Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS996.roa
File: AS996.roa (raw, json)
Hash identifier: MP02LOtL5/ioYPL/Jfd8dnThPk35p1Mc3i8z7MJL97k=
Subject key identifier: 27:63:91:8C:68:F2:C4:EF:C8:82:58:88:9E:58:D4:D1:FA:3A:A8:14
Certificate issuer: /CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Certificate serial: 68ABDFF5D6669702543E07180CAE1FC67EC44701
Authority key identifier: 4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
Authority info access: rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS996.roa
Signing time: Sun 30 Jun 2024 16:48:59 +0000
ROA not before: Sun 30 Jun 2024 16:43:59 +0000
ROA not after: Sun 29 Jun 2025 16:48:59 +0000
asID: 996
IP address blocks: 66.225.255.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
68:ab:df:f5:d6:66:97:02:54:3e:07:18:0c:ae:1f:c6:7e:c4:47:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9
Validity
Not Before: Jun 30 16:43:59 2024 GMT
Not After : Jun 29 16:48:59 2025 GMT
Subject: CN=2763918C68F2C4EFC88258889E58D4D1FA3AA814
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:08:62:21:90:8d:d2:32:75:e3:8c:87:b4:c9:
58:49:84:d8:8d:ac:67:7b:34:0c:51:1c:aa:71:6b:
df:74:9e:a8:84:45:93:85:ef:7e:10:58:96:ef:6e:
66:27:96:6b:9a:d2:57:f5:b7:45:11:af:7c:06:0d:
de:28:ac:71:c7:95:7c:f6:84:9a:15:5f:23:ca:17:
40:a6:b8:dd:dc:de:79:b6:de:b2:be:1a:40:ac:87:
d5:7b:28:37:bd:f1:67:c1:d6:1d:35:d5:19:f4:42:
35:9d:64:0b:24:0c:f0:c5:24:d2:eb:5d:4e:ff:a9:
46:54:ee:7e:81:79:24:92:0a:1a:79:fe:dc:a5:4f:
ea:6f:e1:41:d1:45:99:5f:5e:9c:c8:15:3d:0e:08:
9d:9e:b1:ba:f4:a7:e0:e0:39:7f:6c:b9:d7:75:1e:
52:84:9f:97:92:13:91:a0:16:04:0d:00:a8:52:fe:
3c:18:ce:8b:a8:ba:04:4f:08:30:fe:4e:6c:7b:ef:
83:65:e1:1c:6f:f4:b3:b5:80:4e:bd:b0:84:cc:24:
0c:03:2b:c6:ef:f3:bb:af:e0:6e:89:1d:a0:4a:32:
9f:7e:a9:36:67:da:f6:df:fc:0f:3c:11:97:d8:6e:
c8:82:09:9f:96:b7:5f:63:54:83:f4:d4:2d:b0:ee:
b5:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
27:63:91:8C:68:F2:C4:EF:C8:82:58:88:9E:58:D4:D1:FA:3A:A8:14
X509v3 Authority Key Identifier:
keyid:4F:06:1F:3A:B9:86:38:28:F7:63:3E:BC:46:30:0F:9B:7E:87:7A:BC
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/4F061F3AB9863828F7633EBC46300F9B7E877ABC.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.arin.net/repository/arin-rpki-ta/5e4a23ea-e80a-403e-b08c-2171da2157d3/521eb33f-9672-4cd9-acce-137227e971ac/ad9b3010-3116-464e-8c58-9586500f1701/69626c2e0b964ed5e8ba6a6f3ed0fd636cf3645d6ccb6123b9.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848ade8693f0600186c6e7fd8d3660/0/AS996.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
66.225.255.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:18:a4:05:76:c7:c1:ad:a6:93:56:be:29:4a:89:eb:39:69:
cf:99:c3:47:2e:40:50:00:58:da:33:05:e3:13:b7:a0:30:11:
