Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/3130332e3231342e36382e302f32322d3234203d3e203631313338.roa
File: 3130332e3231342e36382e302f32322d3234203d3e203631313338.roa (raw, json)
Hash identifier: dGbIOvcRNHTA7hG1uAWdopvMJ48C6qJsCcPcvrmxo9w=
Subject key identifier: AF:A6:3B:F8:B5:C3:67:74:A4:24:EA:57:60:21:EB:A6:27:51:4F:68
Certificate issuer: /CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Certificate serial: 28EC2AEB64622F8F8BB01C4571DAB0E0BBD9034C
Authority key identifier: 59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/3130332e3231342e36382e302f32322d3234203d3e203631313338.roa
Signing time: Tue 03 Jan 2023 02:07:02 +0000
ROA not before: Tue 03 Jan 2023 02:02:02 +0000
ROA not after: Tue 02 Jan 2024 02:07:02 +0000
asID: 61138
IP address blocks: 103.214.68.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
28:ec:2a:eb:64:62:2f:8f:8b:b0:1c:45:71:da:b0:e0:bb:d9:03:4c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Validity
Not Before: Jan 3 02:02:02 2023 GMT
Not After : Jan 2 02:07:02 2024 GMT
Subject: CN=AFA63BF8B5C36774A424EA576021EBA627514F68
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:c1:d6:1f:06:ff:0a:8c:53:fb:34:2a:29:38:
de:be:a5:8e:00:27:aa:26:c4:78:01:a9:d4:0c:14:
52:01:65:7c:33:24:fe:d8:79:7f:62:88:68:51:a3:
da:73:a4:24:c0:c3:c7:e0:9f:39:f3:1c:79:4f:06:
a1:ba:d6:8d:b3:ed:1b:3c:a8:85:98:c7:1f:77:7f:
92:44:8c:3b:53:29:04:7d:c4:1c:6a:80:94:73:84:
7e:08:18:0e:29:d1:26:a3:07:0a:89:d6:c1:47:3b:
50:72:f0:88:64:ee:27:17:f5:7c:26:49:4c:b6:24:
b8:65:59:04:d2:97:09:f9:e8:70:8d:d7:fc:9f:55:
3e:d5:20:ca:60:42:b7:66:dc:ad:2d:b0:b0:1e:6c:
17:ba:31:01:da:31:0a:22:f0:b2:35:37:51:56:93:
49:ef:c8:85:c0:dd:58:f2:eb:52:d6:94:03:c9:13:
3d:f6:b1:5d:13:d1:ef:e0:ea:f7:3b:ff:17:d4:c2:
e3:95:10:18:4d:49:b5:29:df:43:fd:04:0a:e4:42:
c0:0a:c9:eb:99:bc:f3:e0:aa:0e:53:c7:43:34:78:
c8:70:11:76:23:b6:a9:48:05:8e:75:03:38:54:ac:
49:a6:e6:f4:7a:fa:a2:bc:83:14:aa:0b:c6:e7:83:
13:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:A6:3B:F8:B5:C3:67:74:A4:24:EA:57:60:21:EB:A6:27:51:4F:68
X509v3 Authority Key Identifier:
keyid:59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/5953AC0A64BF9656B442D3C32313435ECB495F68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/3130332e3231342e36382e302f32322d3234203d3e203631313338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.214.68.0/22
Signature Algorithm: sha256WithRSAEncryption
53:86:3c:e0:bc:da:b1:3f:81:b2:4c:ce:fa:46:4f:b8:74:bd:
f7:e6:37:c0:66:9a:a4:5e:7b:e0:72:d6:fc:3d:d1:53:7b:bd:
b5:1c:8a:9f:c0:d1:35:63:fa:51:79:83:ff:9d:d8:ae:4e:53:
e6:bf:23:82:e4:8d:5f:d5:fe:2a:82:32:8e:1e:44:10:f7:d4:
e8:29:f1:84:e9:83:72:4b:d5:d3:68:0c:62:6f:37:5c:ea:e2:
d9:cd:e6:e1:6b:c8:6f:ff:25:66:56:a5:2c:6c:3b:b2:2b:b2:
e2:91:93:ae:11:53:da:00:fa:aa:db:8c:47:d0:1b:58:82:a5:
3c:9e:5a:cd:6d:93:d9:36:6f:f5:9e:71:24:82:03:f8:be:3c:
33:3b:fb:e3:be:98:83:e8:f6:17:5f:27:bb:8b:cb:7f:f5:ba:
30:d3:e3:d5:99:fd:ea:2c:29:47:42:a7:b4:63:0c:ec:b8:74:
a2:80:c8:93:93:29:04:50:11:50:4b:2c:36:b9:7e:c8:ef:ca:
20:80:b3:77:c8:81:f2:68:4d:a4:38:d8:59:42:5e:87:fc:3e:
0f:dc:14:48:0a:7f:d1:e5:51:e1:1f:16:d2:40:1a:d0:5b:26:
5c:64:a7:9d:96:11:39:f6:32:23:1c:19:1d:5e:1e:1b:88:6b:
53:2e:ff:09
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUKOwq62RiL4+LsBxFcdqw4LvZA0wwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMTE1OTAwMDAwMTEwLwYDVQQFEyg1OTUzQUMwQTY0
QkY5NjU2QjQ0MkQzQzMyMzEzNDM1RUNCNDk1RjY4MB4XDTIzMDEwMzAyMDIwMloX
DTI0MDEwMjAyMDcwMlowMzExMC8GA1UEAxMoQUZBNjNCRjhCNUMzNjc3NEE0MjRF
QTU3NjAyMUVCQTYyNzUxNEY2ODCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANjB1h8G/wqMU/s0Kik43r6ljgAnqibEeAGp1AwUUgFlfDMk/th5f2KIaFGj
2nOkJMDDx+CfOfMceU8GobrWjbPtGzyohZjHH3d/kkSMO1MpBH3EHGqAlHOEfggY
DinRJqMHConWwUc7UHLwiGTuJxf1fCZJTLYkuGVZBNKXCfnocI3X/J9VPtUgymBC
t2bcrS2wsB5sF7oxAdoxCiLwsjU3UVaTSe/IhcDdWPLrUtaUA8kTPfaxXRPR7+Dq
9zv/F9TC45UQGE1JtSnfQ/0ECuRCwArJ65m88+CqDlPHQzR4yHARdiO2qUgFjnUD
OFSsSabm9Hr6oryDFKoLxueDEwcCAwEAAaOCAjwwggI4MB0GA1UdDgQWBBSvpjv4
tcNndKQk6ldgIeumJ1FPaDAfBgNVHSMEGDAWgBRZU6wKZL+WVrRC08MjE0Ney0lf
aDAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1
NWM5MWJlM2Y5ZC8zLzU5NTNBQzBBNjRCRjk2NTZCNDQyRDNDMzIzMTM0MzVFQ0I0
OTVGNjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL1dWT3NDbVNfbGxhMFF0UERJeE5EWHN0SlgyZy5jZXIwgaIGCCsG
AQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5
ZC8zLzMxMzAzMzJlMzIzMTM0MmUzNjM4MmUzMDJmMzIzMjJkMzIzNDIwM2QzZTIw
MzYzMTMxMzMzOC5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAmfWRDANBgkqhkiG9w0BAQsFAAOCAQEAU4Y8
4LzasT+BskzO+kZPuHS99+Y3wGaapF574HLW/D3RU3u9tRyKn8DRNWP6UXmD/53Y
rk5T5r8jguSNX9X+KoIyjh5EEPfU6CnxhOmDckvV02gMYm83XOri2c3m4WvIb/8l
ZlalLGw7siuy4pGTrhFT2gD6qtuMR9AbWIKlPJ5azW2T2TZv9Z5xJIID+L48Mzv7
476Yg+j2F18nu4vLf/W6MNPj1Zn96iwpR0KntGMM7Lh0ooDIk5MpBFARUEssNrl+
yO/KIICzd8iB8mhNpDjYWUJeh/w+D9wUSAp/0eVR4R8W0kAa0FsmXGSnnZYROfYy
IxwZHV4eG4hrUy7/CQ==
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:44 2024 by rpki-client on console-ams.rpki-client.org