Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/3130332e3233302e3134332e302f32342d3234203d3e20323033303938.roa
File: 3130332e3233302e3134332e302f32342d3234203d3e20323033303938.roa (raw, json)
Hash identifier: k19spGiYSs1lOP918THVVrc1KJkA9MX8RnEw5LINQg4=
Subject key identifier: DB:A9:9D:CD:26:9F:C2:7C:B6:1C:E7:36:DD:A8:DF:FD:65:43:FB:A6
Certificate issuer: /CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Certificate serial: 01A184380ACA062008BAD8C16F75C2630ACFF937
Authority key identifier: 59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/3130332e3233302e3134332e302f32342d3234203d3e20323033303938.roa
Signing time: Tue 03 Jan 2023 02:07:01 +0000
ROA not before: Tue 03 Jan 2023 02:02:01 +0000
ROA not after: Tue 02 Jan 2024 02:07:01 +0000
asID: 203098
IP address blocks: 103.230.143.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:a1:84:38:0a:ca:06:20:08:ba:d8:c1:6f:75:c2:63:0a:cf:f9:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Validity
Not Before: Jan 3 02:02:01 2023 GMT
Not After : Jan 2 02:07:01 2024 GMT
Subject: CN=DBA99DCD269FC27CB61CE736DDA8DFFD6543FBA6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c9:b1:47:2c:0f:de:29:8c:6e:f3:8c:e9:91:
e7:0d:fb:c9:4c:4f:58:5e:1c:fc:d9:4c:0d:c9:1e:
5d:82:29:96:40:dd:40:28:d2:37:60:7e:d9:16:29:
b3:1e:16:d4:e2:52:98:e1:6a:37:2d:ac:3e:58:5e:
cd:24:f3:61:ab:78:a6:7b:32:9d:9b:54:33:dd:be:
65:43:e0:dc:11:83:8b:40:ce:31:3e:5f:86:07:e2:
f6:85:a0:51:1f:63:f2:9b:62:eb:b4:bb:14:c4:d4:
5b:5a:70:c9:fb:d3:76:c1:5f:b0:68:f7:5a:2a:74:
53:7e:bd:b7:36:5f:f2:ef:54:b7:3a:50:ae:da:65:
b2:aa:e9:60:12:c6:5c:4f:f3:f1:15:24:3b:29:fb:
9d:d8:ea:cf:22:74:57:7f:57:92:4b:d8:89:49:1c:
60:c3:96:3c:27:09:9f:8f:34:e1:37:6a:83:8a:39:
85:f5:09:87:b8:28:2f:19:75:46:2d:38:a5:0f:92:
a6:60:dc:4a:b2:31:03:6f:b1:62:16:e7:a6:b0:b0:
fd:68:6f:d1:55:2d:31:15:d7:c6:a2:85:e2:13:d5:
e1:9e:2b:da:72:15:aa:23:46:fd:25:61:66:4a:35:
ec:5e:09:0e:c9:80:89:96:12:47:03:8a:c5:b0:81:
56:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:A9:9D:CD:26:9F:C2:7C:B6:1C:E7:36:DD:A8:DF:FD:65:43:FB:A6
X509v3 Authority Key Identifier:
keyid:59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/5953AC0A64BF9656B442D3C32313435ECB495F68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/3130332e3233302e3134332e302f32342d3234203d3e20323033303938.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
103.230.143.0/24
Signature Algorithm: sha256WithRSAEncryption
0e:a8:37:a4:97:1f:76:a0:c9:a9:38:70:07:32:09:fa:5a:a6:
11:7d:ab:21:65:43:d2:b1:09:90:3b:57:93:fa:0f:f7:54:7a:
96:e1:eb:de:86:f3:87:92:8a:82:0e:7c:15:11:11:85:15:1b:
6d:a3:01:88:a5:21:c2:0c:3a:75:7c:3c:9a:d9:ee:10:49:2e:
7d:df:f2:24:5c:be:34:bc:51:da:43:cb:bb:4f:e8:7f:33:ac:
b6:f3:2a:df:e7:39:ba:8f:60:5c:44:fa:c5:0f:fb:72:91:32:
9b:a7:ce:22:3b:c8:31:81:7c:32:e4:01:df:f3:b8:4e:6c:6c:
a1:c3:b5:3d:e2:87:cf:a7:43:d0:21:a6:2f:aa:ba:cc:58:96:
40:59:f9:81:15:31:b3:f0:e1:3e:df:c4:3a:89:26:5e:4f:2b:
58:14:4e:3b:a9:2c:3b:df:55:77:f6:ea:93:a5:66:1a:e0:a2:
7f:5f:01:35:e2:01:46:2c:de:56:9a:47:bd:6c:e0:21:59:0a:
f0:9e:5e:f6:c3:7e:c1:70:50:7a:ee:5d:08:24:ec:78:48:95:
4f:63:8d:eb:b7:36:84:60:c1:2f:56:f9:e9:0b:1d:7d:55:23:
98:b3:20:3a:ac:04:be:55:d8:1e:1d:7d:c2:3f:c2:52:9b:f9:
b8:9a:18:95
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgIUAaGEOArKBiAIutjBb3XCYwrP+TcwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMTE1OTAwMDAwMTEwLwYDVQQFEyg1OTUzQUMwQTY0
QkY5NjU2QjQ0MkQzQzMyMzEzNDM1RUNCNDk1RjY4MB4XDTIzMDEwMzAyMDIwMVoX
DTI0MDEwMjAyMDcwMVowMzExMC8GA1UEAxMoREJBOTlEQ0QyNjlGQzI3Q0I2MUNF
NzM2RERBOERGRkQ2NTQzRkJBNjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAL7JsUcsD94pjG7zjOmR5w37yUxPWF4c/NlMDckeXYIplkDdQCjSN2B+2RYp
sx4W1OJSmOFqNy2sPlhezSTzYat4pnsynZtUM92+ZUPg3BGDi0DOMT5fhgfi9oWg
UR9j8pti67S7FMTUW1pwyfvTdsFfsGj3Wip0U369tzZf8u9UtzpQrtplsqrpYBLG
XE/z8RUkOyn7ndjqzyJ0V39XkkvYiUkcYMOWPCcJn4804Tdqg4o5hfUJh7goLxl1
Ri04pQ+SpmDcSrIxA2+xYhbnprCw/Whv0VUtMRXXxqKF4hPV4Z4r2nIVqiNG/SVh
Zko17F4JDsmAiZYSRwOKxbCBVk0CAwEAAaOCAkAwggI8MB0GA1UdDgQWBBTbqZ3N
Jp/CfLYc5zbdqN/9ZUP7pjAfBgNVHSMEGDAWgBRZU6wKZL+WVrRC08MjE0Ney0lf
aDAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1
NWM5MWJlM2Y5ZC8zLzU5NTNBQzBBNjRCRjk2NTZCNDQyRDNDMzIzMTM0MzVFQ0I0
OTVGNjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL1dWT3NDbVNfbGxhMFF0UERJeE5EWHN0SlgyZy5jZXIwgaYGCCsG
AQUFBwELBIGZMIGWMIGTBggrBgEFBQcwC4aBhnJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5
ZC8zLzMxMzAzMzJlMzIzMzMwMmUzMTM0MzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNl
MjAzMjMwMzMzMDM5Mzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYI
KwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABn5o8wDQYJKoZIhvcNAQELBQADggEB
AA6oN6SXH3agyak4cAcyCfpaphF9qyFlQ9KxCZA7V5P6D/dUepbh696G84eSioIO
fBUREYUVG22jAYilIcIMOnV8PJrZ7hBJLn3f8iRcvjS8UdpDy7tP6H8zrLbzKt/n
ObqPYFxE+sUP+3KRMpunziI7yDGBfDLkAd/zuE5sbKHDtT3ih8+nQ9Ahpi+qusxY
lkBZ+YEVMbPw4T7fxDqJJl5PK1gUTjupLDvfVXf26pOlZhrgon9fATXiAUYs3laa
R71s4CFZCvCeXvbDfsFwUHruXQgk7HhIlU9jjeu3NoRgwS9W+ekLHX1VI5izIDqs
BL5V2B4dfcI/wlKb+biaGJU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:44 2024 by rpki-client on console-ams.rpki-client.org