Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS5065.roa
File: AS5065.roa (raw, json)
Hash identifier: 7Tki3CuG2YUdb+bfIhZYulBTGGaABkPt/6/Mc+Z4ROQ=
Subject key identifier: F3:0A:02:08:1F:77:B4:79:A2:13:64:0F:4B:62:47:1E:79:6A:03:72
Certificate issuer: /CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Certificate serial: 27283DB250B82967F684FF1E73F8397904047CBF
Authority key identifier: 4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS5065.roa
Signing time: Fri 19 Jan 2024 12:30:13 +0000
ROA not before: Fri 19 Jan 2024 12:25:13 +0000
ROA not after: Fri 17 Jan 2025 12:30:13 +0000
asID: 5065
IP address blocks: 64.202.127.0/24 maxlen: 24
66.225.253.0/24 maxlen: 24
216.246.56.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
27:28:3d:b2:50:b8:29:67:f6:84:ff:1e:73:f8:39:79:04:04:7c:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Validity
Not Before: Jan 19 12:25:13 2024 GMT
Not After : Jan 17 12:30:13 2025 GMT
Subject: CN=F30A02081F77B479A213640F4B62471E796A0372
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:9d:02:33:ad:f5:e6:e7:91:9e:27:82:f4:35:
a3:ea:f5:39:b0:f8:55:95:8e:b3:ff:93:9b:51:70:
56:b6:65:fc:1a:70:bf:f5:76:e1:16:62:ec:33:9a:
65:0e:29:62:1f:7a:1a:6b:96:3e:4c:91:55:41:41:
4a:56:16:53:dd:fe:fc:2b:9d:6a:94:38:a8:78:64:
42:ae:2a:a4:b5:b1:74:b4:c6:ef:55:d9:5b:b3:48:
58:ab:e1:40:29:a7:7f:b0:2a:4f:6c:ea:78:a4:84:
64:86:44:b5:cc:44:44:0c:42:fe:1e:58:de:ca:49:
9d:e8:14:e6:39:64:0d:d3:c9:19:4d:86:70:7d:20:
86:06:23:2a:bd:81:aa:a2:0d:7a:3f:6b:0c:12:29:
fb:bd:d6:d5:d8:10:33:27:64:a8:d8:18:55:35:4e:
c5:02:de:52:ab:81:4a:eb:f7:4a:50:15:6c:48:7a:
6b:f0:64:f6:3a:9c:7a:51:c1:a1:bd:1a:63:cc:cc:
33:be:61:1a:b3:e1:0d:0d:1d:b2:b1:fa:34:a8:cc:
0d:a5:75:cc:dd:8e:dd:90:4b:e3:16:b1:66:17:01:
18:33:d7:e9:60:12:ee:fb:62:1d:d6:2f:5d:01:f7:
90:0c:58:5d:ba:b3:08:6d:68:16:e5:a9:4f:36:f2:
7f:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:0A:02:08:1F:77:B4:79:A2:13:64:0F:4B:62:47:1E:79:6A:03:72
X509v3 Authority Key Identifier:
keyid:4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/4F061F3AB9863828F7633EBC46300F9B7E877ABC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS5065.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
64.202.127.0/24
66.225.253.0/24
216.246.56.0/24
Signature Algorithm: sha256WithRSAEncryption
97:9e:89:97:6c:68:8f:50:e8:c6:0e:b4:64:81:e2:3b:b5:21:
56:cc:24:56:3e:a2:2b:61:0d:c1:22:f1:a0:17:9f:b8:1d:63:
5c:98:bf:40:23:1d:be:51:9c:3c:74:6a:38:d2:f7:3c:ba:da:
5b:33:6e:d0:78:30:f0:c1:76:55:8c:b8:09:0f:e9:c5:d5:dd:
