Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS400529.roa
File: AS400529.roa (raw, json)
Hash identifier: ms2v//0Nx6KrzC20BIpb5TRLSXUtHcv1CC635DnWhEs=
Subject key identifier: 4E:22:7F:01:72:8D:9F:D0:0B:F5:E7:03:A9:44:3E:31:63:8D:1B:97
Certificate issuer: /CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Certificate serial: 67EBD4BEB0D01C7048370BC1A2C56A871CD5687A
Authority key identifier: 4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS400529.roa
Signing time: Mon 01 Jul 2024 04:48:59 +0000
ROA not before: Mon 01 Jul 2024 04:43:59 +0000
ROA not after: Mon 30 Jun 2025 04:48:59 +0000
asID: 400529
IP address blocks: 205.234.243.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
67:eb:d4:be:b0:d0:1c:70:48:37:0b:c1:a2:c5:6a:87:1c:d5:68:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Validity
Not Before: Jul 1 04:43:59 2024 GMT
Not After : Jun 30 04:48:59 2025 GMT
Subject: CN=4E227F01728D9FD00BF5E703A9443E31638D1B97
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:74:89:15:cb:d1:cf:f5:b9:17:d5:60:c1:52:
50:a8:15:8d:8b:0b:8d:78:81:c1:6e:45:7d:d3:e9:
8d:cd:dc:55:55:10:7d:62:8c:e8:a6:e0:e3:8f:8a:
b3:d7:36:39:b3:23:7a:98:0f:a6:ba:82:7d:48:23:
0c:b9:c7:b6:2d:f0:af:cc:17:16:a1:9d:1e:83:05:
ff:2a:ae:a7:b6:3f:5d:3f:c4:0e:84:66:76:c1:4b:
92:94:2c:8f:6f:21:01:97:b5:e1:84:8e:4b:35:f1:
42:a9:99:67:e3:f4:e7:77:f0:13:af:69:ca:dc:08:
59:f1:6c:cd:16:0d:ef:a8:91:fb:94:07:8b:59:81:
da:89:77:a0:c8:3b:25:ab:f4:9e:0b:24:0c:76:34:
19:a7:5e:18:a3:70:a9:b3:26:b5:60:6f:6a:92:fd:
64:ee:85:3f:3d:a0:0a:9b:b0:7c:d2:4e:e1:8d:59:
f5:c7:61:8e:90:7c:c2:d6:b6:c4:98:06:b1:ac:11:
cf:a2:a2:2e:b1:7a:da:1e:e8:da:03:6e:e0:25:ae:
f3:02:ef:ad:9b:a4:30:0e:a8:96:5d:6f:9d:43:ea:
37:0e:c2:ff:e7:a9:d5:4c:13:2e:6b:14:72:d4:1c:
12:38:5c:e1:14:14:f1:65:0d:b8:6d:e3:f0:d0:82:
48:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:22:7F:01:72:8D:9F:D0:0B:F5:E7:03:A9:44:3E:31:63:8D:1B:97
X509v3 Authority Key Identifier:
keyid:4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/4F061F3AB9863828F7633EBC46300F9B7E877ABC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS400529.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
205.234.243.0/24
Signature Algorithm: sha256WithRSAEncryption
31:25:c2:90:2a:90:84:85:0c:1f:29:40:c1:d2:c1:a1:f7:46:
e7:2e:7f:4a:25:5e:5e:56:ba:06:08:9e:74:1b:9e:98:36:44:
44:81:51:0d:41:b7:e2:f9:1d:a5:c7:d2:f2:41:b6:be:d7:7e:
7d:bc:78:29:c6:5b:fa:f9:b6:34:e7:c9:ff:86:32:d6:42:61:
