Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/3130332e3231342e37302e302f32342d3234203d3e20313338393935.roa
File: 3130332e3231342e37302e302f32342d3234203d3e20313338393935.roa (raw, json)
Hash identifier: OQInHNk8KsqAOYqeb/z1r9kTUhBSsthZ0AGNrq6qXmw=
Subject key identifier: 03:72:22:3E:1B:8E:C5:91:AD:CF:14:5E:FB:88:C5:D5:A7:E0:DF:4D
Certificate issuer: /CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Certificate serial: 17DBE7C50EC21E24CCB3E1DB34DF87E1D637CB96
Authority key identifier: 59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/3130332e3231342e37302e302f32342d3234203d3e20313338393935.roa
Signing time: Tue 03 Jan 2023 02:07:01 +0000
ROA not before: Tue 03 Jan 2023 02:02:01 +0000
ROA not after: Tue 02 Jan 2024 02:07:01 +0000
asID: 138995
IP address blocks: 103.214.70.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
17:db:e7:c5:0e:c2:1e:24:cc:b3:e1:db:34:df:87:e1:d6:37:cb:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91115900000, serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Validity
Not Before: Jan 3 02:02:01 2023 GMT
Not After : Jan 2 02:07:01 2024 GMT
Subject: CN=0372223E1B8EC591ADCF145EFB88C5D5A7E0DF4D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:72:12:5c:9e:fa:4e:9c:aa:a0:40:fc:d0:76:
b3:9c:78:20:c1:67:51:e3:d0:fd:28:89:bb:fc:e7:
cd:aa:40:19:d4:81:e6:5c:1f:ab:dd:1c:25:5e:b6:
17:0d:cf:7d:07:26:9c:34:70:e4:11:53:a0:0e:5c:
2a:f3:78:21:6e:ae:57:c3:b7:52:71:7f:53:b4:90:
41:90:be:b5:ff:b1:83:0e:f5:ed:9e:1c:2b:44:85:
d3:05:d6:9b:c6:eb:ed:bf:1b:df:f4:39:fd:e9:33:
c2:65:34:90:50:9f:19:c8:21:43:68:cf:45:c3:1b:
f2:15:f3:3d:63:a6:b7:ab:5e:e8:23:ce:52:45:45:
b5:a0:20:ef:4b:3e:26:00:90:b0:13:86:01:dc:ad:
f7:3b:94:87:6a:e9:d3:6a:ee:66:4d:e9:65:a2:8b:
bb:24:f1:94:70:a4:c1:1c:e8:0f:f2:fa:a9:b0:1d:
d0:17:57:ac:f1:ed:1e:12:04:0f:64:9b:0c:78:f1:
12:f2:51:ae:62:44:cc:b0:b5:97:c0:fe:1c:86:ac:
a0:94:a3:55:2f:77:1a:94:15:eb:7b:d3:b5:2f:f7:
67:2f:8e:9f:a2:03:b6:f1:a5:47:38:ef:85:77:f6:
81:c0:56:44:ba:ad:a4:fb:18:2a:15:2e:9a:d7:1a:
d9:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:72:22:3E:1B:8E:C5:91:AD:CF:14:5E:FB:88:C5:D5:A7:E0:DF:4D
X509v3 Authority Key Identifier:
keyid:59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/5953AC0A64BF9656B442D3C32313435ECB495F68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/3130332e3231342e37302e302f32342d3234203d3e20313338393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.214.70.0/24
Signature Algorithm: sha256WithRSAEncryption
c7:4a:50:c8:11:a4:99:11:9d:ab:46:a3:08:88:38:91:20:a2:
0a:db:f2:a4:a9:d7:81:ef:bd:db:7b:f1:2d:70:36:ae:1e:aa:
6e:d1:35:5e:bc:55:77:14:cf:ff:85:03:a9:f0:27:37:1b:3c:
80:85:27:ce:2d:0d:e9:ac:ab:aa:43:30:53:a1:88:c5:58:68:
55:78:54:1a:ac:7a:a6:d6:96:3d:ce:8c:e9:cd:e4:f8:83:e8:
42:e2:b3:05:43:3a:ce:03:38:d8:68:44:49:8b:c3:61:90:f5:
4e:71:17:36:43:11:ae:fa:7c:e1:81:68:39:0f:33:83:95:f1:
d7:20:cc:e0:0b:f4:b5:7d:61:e2:1e:1f:72:de:14:7b:04:b3:
ba:ee:95:84:14:90:43:30:2f:a0:e1:d5:a8:68:12:5c:4b:26:
70:8e:e1:a2:1f:71:be:b8:5d:83:c4:cc:2f:69:5e:41:63:b2:
70:c6:16:61:bd:3c:2c:84:f3:3f:0f:90:96:ba:57:1d:82:bb:
38:83:b3:45:de:8e:76:09:35:7c:fc:05:d4:d8:ce:da:dc:77:
86:c3:d1:e1:0e:4a:c7:cd:a3:69:10:cf:99:06:3c:c8:f8:4a:
f8:2e:ff:0c:84:f7:bd:6c:a4:85:16:62:ef:3c:26:00:75:75:
18:b8:c7:ed
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgIUF9vnxQ7CHiTMs+HbNN+H4dY3y5YwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMTE1OTAwMDAwMTEwLwYDVQQFEyg1OTUzQUMwQTY0
QkY5NjU2QjQ0MkQzQzMyMzEzNDM1RUNCNDk1RjY4MB4XDTIzMDEwMzAyMDIwMVoX
DTI0MDEwMjAyMDcwMVowMzExMC8GA1UEAxMoMDM3MjIyM0UxQjhFQzU5MUFEQ0Yx
NDVFRkI4OEM1RDVBN0UwREY0RDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALpyElye+k6cqqBA/NB2s5x4IMFnUePQ/SiJu/znzapAGdSB5lwfq90cJV62
Fw3PfQcmnDRw5BFToA5cKvN4IW6uV8O3UnF/U7SQQZC+tf+xgw717Z4cK0SF0wXW
m8br7b8b3/Q5/ekzwmU0kFCfGcghQ2jPRcMb8hXzPWOmt6te6CPOUkVFtaAg70s+
JgCQsBOGAdyt9zuUh2rp02ruZk3pZaKLuyTxlHCkwRzoD/L6qbAd0BdXrPHtHhIE
D2SbDHjxEvJRrmJEzLC1l8D+HIasoJSjVS93GpQV63vTtS/3Zy+On6IDtvGlRzjv
hXf2gcBWRLqtpPsYKhUumtca2SkCAwEAAaOCAj4wggI6MB0GA1UdDgQWBBQDciI+
G47Fka3PFF77iMXVp+DfTTAfBgNVHSMEGDAWgBRZU6wKZL+WVrRC08MjE0Ney0lf
aDAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1
NWM5MWJlM2Y5ZC8zLzU5NTNBQzBBNjRCRjk2NTZCNDQyRDNDMzIzMTM0MzVFQ0I0
OTVGNjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL1dWT3NDbVNfbGxhMFF0UERJeE5EWHN0SlgyZy5jZXIwgaQGCCsG
AQUFBwELBIGXMIGUMIGRBggrBgEFBQcwC4aBhHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5
ZC8zLzMxMzAzMzJlMzIzMTM0MmUzNzMwMmUzMDJmMzIzNDJkMzIzNDIwM2QzZTIw
MzEzMzM4MzkzOTM1LnJvYTAYBgNVHSABAf8EDjAMMAoGCCsGAQUFBw4CMB8GCCsG
AQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAZ9ZGMA0GCSqGSIb3DQEBCwUAA4IBAQDH
SlDIEaSZEZ2rRqMIiDiRIKIK2/KkqdeB773be/EtcDauHqpu0TVevFV3FM//hQOp
8Cc3GzyAhSfOLQ3prKuqQzBToYjFWGhVeFQarHqm1pY9zozpzeT4g+hC4rMFQzrO
AzjYaERJi8NhkPVOcRc2QxGu+nzhgWg5DzODlfHXIMzgC/S1fWHiHh9y3hR7BLO6
7pWEFJBDMC+g4dWoaBJcSyZwjuGiH3G+uF2DxMwvaV5BY7JwxhZhvTwshPM/D5CW
ulcdgrs4g7NF3o52CTV8/AXU2M7a3HeGw9HhDkrHzaNpEM+ZBjzI+Er4Lv8MhPe9
bKSFFmLvPCYAdXUYuMft
-----END CERTIFICATE-----
Generated at Sun May 11 17:48:11 2025 by rpki-client