Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS21840.roa
File: AS21840.roa (raw, json)
Hash identifier: DPCVTid7/o5S5tI6S9SwQvV1gavsFJM4d1V2AqWP+Y8=
Subject key identifier: 03:45:84:89:D4:22:04:D2:E2:61:07:E7:65:04:99:A5:BE:A7:AA:BA
Certificate issuer: /CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Certificate serial: 6E4DAA7AC1DB1D61669243E7A903EAA1E5652036
Authority key identifier: 4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS21840.roa
Signing time: Wed 21 Aug 2024 08:26:31 +0000
ROA not before: Wed 21 Aug 2024 08:21:31 +0000
ROA not after: Wed 20 Aug 2025 08:26:31 +0000
asID: 21840
IP address blocks: 50.31.187.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6e:4d:aa:7a:c1:db:1d:61:66:92:43:e7:a9:03:ea:a1:e5:65:20:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Validity
Not Before: Aug 21 08:21:31 2024 GMT
Not After : Aug 20 08:26:31 2025 GMT
Subject: CN=03458489D42204D2E26107E7650499A5BEA7AABA
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:25:6a:ff:5c:66:f6:5e:de:a5:6b:63:51:92:
47:88:7e:8a:3e:68:33:0e:3a:d6:19:5c:e6:d6:e1:
a7:37:7b:97:10:9a:ae:44:06:f2:d1:b4:c2:d9:83:
ff:2c:5b:76:55:dd:da:0e:f9:87:a9:a1:a3:75:88:
5c:6d:87:d8:6a:52:40:05:89:ed:4d:bf:4d:57:0d:
d6:f5:8f:fd:51:3e:c7:e9:85:a1:7f:40:62:06:c8:
ba:6b:28:b8:9e:17:3a:71:96:84:39:12:d1:32:9a:
94:b2:75:13:06:ad:aa:8d:b2:3a:57:80:3d:fc:4f:
48:22:0a:bb:92:e2:8b:cc:f3:5a:14:8c:39:9a:8a:
fa:bd:54:9b:db:72:d7:c2:90:6a:54:eb:3e:17:1b:
ab:ce:1c:54:fe:f7:88:8b:e7:05:f2:e3:d1:67:b0:
7d:9c:f2:8d:2e:a2:86:f5:b9:98:fb:5f:73:91:4c:
b9:ec:2b:82:80:af:3a:67:46:ad:d1:b4:7b:b0:ab:
d5:3f:5a:42:6d:fa:b3:cb:b8:11:37:46:21:92:78:
f0:1a:8a:11:9a:93:56:29:d0:17:06:7e:06:a4:cf:
41:68:01:de:99:50:c8:a8:ef:e2:a9:cd:af:0f:19:
fd:15:f7:5b:d7:56:78:8e:85:af:4b:55:d4:3a:be:
8e:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:45:84:89:D4:22:04:D2:E2:61:07:E7:65:04:99:A5:BE:A7:AA:BA
X509v3 Authority Key Identifier:
keyid:4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/4F061F3AB9863828F7633EBC46300F9B7E877ABC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS21840.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
50.31.187.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:95:72:74:96:aa:a6:53:48:d1:10:a9:5d:d8:e0:5d:62:ae:
51:75:1f:f9:49:6e:4d:8c:cb:6b:d1:84:c6:3f:09:9f:b3:dd:
fa:42:d4:d8:b1:15:e9:a7:34:06:67:2b:44:54:d5:50:9f:f1:
98:ee:fe:ef:de:d9:df:27:0e:01:5c:83:b3:4a:18:73:ea:57:
5b:1c:d2:f0:61:ca:18:67:a9:5d:7e:a7:6b:33:d3:53:b7:a8:
52:df:76:bd:d7:ca:93:2e:d6:2c:39:97:9c:bd:b6:bf:91:4f:
80:06:bd:5d:b4:f6:8b:e6:07:61:d7:32:41:e7:4a:d0:97:1c:
fe:5d:ff:68:48:33:5f:cc:f9:59:a9:51:2c:52:ba:bd:9f:a9:
6f:4a:5a:f1:b1:cb:0a:be:8a:8e:19:ad:19:1e:f6:64:f4:69:
c9:2e:dc:44:6b:4a:44:91:b8:c8:3f:bd:a0:9f:81:0c:b7:f7:
2a:11:50:77:03:38:c9:50:0f:b9:ae:33:57:92:ed:55:bb:b6:
39:14:db:64:4d:42:60:46:0c:3c:6f:96:3c:0f:23:dd:b8:82:
c5:aa:e0:7b:a0:76:62:98:59:30:11:97:25:c7:92:75:f6:62:
02:12:2a:a9:3e:25:e1:60:fb:80:1a:bf:fc:d6:27:1a:77:60:
e4:37:3f:38
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgIUbk2qesHbHWFmkkPnqQPqoeVlIDYwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNjk2MjZjMmUwYjk2NGVkNWU4YmE2YTZmM2VkMGZkNjM2
Y2YzNjQ1ZDZjY2I2MTIzYjkwHhcNMjQwODIxMDgyMTMxWhcNMjUwODIwMDgyNjMx
WjAzMTEwLwYDVQQDEygwMzQ1ODQ4OUQ0MjIwNEQyRTI2MTA3RTc2NTA0OTlBNUJF
QTdBQUJBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxyVq/1xm9l7e
pWtjUZJHiH6KPmgzDjrWGVzm1uGnN3uXEJquRAby0bTC2YP/LFt2Vd3aDvmHqaGj
dYhcbYfYalJABYntTb9NVw3W9Y/9UT7H6YWhf0BiBsi6ayi4nhc6cZaEORLRMpqU
snUTBq2qjbI6V4A9/E9IIgq7kuKLzPNaFIw5mor6vVSb23LXwpBqVOs+FxurzhxU
/veIi+cF8uPRZ7B9nPKNLqKG9bmY+19zkUy57CuCgK86Z0at0bR7sKvVP1pCbfqz
y7gRN0YhknjwGooRmpNWKdAXBn4GpM9BaAHemVDIqO/iqc2vDxn9Ffdb11Z4joWv
S1XUOr6O5QIDAQABo4ICfjCCAnowHQYDVR0OBBYEFANFhInUIgTS4mEH52UEmaW+
p6q6MB8GA1UdIwQYMBaAFE8GHzq5hjgo92M+vEYwD5t+h3q8MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODY5M2YwNjAwMTg2YzZlN2ZkOGQzNjYwLzAv
NEYwNjFGM0FCOTg2MzgyOEY3NjMzRUJDNDYzMDBGOUI3RTg3N0FCQy5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3
ZTk3MWFjL2FkOWIzMDEwLTMxMTYtNDY0ZS04YzU4LTk1ODY1MDBmMTcwMS82OTYy
NmMyZTBiOTY0ZWQ1ZThiYTZhNmYzZWQwZmQ2MzZjZjM2NDVkNmNjYjYxMjNiOS5j
ZXIwbwYIKwYBBQUHAQsEYzBhMF8GCCsGAQUFBzALhlNyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NjkzZjA2MDAxODZjNmU3ZmQ4
ZDM2NjAvMC9BUzIxODQwLnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8G
CCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAMh+7MA0GCSqGSIb3DQEBCwUAA4IB
AQCLlXJ0lqqmU0jREKld2OBdYq5RdR/5SW5NjMtr0YTGPwmfs936QtTYsRXppzQG
ZytEVNVQn/GY7v7v3tnfJw4BXIOzShhz6ldbHNLwYcoYZ6ldfqdrM9NTt6hS33a9
18qTLtYsOZecvba/kU+ABr1dtPaL5gdh1zJB50rQlxz+Xf9oSDNfzPlZqVEsUrq9
n6lvSlrxscsKvoqOGa0ZHvZk9GnJLtxEa0pEkbjIP72gn4EMt/cqEVB3AzjJUA+5
rjNXku1Vu7Y5FNtkTUJgRgw8b5Y8DyPduILFquB7oHZimFkwEZclx5J19mICEiqp
PiXhYPuAGr/81icad2DkNz84
-----END CERTIFICATE-----
Generated at Fri Nov 15 19:49:50 2024 by rpki-client on console-fra.rpki-client.org