMB8GA1UdIwQYMBaAFE8GHzq5hjgo92M+vEYwD5t+h3q8MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODY5M2YwNjAwMTg2YzZlN2ZkOGQzNjYwLzAv
NEYwNjFGM0FCOTg2MzgyOEY3NjMzRUJDNDYzMDBGOUI3RTg3N0FCQy5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3
ZTk3MWFjL2FkOWIzMDEwLTMxMTYtNDY0ZS04YzU4LTk1ODY1MDBmMTcwMS82OTYy
NmMyZTBiOTY0ZWQ1ZThiYTZhNmYzZWQwZmQ2MzZjZjM2NDVkNmNjYjYxMjNiOS5j
ZXIwcAYIKwYBBQUHAQsEZDBiMGAGCCsGAQUFBzALhlRyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NjkzZjA2MDAxODZjNmU3ZmQ4
ZDM2NjAvMC9BUzIxMjIzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjCC
AZEGCCsGAQUFBwEHAQH/BIIBgDCCAXwwggF4BAIAATCCAXADBAAyH4sDBAAyH6Ew
DAMEAEDKYwMEAEDKZAMEAEDKZzAMAwQAQMppAwQAQMpqAwQAQuHBAwQAQuHEAwQA
QuHHAwQAQuHuAwQAQuHyAwQAS2YLAwQAS2YSAwQBS2YcAwQAzF2UAwQAzF2mAwQA
zF2rAwQAzF24AwQAzF3DAwQAzF3RAwQAzF3rMAwDBADMXfUDBADMXfYDBADN6oUD
BADN6o4wDAMEAM3qkwMEAM3qlAMEAM3qlwMEAM3qpAMEAM3qpgMEAM3qqQMEAM3q
rAMEAM3qtAMEAM3qwAMEAM3qxAMEAM3qygMEAM3q5AMEAM3q7AMEAM3q8gMEAM3q
9QMEAM3q/gMEANj2CAMEANj2CwMEANj2DQMEAdj2EAMEAdj2FgMEANj2GwMEANj2
IAMEANj2IwMEANj2KQMEANj2KwMEANj2LQMEANj2MAMEAtj2NAMEANj2OQMEANj2
WgMEANj2XQMEANj2XwMEANj2bzANBgkqhkiG9w0BAQsFAAOCAQEAshgJzqtE1PtI
zKAw5BHfFgjowXb8s9VVeR5RcO/r7LxUq6chpxLSyUNGN/1oietO9kSHYjRT8k3i
NcdXEumWlTaMkjxiqFQ4HhGfxU9Ul9q3BXYEHfXWtgUR3qMhKPFMXTuxj2fxuqpu
HbyTQVAoXO7OwIPZ3d3G5NeZ4PJcOUY9Ki2qq42v8zFMQRwyswIcSlQOZeizPQz7
8mtxe6d5icPI/8poiJsKP5LChs2r4O4b9U9OFxgrd76Tb/2bKsQ9agjuNM9JjPQD
u1Al/5fXfR6zfYZ8ElpT71wYkLQoMZN1pOvajl94PMSanXpWaSTIO8BSVLx9FP82
5VIauVi8HA==
-----END CERTIFICATE-----
Generated at Fri Nov 15 19:49:50 2024 by rpki-client on console-fra.rpki-client.org