Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS3257.roa
File: AS3257.roa (raw, json)
Hash identifier: p6oWrLYHUyPcSDyNCv+X1PSHRbNZfvKrYMrsNT3EdKY=
Subject key identifier: 8E:B1:B7:9D:50:04:C5:C6:36:6E:BE:B4:04:64:41:59:89:52:99:D6
Certificate issuer: /CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Certificate serial: 39DD6F4C4B69BD33D4C882F5279C7071E27E1052
Authority key identifier: 4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS3257.roa
Signing time: Thu 01 Aug 2024 15:48:59 +0000
ROA not before: Thu 01 Aug 2024 15:43:59 +0000
ROA not after: Thu 31 Jul 2025 15:48:59 +0000
asID: 3257
IP address blocks: 66.225.230.0/24 maxlen: 24
205.234.145.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:dd:6f:4c:4b:69:bd:33:d4:c8:82:f5:27:9c:70:71:e2:7e:10:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Validity
Not Before: Aug 1 15:43:59 2024 GMT
Not After : Jul 31 15:48:59 2025 GMT
Subject: CN=8EB1B79D5004C5C6366EBEB404644159895299D6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:36:8e:36:d9:29:e2:fc:87:c0:f1:59:b6:e6:
f5:cd:df:bd:8e:e8:c2:12:a0:15:6c:1a:89:ae:4b:
f1:44:91:ac:98:1e:4f:45:84:f9:55:65:d4:25:c7:
cd:5b:15:6b:a1:3f:4f:63:48:43:86:bd:88:80:0f:
5a:fe:96:50:a4:47:7a:4a:6d:4c:f8:b8:4d:ed:6e:
e2:4b:77:1c:dc:10:f8:72:b5:63:29:4e:ba:9a:2e:
de:f6:54:c0:3b:88:d7:ea:ab:8a:0e:f0:b3:b5:8a:
8d:eb:5a:10:0e:9d:09:a1:da:8e:f8:ae:cd:5b:01:
7b:d0:ab:33:2b:91:6c:28:1d:9f:3a:4d:8a:37:ef:
a0:51:01:55:45:d0:86:e9:4a:7b:1e:ac:10:ef:28:
83:70:cd:89:87:54:10:40:dd:ae:5a:f7:37:e8:7a:
0b:5b:4a:e2:d2:f0:0a:12:b3:63:35:dc:52:93:16:
ea:ec:c0:17:70:e1:c1:3f:49:ec:10:4c:11:87:c0:
cf:a7:06:6e:0b:db:cd:85:e2:d8:3f:07:df:c6:93:
f9:99:40:96:d1:12:49:3f:4f:77:35:e8:24:41:56:
d3:34:e4:1c:a1:46:14:7c:2a:bf:1a:76:0b:16:04:
33:3c:63:06:ef:b2:cc:36:f9:71:4c:9c:b3:8c:4d:
2a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B1:B7:9D:50:04:C5:C6:36:6E:BE:B4:04:64:41:59:89:52:99:D6
X509v3 Authority Key Identifier:
keyid:4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/4F061F3AB9863828F7633EBC46300F9B7E877ABC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS3257.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.225.230.0/24
205.234.145.0/24
Signature Algorithm: sha256WithRSAEncryption
60:4c:62:1e:22:ce:41:a0:c3:c0:56:ee:c4:81:c8:d2:c8:3d:
bf:dc:50:63:b0:fb:1f:a9:75:f0:99:d6:69:d6:f1:fc:55:a5:
c8:a5:64:66:1e:04:99:5d:2e:c4:53:67:b6:1e:7d:97:55:24:
ff:03:3b:b6:5d:8d:ba:d0:04:1d:21:0f:85:6b:a0:02:44:b6:
6c:0c:1c:66:ea:bc:58:3a:7c:53:dc:b3:11:49:8e:94:ee:c1:
51:41:9f:f0:da:c4:2f:9e:92:ee:2e:a7:c4:b5:56:be:ef:70:
a2:70:54:32:9d:46:7b:72:81:f5:63:88:1e:89:77:f9:32:db:
ff:83:1e:cc:35:1c:94:f4:f2:05:af:79:88:be:b4:d3:2c:44:
ea:d1:c4:aa:f3:0a:ea:65:f5:95:6e:ee:c0:b6:3a:37:a5:ea:
5d:69:68:37:e2:cb:46:73:d2:2d:67:89:29:4f:6d:79:91:96:
59:74:13:66:64:df:95:45:e2:7c:f7:1b:b7:5d:88:a0:d0:e1:
b6:5f:78:3b:da:3f:57:75:75:9d:56:67:19:9c:b0:9d:c3:ad:
24:23:47:a9:8e:d6:9f:5f:32:be:50:f5:b9:36:f7:d7:ec:eb:
e1:f4:a9:47:60:b5:a0:94:29:41:98:40:a5:18:09:18:eb:d1:
9a:e6:6b:fe
-----BEGIN CERTIFICATE-----
MIIFgzCCBGugAwIBAgIUOd1vTEtpvTPUyIL1J5xwceJ+EFIwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNjk2MjZjMmUwYjk2NGVkNWU4YmE2YTZmM2VkMGZkNjM2
Y2YzNjQ1ZDZjY2I2MTIzYjkwHhcNMjQwODAxMTU0MzU5WhcNMjUwNzMxMTU0ODU5
WjAzMTEwLwYDVQQDEyg4RUIxQjc5RDUwMDRDNUM2MzY2RUJFQjQwNDY0NDE1OTg5
NTI5OUQ2MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwTaONtkp4vyH
wPFZtub1zd+9jujCEqAVbBqJrkvxRJGsmB5PRYT5VWXUJcfNWxVroT9PY0hDhr2I
gA9a/pZQpEd6Sm1M+LhN7W7iS3cc3BD4crVjKU66mi7e9lTAO4jX6quKDvCztYqN
61oQDp0JodqO+K7NWwF70KszK5FsKB2fOk2KN++gUQFVRdCG6Up7HqwQ7yiDcM2J
h1QQQN2uWvc36HoLW0ri0vAKErNjNdxSkxbq7MAXcOHBP0nsEEwRh8DPpwZuC9vN
heLYPwffxpP5mUCW0RJJP093NegkQVbTNOQcoUYUfCq/GnYLFgQzPGMG77LMNvlx
TJyzjE0qSQIDAQABo4ICgzCCAn8wHQYDVR0OBBYEFI6xt51QBMXGNm6+tARkQVmJ
UpnWMB8GA1UdIwQYMBaAFE8GHzq5hjgo92M+vEYwD5t+h3q8MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODY5M2YwNjAwMTg2YzZlN2ZkOGQzNjYwLzAv
NEYwNjFGM0FCOTg2MzgyOEY3NjMzRUJDNDYzMDBGOUI3RTg3N0FCQy5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3
ZTk3MWFjL2FkOWIzMDEwLTMxMTYtNDY0ZS04YzU4LTk1ODY1MDBmMTcwMS82OTYy
NmMyZTBiOTY0ZWQ1ZThiYTZhNmYzZWQwZmQ2MzZjZjM2NDVkNmNjYjYxMjNiOS5j
ZXIwbgYIKwYBBQUHAQsEYjBgMF4GCCsGAQUFBzALhlJyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NjkzZjA2MDAxODZjNmU3ZmQ4
ZDM2NjAvMC9BUzMyNTcucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwJQYI
KwYBBQUHAQcBAf8EFjAUMBIEAgABMAwDBABC4eYDBADN6pEwDQYJKoZIhvcNAQEL
BQADggEBAGBMYh4izkGgw8BW7sSByNLIPb/cUGOw+x+pdfCZ1mnW8fxVpcilZGYe
BJldLsRTZ7YefZdVJP8DO7ZdjbrQBB0hD4VroAJEtmwMHGbqvFg6fFPcsxFJjpTu
wVFBn/DaxC+eku4up8S1Vr7vcKJwVDKdRntygfVjiB6Jd/ky2/+DHsw1HJT08gWv
eYi+tNMsROrRxKrzCupl9ZVu7sC2Ojel6l1paDfiy0Zz0i1niSlPbXmRlll0E2Zk
35VF4nz3G7ddiKDQ4bZfeDvaP1d1dZ1WZxmcsJ3DrSQjR6mO1p9fMr5Q9bk299fs
6+H0qUdgtaCUKUGYQKUYCRjr0Zrma/4=
-----END CERTIFICATE-----
Generated at Fri Nov 15 20:45:04 2024 by rpki-client on console-ams.rpki-client.org