Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS399486.roa
File: AS399486.roa (raw, json)
Hash identifier: v4KZz4Av+sMjpKh+2GhrUahTaIi8S8/LGGkPP3+e5TU=
Subject key identifier: CA:34:12:9A:44:1D:3A:69:C1:49:08:02:F5:91:0A:E7:95:B4:28:E9
Certificate issuer: /CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Certificate serial: 18A020FC2C14E04EB67BA18779249E1161E038E4
Authority key identifier: 4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS399486.roa
Signing time: Tue 28 May 2024 13:01:15 +0000
ROA not before: Tue 28 May 2024 12:56:15 +0000
ROA not after: Tue 27 May 2025 13:01:15 +0000
asID: 399486
IP address blocks: 66.225.254.0/24 maxlen: 24
205.234.144.0/24 maxlen: 24
205.234.181.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
18:a0:20:fc:2c:14:e0:4e:b6:7b:a1:87:79:24:9e:11:61:e0:38:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Validity
Not Before: May 28 12:56:15 2024 GMT
Not After : May 27 13:01:15 2025 GMT
Subject: CN=CA34129A441D3A69C1490802F5910AE795B428E9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:df:f6:e8:dc:c0:11:4f:79:0d:b8:6b:95:b4:
6c:12:e3:a7:1a:89:85:ee:b4:12:a8:de:a5:36:b7:
13:f4:88:3d:de:11:97:5f:c0:9f:08:54:80:b8:d6:
33:48:5b:43:22:ab:72:b7:22:6c:8f:a7:3c:1b:13:
93:c0:19:c8:de:12:2f:8b:31:4a:ab:37:e5:d5:71:
b0:a8:0c:04:4b:ab:ba:c1:92:7b:15:d2:5a:17:d9:
85:8b:5e:fc:0a:aa:21:39:98:c8:0f:b0:14:e4:0b:
5a:ef:33:f1:7d:b8:76:be:49:4a:db:7f:11:d7:c4:
02:7f:4b:ef:0a:35:86:c3:df:39:1a:12:44:a3:a4:
31:cd:fb:8e:49:b3:71:b4:aa:97:f9:23:e3:05:6a:
ef:f7:a4:a3:6b:de:b1:46:0a:d4:6c:66:64:b2:0c:
fd:d7:4e:06:a6:66:58:51:11:6d:d9:6a:4f:8c:93:
22:65:70:af:ee:c6:62:7d:93:a3:95:56:55:ef:9a:
ff:3e:30:ef:60:83:ff:44:26:48:97:ea:11:8f:54:
6a:1e:77:f4:91:d8:6d:a0:a4:92:42:41:0f:d3:ae:
5d:93:d4:fa:c4:36:47:b2:84:85:00:3b:27:bb:6c:
ac:cf:8a:b4:2a:28:37:37:64:45:15:96:63:71:58:
d3:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:34:12:9A:44:1D:3A:69:C1:49:08:02:F5:91:0A:E7:95:B4:28:E9
X509v3 Authority Key Identifier:
keyid:4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/4F061F3AB9863828F7633EBC46300F9B7E877ABC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS399486.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.225.254.0/24
205.234.144.0/24
205.234.181.0/24
Signature Algorithm: sha256WithRSAEncryption
8d:cf:2c:9b:8d:f5:91:22:fc:9f:41:2d:fa:b7:ba:a2:d5:5f:
37:6a:f9:6d:68:ce:c9:87:cf:1a:bf:4f:c2:a2:e2:02:ca:5b:
e3:e4:d6:e1:60:53:b6:b0:20:0f:4a:18:84:45:2a:91:75:72:
42:dc:99:66:6a:e6:65:1e:ce:45:32:62:57:a2:58:a7:c3:5e:
14:00:39:b0:9a:0c:20:b2:db:88:57:59:61:5e:92:bb:ec:eb:
5e:ef:cb:f7:90:3d:ee:3e:49:73:57:bc:52:b6:dc:51:b9:65:
72:64:e2:6a:45:7b:53:3a:29:da:b1:48:65:01:c2:27:3c:dd:
25:47:a3:a5:09:3b:c5:64:4d:52:07:2c:f0:43:71:85:31:ef:
7c:80:28:ef:1b:67:65:f5:cb:c7:f8:fb:b8:c7:d2:3b:dd:2d:
84:25:5c:64:52:8e:63:69:82:7f:b3:77:9c:58:0a:b5:7e:98:
d2:7c:b4:0e:51:1b:8c:5f:cd:c8:39:27:b2:40:88:29:2c:73:
51:0c:e8:e2:00:d3:3e:a3:32:5b:ae:f7:9c:c3:6e:50:f3:59:
b1:83:db:a9:69:95:b3:89:b1:9a:5e:31:ee:cc:75:7d:45:6d:
5d:71:8e:e1:42:f3:b7:7d:60:97:e8:2d:ca:fa:43:7a:a5:4f:
a3:fa:f8:60
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgIUGKAg/CwU4E62e6GHeSSeEWHgOOQwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNjk2MjZjMmUwYjk2NGVkNWU4YmE2YTZmM2VkMGZkNjM2
Y2YzNjQ1ZDZjY2I2MTIzYjkwHhcNMjQwNTI4MTI1NjE1WhcNMjUwNTI3MTMwMTE1
WjAzMTEwLwYDVQQDEyhDQTM0MTI5QTQ0MUQzQTY5QzE0OTA4MDJGNTkxMEFFNzk1
QjQyOEU5MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqN/26NzAEU95
DbhrlbRsEuOnGomF7rQSqN6lNrcT9Ig93hGXX8CfCFSAuNYzSFtDIqtytyJsj6c8
GxOTwBnI3hIvizFKqzfl1XGwqAwES6u6wZJ7FdJaF9mFi178CqohOZjID7AU5Ata
7zPxfbh2vklK238R18QCf0vvCjWGw985GhJEo6QxzfuOSbNxtKqX+SPjBWrv96Sj
a96xRgrUbGZksgz9104GpmZYURFt2WpPjJMiZXCv7sZifZOjlVZV75r/PjDvYIP/
RCZIl+oRj1RqHnf0kdhtoKSSQkEP065dk9T6xDZHsoSFADsnu2ysz4q0Kig3N2RF
FZZjcVjTXQIDAQABo4ICizCCAocwHQYDVR0OBBYEFMo0EppEHTppwUkIAvWRCueV
tCjpMB8GA1UdIwQYMBaAFE8GHzq5hjgo92M+vEYwD5t+h3q8MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODY5M2YwNjAwMTg2YzZlN2ZkOGQzNjYwLzAv
NEYwNjFGM0FCOTg2MzgyOEY3NjMzRUJDNDYzMDBGOUI3RTg3N0FCQy5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3
ZTk3MWFjL2FkOWIzMDEwLTMxMTYtNDY0ZS04YzU4LTk1ODY1MDBmMTcwMS82OTYy
NmMyZTBiOTY0ZWQ1ZThiYTZhNmYzZWQwZmQ2MzZjZjM2NDVkNmNjYjYxMjNiOS5j
ZXIwcAYIKwYBBQUHAQsEZDBiMGAGCCsGAQUFBzALhlRyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NjkzZjA2MDAxODZjNmU3ZmQ4
ZDM2NjAvMC9BUzM5OTQ4Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAr
BggrBgEFBQcBBwEB/wQcMBowGAQCAAEwEgMEAELh/gMEAM3qkAMEAM3qtTANBgkq
hkiG9w0BAQsFAAOCAQEAjc8sm431kSL8n0Et+re6otVfN2r5bWjOyYfPGr9PwqLi
Aspb4+TW4WBTtrAgD0oYhEUqkXVyQtyZZmrmZR7ORTJiV6JYp8NeFAA5sJoMILLb
iFdZYV6Su+zrXu/L95A97j5Jc1e8UrbcUbllcmTiakV7Uzop2rFIZQHCJzzdJUej
pQk7xWRNUgcs8ENxhTHvfIAo7xtnZfXLx/j7uMfSO90thCVcZFKOY2mCf7N3nFgK
tX6Y0ny0DlEbjF/NyDknskCIKSxzUQzo4gDTPqMyW673nMNuUPNZsYPbqWmVs4mx
ml4x7sx1fUVtXXGO4ULzt31gl+gtyvpDeqVPo/r4YA==
-----END CERTIFICATE-----
Generated at Fri Nov 15 19:49:50 2024 by rpki-client on console-fra.rpki-client.org