Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/3134342e34382e38322e302f32342d3234203d3e20323033303631.roa
File: 3134342e34382e38322e302f32342d3234203d3e20323033303631.roa (raw, json)
Hash identifier: EbNTd2OlaTNNUGFImG7DLHPufXgRxC6ydCAHgMC70ss=
Subject key identifier: 33:59:7A:CD:EC:05:3C:65:5C:6A:70:E3:C2:EC:46:27:7E:FF:18:EF
Certificate issuer: /CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Certificate serial: 09B68A6B60916BDE8E3C82E72693967C467ECC7F
Authority key identifier: 59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/3134342e34382e38322e302f32342d3234203d3e20323033303631.roa
Signing time: Tue 03 Jan 2023 02:07:02 +0000
ROA not before: Tue 03 Jan 2023 02:02:02 +0000
ROA not after: Tue 02 Jan 2024 02:07:02 +0000
asID: 203061
IP address blocks: 144.48.82.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
09:b6:8a:6b:60:91:6b:de:8e:3c:82:e7:26:93:96:7c:46:7e:cc:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Validity
Not Before: Jan 3 02:02:02 2023 GMT
Not After : Jan 2 02:07:02 2024 GMT
Subject: CN=33597ACDEC053C655C6A70E3C2EC46277EFF18EF
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b7:68:b7:8f:9b:b9:56:59:f5:3f:ce:dd:9c:
34:37:0e:b0:49:08:43:57:c8:6f:35:8b:46:86:1d:
16:97:c7:ae:52:7d:b7:20:e3:cb:59:09:f8:79:6e:
3d:9f:6d:5e:49:31:37:2e:9e:a9:96:cc:06:89:fe:
b1:7f:1e:6a:f6:e8:9c:aa:a9:e7:d4:44:ff:56:b0:
43:04:eb:7d:35:0c:c6:56:fb:38:59:04:a4:4d:d7:
47:0a:2c:6b:2f:03:4a:ed:d9:ca:b2:ba:86:29:74:
9f:2d:68:0b:31:62:44:d7:82:1d:29:fd:6b:c8:ee:
14:c9:e7:f9:a8:65:ea:9c:46:a4:ac:c1:d9:df:04:
7a:d3:8e:ca:e7:91:a8:93:4a:eb:f4:8d:19:c9:f1:
e6:bc:8b:68:bd:ae:f9:a3:f1:95:8a:ad:d4:d9:bf:
54:8e:34:f3:a7:a0:23:72:53:7a:46:b8:d0:31:2c:
97:25:d4:ac:c0:49:43:46:52:9e:61:80:9e:8a:12:
3d:08:da:c5:e0:0b:9e:bc:b6:a1:71:90:91:36:d6:
fe:42:dc:7e:4e:32:73:79:fb:c0:a3:fe:91:a8:d3:
de:e3:43:23:ff:fb:53:70:1e:eb:bc:1e:69:a2:4d:
86:58:68:ba:42:48:8e:b8:df:72:d5:c3:c0:73:29:
93:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:59:7A:CD:EC:05:3C:65:5C:6A:70:E3:C2:EC:46:27:7E:FF:18:EF
X509v3 Authority Key Identifier:
keyid:59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/5953AC0A64BF9656B442D3C32313435ECB495F68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/3134342e34382e38322e302f32342d3234203d3e20323033303631.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
144.48.82.0/24
Signature Algorithm: sha256WithRSAEncryption
97:11:5d:bf:d0:8c:8a:13:4b:45:77:af:52:79:6c:82:48:41:
30:07:22:13:61:a8:8b:bf:db:94:6e:78:49:96:02:a7:d0:d6:
58:bd:5c:55:64:c6:3d:7b:83:8c:df:f3:eb:5a:71:7a:35:7b:
80:96:c2:aa:92:a7:81:e5:25:18:3c:9a:ae:35:11:e4:26:9e:
c9:b2:06:e8:84:ef:25:49:0f:39:9e:ad:d8:7e:21:19:5d:cc:
3b:d0:1c:65:21:ce:ad:e8:cf:ed:7d:2e:c0:76:6b:a0:bd:45:
76:95:59:9f:b9:6d:95:3a:ec:36:f3:f0:db:82:3f:2a:45:71:
9e:94:91:8b:38:da:28:8f:fe:19:63:0f:ba:e4:2c:f2:8e:77:
16:c7:3c:d0:44:cd:4b:92:4b:3c:a3:0a:71:87:15:a3:a6:f4:
a6:b2:e1:62:e3:8f:d8:0e:c9:84:b9:14:93:01:d3:ef:92:bb:
2d:19:b9:08:75:24:62:b8:03:d3:16:50:9f:15:f8:be:3f:59:
70:1c:7a:d4:a1:9c:fc:fe:ff:88:c8:70:a3:8e:a6:e2:41:b3:
21:7d:1f:4c:7d:40:7e:45:a9:26:6e:8d:51:c1:8f:ca:14:de:
81:93:63:a7:a4:53:68:03:f9:71:39:dd:85:4c:37:07:46:d5:
2a:e7:59:81
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgIUCbaKa2CRa96OPILnJpOWfEZ+zH8wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMTE1OTAwMDAwMTEwLwYDVQQFEyg1OTUzQUMwQTY0
QkY5NjU2QjQ0MkQzQzMyMzEzNDM1RUNCNDk1RjY4MB4XDTIzMDEwMzAyMDIwMloX
DTI0MDEwMjAyMDcwMlowMzExMC8GA1UEAxMoMzM1OTdBQ0RFQzA1M0M2NTVDNkE3
MEUzQzJFQzQ2Mjc3RUZGMThFRjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBANu3aLePm7lWWfU/zt2cNDcOsEkIQ1fIbzWLRoYdFpfHrlJ9tyDjy1kJ+Hlu
PZ9tXkkxNy6eqZbMBon+sX8eavbonKqp59RE/1awQwTrfTUMxlb7OFkEpE3XRwos
ay8DSu3ZyrK6hil0ny1oCzFiRNeCHSn9a8juFMnn+ahl6pxGpKzB2d8EetOOyueR
qJNK6/SNGcnx5ryLaL2u+aPxlYqt1Nm/VI4086egI3JTeka40DEslyXUrMBJQ0ZS
nmGAnooSPQjaxeALnry2oXGQkTbW/kLcfk4yc3n7wKP+kajT3uNDI//7U3Ae67we
aaJNhlhoukJIjrjfctXDwHMpkwUCAwEAAaOCAjwwggI4MB0GA1UdDgQWBBQzWXrN
7AU8ZVxqcOPC7EYnfv8Y7zAfBgNVHSMEGDAWgBRZU6wKZL+WVrRC08MjE0Ney0lf
aDAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1
NWM5MWJlM2Y5ZC8zLzU5NTNBQzBBNjRCRjk2NTZCNDQyRDNDMzIzMTM0MzVFQ0I0
OTVGNjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL1dWT3NDbVNfbGxhMFF0UERJeE5EWHN0SlgyZy5jZXIwgaIGCCsG
AQUFBwELBIGVMIGSMIGPBggrBgEFBQcwC4aBgnJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5
ZC8zLzMxMzQzNDJlMzQzODJlMzgzMjJlMzAyZjMyMzQyZDMyMzQyMDNkM2UyMDMy
MzAzMzMwMzYzMS5yb2EwGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjAfBggrBgEF
BQcBBwEB/wQQMA4wDAQCAAEwBgMEAJAwUjANBgkqhkiG9w0BAQsFAAOCAQEAlxFd
v9CMihNLRXevUnlsgkhBMAciE2Goi7/blG54SZYCp9DWWL1cVWTGPXuDjN/z61px
ejV7gJbCqpKngeUlGDyarjUR5CaeybIG6ITvJUkPOZ6t2H4hGV3MO9AcZSHOrejP
7X0uwHZroL1FdpVZn7ltlTrsNvPw24I/KkVxnpSRizjaKI/+GWMPuuQs8o53Fsc8
0ETNS5JLPKMKcYcVo6b0prLhYuOP2A7JhLkUkwHT75K7LRm5CHUkYrgD0xZQnxX4
vj9ZcBx61KGc/P7/iMhwo46m4kGzIX0fTH1AfkWpJm6NUcGPyhTegZNjp6RTaAP5
cTndhUw3B0bVKudZgQ==
-----END CERTIFICATE-----
Generated at Mon Sep 18 19:56:59 2023 by rpki-client on console-fra.rpki-client.org