2a:c5:e9:09:04:e0:5b:fd:d3:76:d5:c0:72:1a:24:db:21:c1:
a4:8a:a1:8d:27:03:98:ea:8c:cc:a3:6c:8c:3a:36:71:d0:03:
9d:e0:76:e0:27:96:ca:3d:94:bf:e1:14:9a:20:7c:82:41:33:
50:a7:9c:ac:fb:1a:97:f2:7c:87:2e:b9:8c:ad:c7:02:0c:d5:
32:8a:ee:1e:6b:6d:93:87:cb:5c:2e:1c:8c:dc:b0:90:02:2d:
c0:fc:fc:38:38:15:65:b0:a2:6d:05:0d:6e:81:a2:5c:7b:1c:
61:e1:77:60:0a:5d:0d:f5:24:c5:01:55:1b:45:31:4d:2e:f9:
16:d3:46:38:26:b3:68:5d:cc:23:4e:e0:f1:db:af:2e:56:42:
4b:e4:ab:b7:e0:ca:1b:c9:50:3f:e6:42:8f:de:9b:34:17:0f:
13:78:7e:c1:1e:75:8c:c9:de:07:01:3e:8f:89:83:b3:e6:03:
16:6a:84:eb
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgIUZ+vUvrDQHHBINwvBosVqhxzVaHowDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNjk2MjZjMmUwYjk2NGVkNWU4YmE2YTZmM2VkMGZkNjM2
Y2YzNjQ1ZDZjY2I2MTIzYjkwHhcNMjQwNzAxMDQ0MzU5WhcNMjUwNjMwMDQ0ODU5
WjAzMTEwLwYDVQQDEyg0RTIyN0YwMTcyOEQ5RkQwMEJGNUU3MDNBOTQ0M0UzMTYz
OEQxQjk3MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm3SJFcvRz/W5
F9VgwVJQqBWNiwuNeIHBbkV90+mNzdxVVRB9YozopuDjj4qz1zY5syN6mA+muoJ9
SCMMuce2LfCvzBcWoZ0egwX/Kq6ntj9dP8QOhGZ2wUuSlCyPbyEBl7XhhI5LNfFC
qZln4/Tnd/ATr2nK3AhZ8WzNFg3vqJH7lAeLWYHaiXegyDslq/SeCyQMdjQZp14Y
o3Cpsya1YG9qkv1k7oU/PaAKm7B80k7hjVn1x2GOkHzC1rbEmAaxrBHPoqIusXra
HujaA27gJa7zAu+tm6QwDqiWXW+dQ+o3DsL/56nVTBMuaxRy1BwSOFzhFBTxZQ24
bePw0IJIJQIDAQABo4ICfzCCAnswHQYDVR0OBBYEFE4ifwFyjZ/QC/XnA6lEPjFj
jRuXMB8GA1UdIwQYMBaAFE8GHzq5hjgo92M+vEYwD5t+h3q8MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODY5M2YwNjAwMTg2YzZlN2ZkOGQzNjYwLzAv
NEYwNjFGM0FCOTg2MzgyOEY3NjMzRUJDNDYzMDBGOUI3RTg3N0FCQy5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3
ZTk3MWFjL2FkOWIzMDEwLTMxMTYtNDY0ZS04YzU4LTk1ODY1MDBmMTcwMS82OTYy
NmMyZTBiOTY0ZWQ1ZThiYTZhNmYzZWQwZmQ2MzZjZjM2NDVkNmNjYjYxMjNiOS5j
ZXIwcAYIKwYBBQUHAQsEZDBiMGAGCCsGAQUFBzALhlRyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NjkzZjA2MDAxODZjNmU3ZmQ4
ZDM2NjAvMC9BUzQwMDUyOS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAf
BggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAM3q8zANBgkqhkiG9w0BAQsFAAOC
AQEAMSXCkCqQhIUMHylAwdLBofdG5y5/SiVeXla6BgiedBuemDZERIFRDUG34vkd
pcfS8kG2vtd+fbx4KcZb+vm2NOfJ/4Yy1kJhKsXpCQTgW/3TdtXAchok2yHBpIqh
jScDmOqMzKNsjDo2cdADneB24CeWyj2Uv+EUmiB8gkEzUKecrPsal/J8hy65jK3H
AgzVMoruHmttk4fLXC4cjNywkAItwPz8ODgVZbCibQUNboGiXHscYeF3YApdDfUk
xQFVG0UxTS75FtNGOCazaF3MI07g8duvLlZCS+Srt+DKG8lQP+ZCj96bNBcPE3h+
wR51jMneBwE+j4mDs+YDFmqE6w==
-----END CERTIFICATE-----
Generated at Fri Nov 15 19:49:50 2024 by rpki-client on console-fra.rpki-client.org