Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233332e302f32342d3234203d3e20323036383034.roa
File: 32372e302e3233332e302f32342d3234203d3e20323036383034.roa (raw, json)
Hash identifier: hiJyqawdp7/BRKcObs6K5PiqvHMfJpZFiJCXhPKqYSk=
Subject key identifier: 6B:D1:FB:1A:98:DB:C6:B3:B0:7C:CF:F3:05:B2:AF:17:35:4C:59:71
Certificate issuer: /CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Certificate serial: 5DE3D3B0AFCD9412165CE16CF220A51AB3A35458
Authority key identifier: 59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233332e302f32342d3234203d3e20323036383034.roa
Signing time: Tue 03 Jan 2023 02:07:01 +0000
ROA not before: Tue 03 Jan 2023 02:02:01 +0000
ROA not after: Tue 02 Jan 2024 02:07:01 +0000
asID: 206804
IP address blocks: 27.0.233.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
5d:e3:d3:b0:af:cd:94:12:16:5c:e1:6c:f2:20:a5:1a:b3:a3:54:58
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Validity
Not Before: Jan 3 02:02:01 2023 GMT
Not After : Jan 2 02:07:01 2024 GMT
Subject: CN=6BD1FB1A98DBC6B3B07CCFF305B2AF17354C5971
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:48:83:ac:70:0f:cd:68:c7:97:ce:13:c2:b1:
cc:f6:7b:42:cb:f5:4c:83:ea:d9:a3:11:f8:6c:8e:
a4:8a:cb:bd:34:ad:45:a5:2b:74:05:bb:eb:58:1a:
73:36:c4:8d:7e:c1:3f:ce:d0:9e:06:00:6c:b8:f1:
c7:59:9a:36:01:1f:cc:e3:80:b9:1d:d6:1a:a6:79:
b6:69:35:78:1e:bc:b7:f9:cb:64:c9:f4:68:6c:54:
f1:ad:35:6e:f6:cb:e1:a1:f8:64:dc:73:a6:25:63:
e5:b9:8c:d9:e0:bf:fd:ca:a0:cc:71:18:2b:8d:dd:
9a:c4:c3:22:42:99:42:a1:c3:34:c0:64:93:bb:cb:
ab:35:f5:38:f4:e2:75:5c:e2:a9:b0:32:ef:79:61:
d4:ae:41:62:e5:e8:1d:12:ef:b2:89:94:8c:91:a6:
9a:66:bd:2d:12:cb:1d:31:e5:61:ed:ee:b5:f6:f4:
71:66:6c:ae:6d:a7:d5:2a:71:e8:70:89:94:30:ae:
e0:e7:fe:dd:19:10:41:62:d0:44:92:a9:34:07:fc:
8f:4f:f7:c6:40:e1:23:f7:9a:cd:09:7c:f9:0a:07:
07:44:d5:31:69:72:f0:54:ff:9f:24:df:1b:cd:99:
2c:32:42:0e:b1:c8:7b:23:99:1a:80:2e:0f:53:09:
cd:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:D1:FB:1A:98:DB:C6:B3:B0:7C:CF:F3:05:B2:AF:17:35:4C:59:71
X509v3 Authority Key Identifier:
keyid:59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/5953AC0A64BF9656B442D3C32313435ECB495F68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233332e302f32342d3234203d3e20323036383034.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.0.233.0/24
Signature Algorithm: sha256WithRSAEncryption
1b:90:1b:05:7e:aa:3f:f1:dd:d0:f6:f4:34:39:75:bd:e8:05:
8b:fc:ba:1a:a9:2d:60:05:ee:72:5b:57:9c:5f:76:4e:83:ba:
ef:09:34:7a:b6:3f:bb:4c:5e:91:25:29:5e:be:3f:81:66:d2:
1b:7e:47:ba:74:09:d8:29:8c:d3:15:19:bf:65:fb:0a:0b:68:
a5:8e:ff:b7:db:1d:b8:2b:4d:b5:f0:d5:a7:2b:6c:6c:58:90:
47:43:50:fd:c6:a8:d9:e6:5b:aa:c9:6c:a3:a1:4e:50:b6:61:
5d:30:b4:37:40:e7:52:e2:28:38:f3:ca:2b:15:46:78:3d:d2:
74:65:59:3e:39:f4:8b:0c:f3:70:58:98:68:78:db:d4:e3:9b:
32:2d:d6:a7:c9:40:c5:0a:e7:ba:ef:8e:4b:94:cd:7e:37:99:
3f:17:9c:41:5c:f8:b9:ab:9f:97:13:f5:ff:96:2c:d4:fd:fc:
b5:d4:42:ca:75:8d:3d:c5:ae:56:dc:c7:67:d8:bc:5d:ef:c1:
98:f5:4e:d1:a9:e4:cb:75:64:98:cd:8c:23:6e:b3:f6:23:db:
19:e5:42:93:ef:f0:b0:a5:27:93:45:f9:79:2b:67:d0:99:98:
56:4b:6a:30:81:8e:fc:17:bf:f6:8f:44:9d:41:5a:71:da:74:
0e:1f:4e:d5
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUXePTsK/NlBIWXOFs8iClGrOjVFgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMTE1OTAwMDAwMTEwLwYDVQQFEyg1OTUzQUMwQTY0
QkY5NjU2QjQ0MkQzQzMyMzEzNDM1RUNCNDk1RjY4MB4XDTIzMDEwMzAyMDIwMVoX
DTI0MDEwMjAyMDcwMVowMzExMC8GA1UEAxMoNkJEMUZCMUE5OERCQzZCM0IwN0ND
RkYzMDVCMkFGMTczNTRDNTk3MTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMVIg6xwD81ox5fOE8KxzPZ7Qsv1TIPq2aMR+GyOpIrLvTStRaUrdAW761ga
czbEjX7BP87QngYAbLjxx1maNgEfzOOAuR3WGqZ5tmk1eB68t/nLZMn0aGxU8a01
bvbL4aH4ZNxzpiVj5bmM2eC//cqgzHEYK43dmsTDIkKZQqHDNMBkk7vLqzX1OPTi
dVziqbAy73lh1K5BYuXoHRLvsomUjJGmmma9LRLLHTHlYe3utfb0cWZsrm2n1Spx
6HCJlDCu4Of+3RkQQWLQRJKpNAf8j0/3xkDhI/eazQl8+QoHB0TVMWly8FT/nyTf
G82ZLDJCDrHIeyOZGoAuD1MJzZkCAwEAAaOCAjowggI2MB0GA1UdDgQWBBRr0fsa
mNvGs7B8z/MFsq8XNUxZcTAfBgNVHSMEGDAWgBRZU6wKZL+WVrRC08MjE0Ney0lf
aDAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1
NWM5MWJlM2Y5ZC8zLzU5NTNBQzBBNjRCRjk2NTZCNDQyRDNDMzIzMTM0MzVFQ0I0
OTVGNjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL1dWT3NDbVNfbGxhMFF0UERJeE5EWHN0SlgyZy5jZXIwgaAGCCsG
AQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5
ZC8zLzMyMzcyZTMwMmUzMjMzMzMyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMjMw
MzYzODMwMzQucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAbAOkwDQYJKoZIhvcNAQELBQADggEBABuQGwV+
qj/x3dD29DQ5db3oBYv8uhqpLWAF7nJbV5xfdk6Duu8JNHq2P7tMXpElKV6+P4Fm
0ht+R7p0CdgpjNMVGb9l+woLaKWO/7fbHbgrTbXw1acrbGxYkEdDUP3GqNnmW6rJ
bKOhTlC2YV0wtDdA51LiKDjzyisVRng90nRlWT459IsM83BYmGh429TjmzIt1qfJ
QMUK57rvjkuUzX43mT8XnEFc+Lmrn5cT9f+WLNT9/LXUQsp1jT3Frlbcx2fYvF3v
wZj1TtGp5Mt1ZJjNjCNus/Yj2xnlQpPv8LClJ5NF+XkrZ9CZmFZLajCBjvwXv/aP
RJ1BWnHadA4fTtU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:46:44 2024 by rpki-client on console-ams.rpki-client.org