02:61:83:c0:ec:7c:09:bf:2e:5d:ab:21:31:b3:dc:6a:e0:32:
ef:5e:f7:66:2d:d9:72:04:8e:18:88:e2:1f:97:30:15:8f:a3:
bf:87:9f:8f:72:13:f9:f9:29:a1:fd:ca:4d:a5:3c:2f:87:f6:
59:9d:11:09:32:4b:4f:08:2a:24:64:64:39:c2:fe:31:57:41:
41:98:8e:45:ee:51:b2:00:a8:c6:05:f7:6b:03:ed:43:95:66:
c3:a7:28:5f:dc:b1:67:52:c9:e7:79:45:db:f8:ce:e6:45:37:
52:4a:cd:58:3e:63:1f:e1:aa:f5:67:e2:de:a0:c2:29:3c:d3:
35:a9:e7:1d:af:ed:d8:b8:51:d2:84:29:84:d7:47:45:a7:65:
52:fe:6a:3f:8d:b9:5c:cc:a9:1a:cc:e1:a7:b6:0d:f2:98:a5:
49:e7:02:7e:18:5f:55:5b:a4:b5:7a:96:59:19:04:bf:77:a1:
08:da:25:dd
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgIUJyg9slC4KWf2hP8ec/g5eQQEfL8wDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNjk2MjZjMmUwYjk2NGVkNWU4YmE2YTZmM2VkMGZkNjM2
Y2YzNjQ1ZDZjY2I2MTIzYjkwHhcNMjQwMTE5MTIyNTEzWhcNMjUwMTE3MTIzMDEz
WjAzMTEwLwYDVQQDEyhGMzBBMDIwODFGNzdCNDc5QTIxMzY0MEY0QjYyNDcxRTc5
NkEwMzcyMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz50CM6315ueR
nieC9DWj6vU5sPhVlY6z/5ObUXBWtmX8GnC/9XbhFmLsM5plDiliH3oaa5Y+TJFV
QUFKVhZT3f78K51qlDioeGRCriqktbF0tMbvVdlbs0hYq+FAKad/sCpPbOp4pIRk
hkS1zEREDEL+Hljeykmd6BTmOWQN08kZTYZwfSCGBiMqvYGqog16P2sMEin7vdbV
2BAzJ2So2BhVNU7FAt5Sq4FK6/dKUBVsSHpr8GT2Opx6UcGhvRpjzMwzvmEas+EN
DR2ysfo0qMwNpXXM3Y7dkEvjFrFmFwEYM9fpYBLu+2Id1i9dAfeQDFhdurMIbWgW
5alPNvJ/5QIDAQABo4ICiTCCAoUwHQYDVR0OBBYEFPMKAggfd7R5ohNkD0tiRx55
agNyMB8GA1UdIwQYMBaAFE8GHzq5hjgo92M+vEYwD5t+h3q8MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODY5M2YwNjAwMTg2YzZlN2ZkOGQzNjYwLzAv
NEYwNjFGM0FCOTg2MzgyOEY3NjMzRUJDNDYzMDBGOUI3RTg3N0FCQy5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3
ZTk3MWFjL2FkOWIzMDEwLTMxMTYtNDY0ZS04YzU4LTk1ODY1MDBmMTcwMS82OTYy
NmMyZTBiOTY0ZWQ1ZThiYTZhNmYzZWQwZmQ2MzZjZjM2NDVkNmNjYjYxMjNiOS5j
ZXIwbgYIKwYBBQUHAQsEYjBgMF4GCCsGAQUFBzALhlJyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NjkzZjA2MDAxODZjNmU3ZmQ4
ZDM2NjAvMC9BUzUwNjUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwKwYI
KwYBBQUHAQcBAf8EHDAaMBgEAgABMBIDBABAyn8DBABC4f0DBADY9jgwDQYJKoZI
hvcNAQELBQADggEBAJeeiZdsaI9Q6MYOtGSB4ju1IVbMJFY+oithDcEi8aAXn7gd
Y1yYv0AjHb5RnDx0ajjS9zy62lszbtB4MPDBdlWMuAkP6cXV3QJhg8DsfAm/Ll2r
ITGz3GrgMu9e92Yt2XIEjhiI4h+XMBWPo7+Hn49yE/n5KaH9yk2lPC+H9lmdEQky
S08IKiRkZDnC/jFXQUGYjkXuUbIAqMYF92sD7UOVZsOnKF/csWdSyed5Rdv4zuZF
N1JKzVg+Yx/hqvVn4t6gwik80zWp5x2v7di4UdKEKYTXR0WnZVL+aj+NuVzMqRrM
4ae2DfKYpUnnAn4YX1VbpLV6llkZBL93oQjaJd0=
-----END CERTIFICATE-----
Generated at Fri Nov 15 19:49:50 2024 by rpki-client on console-fra.rpki-client.org