Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233322e302f32342d3234203d3e20313333373532.roa
File: 32372e302e3233322e302f32342d3234203d3e20313333373532.roa (raw, json)
Hash identifier: wYr9lZhJTvWh7+hJUgDU5dN9hCjdpH2Hpepqc4Nzvqs=
Subject key identifier: 21:35:B1:91:4F:D7:42:ED:DE:E9:E8:93:E1:5A:77:9F:08:6F:16:F0
Certificate issuer: /CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Certificate serial: 6A3C000827C0CAADEA1ECB472625170A9B666599
Authority key identifier: 59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233322e302f32342d3234203d3e20313333373532.roa
Signing time: Tue 03 Jan 2023 02:07:01 +0000
ROA not before: Tue 03 Jan 2023 02:02:01 +0000
ROA not after: Tue 02 Jan 2024 02:07:01 +0000
asID: 133752
IP address blocks: 27.0.232.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
6a:3c:00:08:27:c0:ca:ad:ea:1e:cb:47:26:25:17:0a:9b:66:65:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Validity
Not Before: Jan 3 02:02:01 2023 GMT
Not After : Jan 2 02:07:01 2024 GMT
Subject: CN=2135B1914FD742EDDEE9E893E15A779F086F16F0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f3:77:ca:f1:d2:f2:9d:e9:1b:27:a1:46:b0:89:
d3:c9:61:82:ad:15:e7:b1:26:96:53:78:d3:0c:ca:
20:1a:2f:95:23:ae:7a:0c:4c:4f:68:80:9f:46:0b:
e5:ad:41:d8:37:03:f7:0e:d6:ff:ca:79:20:3e:6f:
23:dd:1f:d4:b2:d2:14:5e:0c:b7:c1:f8:80:d9:4c:
cc:df:1b:90:f0:c2:a5:b1:79:12:74:6f:44:93:7f:
74:69:7e:2c:c5:44:ac:c2:76:19:cb:9e:53:21:1c:
04:93:20:f7:fd:ec:c6:96:f5:02:b4:b2:1e:f0:bd:
84:ca:8c:f3:ce:5f:3b:e5:21:50:cc:56:db:08:50:
12:4c:17:da:c4:8b:1c:70:23:3c:07:31:3f:ff:00:
1d:5c:85:3e:26:ff:0c:f9:28:81:ae:26:22:73:fc:
5d:86:0a:74:47:52:4b:9a:0d:32:8d:ce:9d:d8:10:
34:8a:64:73:07:6e:eb:51:cd:9a:de:82:ef:ab:75:
ac:71:13:09:0b:7f:6f:27:f4:dd:92:2f:fa:43:d3:
a0:23:94:1d:e2:52:0b:7f:38:1a:b9:fc:f0:fa:94:
ad:9f:69:51:25:e3:22:d7:a4:fa:1b:3f:ba:4e:a1:
12:ec:7e:34:52:3b:d7:ef:a3:2d:43:35:03:30:85:
a4:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:35:B1:91:4F:D7:42:ED:DE:E9:E8:93:E1:5A:77:9F:08:6F:16:F0
X509v3 Authority Key Identifier:
keyid:59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/5953AC0A64BF9656B442D3C32313435ECB495F68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233322e302f32342d3234203d3e20313333373532.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.0.232.0/24
Signature Algorithm: sha256WithRSAEncryption
a3:d6:8f:49:c3:0d:ed:4c:aa:7c:2d:c6:22:17:c2:7a:9d:20:
e8:ee:45:56:6a:5e:e6:28:95:55:5c:39:46:d5:f9:ee:30:35:
9b:23:34:81:f0:46:0d:b7:a6:ac:75:80:fc:fc:8d:9c:cc:bf:
78:af:d1:39:7e:ca:c9:16:e3:ad:bc:57:75:53:e9:31:70:df:
5f:fd:ca:be:5e:73:f3:1e:c9:c3:1e:99:ce:22:a5:f4:de:81:
9a:b4:3d:36:e4:08:b6:4b:ed:6f:a0:e6:9e:5f:f9:47:0b:6e:
a4:d4:b2:0f:58:4f:56:97:77:06:8d:29:d5:56:b4:f9:c6:eb:
d9:48:d6:b4:5d:ec:71:d3:90:e7:f4:fa:ca:05:91:2a:a6:5d:
4e:52:4e:ab:03:7b:ed:df:f4:09:56:28:ce:e5:f8:78:9a:a5:
17:c6:f4:0c:b9:a4:9b:36:97:aa:aa:1a:3a:43:9d:b7:1c:ea:
f8:da:9c:66:27:6a:91:6b:77:ed:67:f9:6c:58:8a:71:fb:88:
a7:58:65:31:3e:27:e0:fd:79:f0:e0:b1:0c:08:75:de:1f:80:
21:75:c0:ba:77:61:7a:c6:01:7e:7b:f5:1a:19:d5:c1:15:74:
d3:0e:3c:fa:d5:c1:6d:ea:ae:a6:18:0c:45:16:2c:05:c8:88:
7a:2c:71:47
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUajwACCfAyq3qHstHJiUXCptmZZkwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMTE1OTAwMDAwMTEwLwYDVQQFEyg1OTUzQUMwQTY0
QkY5NjU2QjQ0MkQzQzMyMzEzNDM1RUNCNDk1RjY4MB4XDTIzMDEwMzAyMDIwMVoX
DTI0MDEwMjAyMDcwMVowMzExMC8GA1UEAxMoMjEzNUIxOTE0RkQ3NDJFRERFRTlF
ODkzRTE1QTc3OUYwODZGMTZGMDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAPN3yvHS8p3pGyehRrCJ08lhgq0V57EmllN40wzKIBovlSOuegxMT2iAn0YL
5a1B2DcD9w7W/8p5ID5vI90f1LLSFF4Mt8H4gNlMzN8bkPDCpbF5EnRvRJN/dGl+
LMVErMJ2GcueUyEcBJMg9/3sxpb1ArSyHvC9hMqM885fO+UhUMxW2whQEkwX2sSL
HHAjPAcxP/8AHVyFPib/DPkoga4mInP8XYYKdEdSS5oNMo3OndgQNIpkcwdu61HN
mt6C76t1rHETCQt/byf03ZIv+kPToCOUHeJSC384Grn88PqUrZ9pUSXjItek+hs/
uk6hEux+NFI71++jLUM1AzCFpBMCAwEAAaOCAjowggI2MB0GA1UdDgQWBBQhNbGR
T9dC7d7p6JPhWnefCG8W8DAfBgNVHSMEGDAWgBRZU6wKZL+WVrRC08MjE0Ney0lf
aDAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1
NWM5MWJlM2Y5ZC8zLzU5NTNBQzBBNjRCRjk2NTZCNDQyRDNDMzIzMTM0MzVFQ0I0
OTVGNjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL1dWT3NDbVNfbGxhMFF0UERJeE5EWHN0SlgyZy5jZXIwgaAGCCsG
AQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5
ZC8zLzMyMzcyZTMwMmUzMjMzMzIyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMz
MzMzNzM1MzIucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAbAOgwDQYJKoZIhvcNAQELBQADggEBAKPWj0nD
De1MqnwtxiIXwnqdIOjuRVZqXuYolVVcOUbV+e4wNZsjNIHwRg23pqx1gPz8jZzM
v3iv0Tl+yskW4628V3VT6TFw31/9yr5ec/MeycMemc4ipfTegZq0PTbkCLZL7W+g
5p5f+UcLbqTUsg9YT1aXdwaNKdVWtPnG69lI1rRd7HHTkOf0+soFkSqmXU5STqsD
e+3f9AlWKM7l+HiapRfG9Ay5pJs2l6qqGjpDnbcc6vjanGYnapFrd+1n+WxYinH7
iKdYZTE+J+D9efDgsQwIdd4fgCF1wLp3YXrGAX579RoZ1cEVdNMOPPrVwW3qrqYY
DEUWLAXIiHoscUc=
-----END CERTIFICATE-----
Generated at Mon Sep 18 19:45:06 2023 by rpki-client on console-ams.rpki-client.org