Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233322e302f32322d3234203d3e203631313338.roa
File: 32372e302e3233322e302f32322d3234203d3e203631313338.roa (raw, json)
Hash identifier: fuHP+UXNRKRJ02Dwr3SFuec0MAGTdcMuHmqWV3yo9nk=
Subject key identifier: F6:4F:88:5C:BA:E8:B3:B1:97:C0:46:6C:F3:BE:59:79:7B:9A:03:33
Certificate issuer: /CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Certificate serial: 3575E9135D6319604D96344BF39B065949BED97E
Authority key identifier: 59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233322e302f32322d3234203d3e203631313338.roa
Signing time: Tue 03 Jan 2023 02:07:02 +0000
ROA not before: Tue 03 Jan 2023 02:02:02 +0000
ROA not after: Tue 02 Jan 2024 02:07:02 +0000
asID: 61138
IP address blocks: 27.0.232.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
35:75:e9:13:5d:63:19:60:4d:96:34:4b:f3:9b:06:59:49:be:d9:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Validity
Not Before: Jan 3 02:02:02 2023 GMT
Not After : Jan 2 02:07:02 2024 GMT
Subject: CN=F64F885CBAE8B3B197C0466CF3BE59797B9A0333
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:9e:20:87:bb:a2:97:6b:4a:20:a8:a8:56:a7:
fa:6d:05:aa:ac:21:c0:93:3a:7f:fd:77:61:3f:d1:
46:6e:12:33:1f:e3:b6:40:26:6d:f5:24:2e:c4:5d:
c0:22:fd:ad:b0:b4:25:03:21:b6:cd:fb:ae:4f:fc:
6c:7d:6b:68:9e:5c:b7:1d:cc:e6:69:76:a8:55:31:
30:4b:56:a8:14:96:24:23:cd:62:c9:ec:36:b8:81:
30:e9:cf:9a:a9:37:85:9a:28:32:8b:54:47:74:dd:
9d:07:a8:a6:fd:bf:74:51:8c:63:49:69:5a:fe:0c:
4d:56:dd:4f:7c:ee:ad:c8:39:ae:e8:a8:d3:a9:e5:
fd:e6:6f:57:da:2f:b7:f2:ca:ee:6b:f0:20:f5:0b:
fc:89:26:4f:db:8e:1e:95:2a:a0:26:78:26:68:b1:
ef:b0:23:67:a1:35:16:16:4f:f8:9d:a0:30:1b:14:
f5:cc:9e:18:3c:22:6d:d7:7e:fb:9e:85:7e:98:9c:
3f:85:5e:d3:e9:c3:e7:79:4c:3f:bf:0c:69:89:a0:
23:7c:7d:ff:75:d3:cc:c1:74:8d:43:7b:6b:ca:90:
61:4c:24:54:dc:f6:b7:ce:5f:a7:2b:e0:c2:ef:1b:
b6:63:cd:50:e3:13:24:1f:1b:6c:36:69:b8:3c:7e:
b4:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F6:4F:88:5C:BA:E8:B3:B1:97:C0:46:6C:F3:BE:59:79:7B:9A:03:33
X509v3 Authority Key Identifier:
keyid:59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/5953AC0A64BF9656B442D3C32313435ECB495F68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233322e302f32322d3234203d3e203631313338.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.0.232.0/22
Signature Algorithm: sha256WithRSAEncryption
98:ce:9d:97:ef:31:d5:04:05:bf:13:fa:87:67:57:22:a6:e4:
06:41:94:b9:a6:98:f6:1b:d0:6b:86:c9:56:37:74:4a:94:67:
c5:04:3c:5c:de:16:c1:1d:68:49:cc:b4:db:60:7f:76:34:62:
7e:05:c8:b8:d8:1c:5a:df:d9:c9:e8:e6:28:42:b5:6b:a2:2d:
8e:07:b1:d3:42:73:11:f4:2a:91:bd:4d:a9:70:ff:72:b0:ef:
21:79:36:2e:45:65:56:ab:24:bf:5c:48:39:ea:78:2b:fd:86:
8e:51:ac:01:6f:c1:0d:68:bb:5f:f7:5c:1c:a6:e4:ea:48:0b:
c2:4c:0c:8e:01:94:43:9e:80:88:40:66:36:99:82:1d:33:11:
b3:68:9b:50:de:e0:60:97:85:87:cd:36:3b:af:6f:bf:12:9f:
68:55:ad:49:90:a6:91:1b:ca:d3:c2:6b:17:61:39:bf:56:0f:
27:c2:8c:bf:d5:14:20:40:c5:36:30:d5:2f:61:46:0a:e2:0b:
cf:46:02:a9:ca:2c:b2:c1:ae:9e:4b:56:8e:1a:cd:55:e0:7d:
88:a9:0e:98:65:ae:e7:02:6e:d0:c4:55:fb:3c:21:4f:c8:f6:
0e:19:52:b1:8a:84:a2:69:4a:ff:56:5e:d2:fa:0e:0f:cd:9d:
23:31:fd:8a
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgIUNXXpE11jGWBNljRL85sGWUm+2X4wDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMTE1OTAwMDAwMTEwLwYDVQQFEyg1OTUzQUMwQTY0
QkY5NjU2QjQ0MkQzQzMyMzEzNDM1RUNCNDk1RjY4MB4XDTIzMDEwMzAyMDIwMloX
DTI0MDEwMjAyMDcwMlowMzExMC8GA1UEAxMoRjY0Rjg4NUNCQUU4QjNCMTk3QzA0
NjZDRjNCRTU5Nzk3QjlBMDMzMzCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAKueIIe7opdrSiCoqFan+m0FqqwhwJM6f/13YT/RRm4SMx/jtkAmbfUkLsRd
wCL9rbC0JQMhts37rk/8bH1raJ5ctx3M5ml2qFUxMEtWqBSWJCPNYsnsNriBMOnP
mqk3hZooMotUR3TdnQeopv2/dFGMY0lpWv4MTVbdT3zurcg5ruio06nl/eZvV9ov
t/LK7mvwIPUL/IkmT9uOHpUqoCZ4Jmix77AjZ6E1FhZP+J2gMBsU9cyeGDwibdd+
+56FfpicP4Ve0+nD53lMP78MaYmgI3x9/3XTzMF0jUN7a8qQYUwkVNz2t85fpyvg
wu8btmPNUOMTJB8bbDZpuDx+tK8CAwEAAaOCAjcwggIzMB0GA1UdDgQWBBT2T4hc
uuizsZfARmzzvll5e5oDMzAfBgNVHSMEGDAWgBRZU6wKZL+WVrRC08MjE0Ney0lf
aDAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1
NWM5MWJlM2Y5ZC8zLzU5NTNBQzBBNjRCRjk2NTZCNDQyRDNDMzIzMTM0MzVFQ0I0
OTVGNjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL1dWT3NDbVNfbGxhMFF0UERJeE5EWHN0SlgyZy5jZXIwgZ0GCCsG
AQUFBwELBIGQMIGNMIGKBggrBgEFBQcwC4Z+cnN5bmM6Ly9ycGtpLXJwcy5hcmlu
Lm5ldC9yZXBvc2l0b3J5LzhhODQ4YWRmODUwZDA2M2UwMTg1NzU1YzkxYmUzZjlk
LzMvMzIzNzJlMzAyZTMyMzMzMjJlMzAyZjMyMzIyZDMyMzQyMDNkM2UyMDM2MzEz
MTMzMzgucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcB
Af8EEDAOMAwEAgABMAYDBAIbAOgwDQYJKoZIhvcNAQELBQADggEBAJjOnZfvMdUE
Bb8T+odnVyKm5AZBlLmmmPYb0GuGyVY3dEqUZ8UEPFzeFsEdaEnMtNtgf3Y0Yn4F
yLjYHFrf2cno5ihCtWuiLY4HsdNCcxH0KpG9Talw/3Kw7yF5Ni5FZVarJL9cSDnq
eCv9ho5RrAFvwQ1ou1/3XBym5OpIC8JMDI4BlEOegIhAZjaZgh0zEbNom1De4GCX
hYfNNjuvb78Sn2hVrUmQppEbytPCaxdhOb9WDyfCjL/VFCBAxTYw1S9hRgriC89G
AqnKLLLBrp5LVo4azVXgfYipDphlrucCbtDEVfs8IU/I9g4ZUrGKhKJpSv9WXtL6
Dg/NnSMx/Yo=
-----END CERTIFICATE-----
Generated at Mon Sep 18 19:56:59 2023 by rpki-client on console-fra.rpki-client.org