bd:4b:d2:0f:02:f6:f6:10:5b:ec:40:a8:7e:00:29:9e:0c:fc:
09:12:58:a7:fa:3d:b0:ce:a9:a5:2b:29:00:d5:b8:9a:e2:0e:
43:59:5f:a1:25:b2:93:ce:66:d8:8f:a4:a0:f6:68:13:57:83:
df:d4:79:cf:4a:78:9b:6d:6d:48:55:8e:b9:d2:41:5d:6f:3e:
28:4d:34:a2:08:10:b1:f9:55:ca:c6:89:99:f6:fb:f0:d2:bd:
95:42:72:45:f5:12:32:04:ab:15:e7:93:af:89:45:6e:de:ba:
12:0f:db:04:b9:df:39:fe:d6:71:f0:b7:a7:7d:d5:11:88:bb:
47:2f:40:1b:9a:c4:37:36:d5:7b:fa:73:ad:ab:a8:db:b1:65:
b1:49:c6:6c:5b:fe:02:11:fb:69:02:23:4c:41:d6:a3:e2:08:
30:74:a8:04:93:6a:e1:74:c7:14:bd:9c:fe:2e:cf:e4:99:39:
2f:fe:58:b4:35:b6:31:a5:24:10:cc:16:51:d1:bd:a1:a9:d1:
42:37:f5:a9:fe:06:e2:78:6d:5b:69:1d:1e:94:da:ca:bc:06:
6d:7c:0e:ac
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgIUaKvf9dZmlwJUPgcYDK4fxn7ERwEwDQYJKoZIhvcNAQEL
BQAwPTE7MDkGA1UEAxMyNjk2MjZjMmUwYjk2NGVkNWU4YmE2YTZmM2VkMGZkNjM2
Y2YzNjQ1ZDZjY2I2MTIzYjkwHhcNMjQwNjMwMTY0MzU5WhcNMjUwNjI5MTY0ODU5
WjAzMTEwLwYDVQQDEygyNzYzOTE4QzY4RjJDNEVGQzg4MjU4ODg5RTU4RDREMUZB
M0FBODE0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQhiIZCN0jJ1
44yHtMlYSYTYjaxnezQMURyqcWvfdJ6ohEWThe9+EFiW725mJ5ZrmtJX9bdFEa98
Bg3eKKxxx5V89oSaFV8jyhdAprjd3N55tt6yvhpArIfVeyg3vfFnwdYdNdUZ9EI1
nWQLJAzwxSTS611O/6lGVO5+gXkkkgoaef7cpU/qb+FB0UWZX16cyBU9DgidnrG6
9Kfg4Dl/bLnXdR5ShJ+XkhORoBYEDQCoUv48GM6LqLoETwgw/k5se++DZeEcb/Sz
tYBOvbCEzCQMAyvG7/O7r+BuiR2gSjKffqk2Z9r23/wPPBGX2G7IggmflrdfY1SD
9NQtsO61AwIDAQABo4ICfDCCAngwHQYDVR0OBBYEFCdjkYxo8sTvyIJYiJ5Y1NH6
OqgUMB8GA1UdIwQYMBaAFE8GHzq5hjgo92M+vEYwD5t+h3q8MA4GA1UdDwEB/wQE
AwIHgDCBhQYDVR0fBH4wfDB6oHigdoZ0cnN5bmM6Ly9ycGtpLXJwcy5hcmluLm5l
dC9yZXBvc2l0b3J5LzhhODQ4YWRlODY5M2YwNjAwMTg2YzZlN2ZkOGQzNjYwLzAv
NEYwNjFGM0FCOTg2MzgyOEY3NjMzRUJDNDYzMDBGOUI3RTg3N0FCQy5jcmwwgfMG
CCsGAQUFBwEBBIHmMIHjMIHgBggrBgEFBQcwAoaB03JzeW5jOi8vcnBraS5hcmlu
Lm5ldC9yZXBvc2l0b3J5L2FyaW4tcnBraS10YS81ZTRhMjNlYS1lODBhLTQwM2Ut
YjA4Yy0yMTcxZGEyMTU3ZDMvNTIxZWIzM2YtOTY3Mi00Y2Q5LWFjY2UtMTM3MjI3
ZTk3MWFjL2FkOWIzMDEwLTMxMTYtNDY0ZS04YzU4LTk1ODY1MDBmMTcwMS82OTYy
NmMyZTBiOTY0ZWQ1ZThiYTZhNmYzZWQwZmQ2MzZjZjM2NDVkNmNjYjYxMjNiOS5j
ZXIwbQYIKwYBBQUHAQsEYTBfMF0GCCsGAQUFBzALhlFyc3luYzovL3Jwa2ktcnBz
LmFyaW4ubmV0L3JlcG9zaXRvcnkvOGE4NDhhZGU4NjkzZjA2MDAxODZjNmU3ZmQ4
ZDM2NjAvMC9BUzk5Ni5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggr
BgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAELh/zANBgkqhkiG9w0BAQsFAAOCAQEA
LBikBXbHwa2mk1a+KUqJ6zlpz5nDRy5AUABY2jMF4xO3oDARvUvSDwL29hBb7ECo
fgApngz8CRJYp/o9sM6ppSspANW4muIOQ1lfoSWyk85m2I+koPZoE1eD39R5z0p4
m21tSFWOudJBXW8+KE00oggQsflVysaJmfb78NK9lUJyRfUSMgSrFeeTr4lFbt66
Eg/bBLnfOf7WcfC3p33VEYi7Ry9AG5rENzbVe/pzrauo27FlsUnGbFv+AhH7aQIj
TEHWo+IIMHSoBJNq4XTHFL2c/i7P5Jk5L/5YtDW2MaUkEMwWUdG9oanRQjf1qf4G
4nhtW2kdHpTayrwGbXwOrA==
-----END CERTIFICATE-----
Generated at Fri Nov 15 20:45:04 2024 by rpki-client on console-ams.rpki-client.org