Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233342e302f32342d3234203d3e20313439303230.roa
File: 32372e302e3233342e302f32342d3234203d3e20313439303230.roa (raw, json)
Hash identifier: vGq8F09WntTBjYU4ORZPJWOclV88BSaUrF4Q3t5G9Y8=
Subject key identifier: 13:40:2C:F0:1B:63:83:46:6C:19:BA:AF:E5:80:6B:62:12:CA:3A:1E
Certificate issuer: /CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Certificate serial: 390762EEED007B0F15AFCC4CB61303AFC17B805C
Authority key identifier: 59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233342e302f32342d3234203d3e20313439303230.roa
Signing time: Tue 03 Jan 2023 02:07:02 +0000
ROA not before: Tue 03 Jan 2023 02:02:02 +0000
ROA not after: Tue 02 Jan 2024 02:07:02 +0000
asID: 149020
IP address blocks: 27.0.234.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
39:07:62:ee:ed:00:7b:0f:15:af:cc:4c:b6:13:03:af:c1:7b:80:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Validity
Not Before: Jan 3 02:02:02 2023 GMT
Not After : Jan 2 02:07:02 2024 GMT
Subject: CN=13402CF01B6383466C19BAAFE5806B6212CA3A1E
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:17:7b:da:ec:59:a7:c2:66:28:16:ad:be:1f:
c3:04:5f:d9:2a:63:03:7e:92:e1:df:3b:e5:74:58:
16:a6:c0:d0:25:18:f0:41:45:6a:6f:54:47:61:fb:
2a:1c:de:a5:8c:5e:71:5e:f2:e2:48:c9:a7:57:0e:
12:54:9b:5f:f8:d5:10:dd:98:26:52:c9:ee:d4:6e:
8e:96:34:66:4b:29:fe:cf:be:0c:a3:3c:8c:da:26:
88:78:ab:d6:72:df:cd:2a:88:67:54:8c:c0:5d:38:
2f:17:fc:00:bf:e5:bc:4e:eb:99:cf:39:9e:be:e0:
04:00:38:a3:1c:9e:63:26:63:a2:54:8c:ee:42:bc:
34:a4:83:03:03:f8:e8:38:02:8d:7d:12:f6:09:f5:
b5:3f:45:c7:66:a8:df:b5:ce:db:91:77:1f:40:ce:
20:29:66:e8:39:4b:b5:cd:8d:b3:ed:b1:ca:e9:a4:
3d:ec:a5:b3:3c:96:55:f2:53:fd:d0:8b:45:67:90:
78:5c:7b:1c:67:10:e9:34:78:ae:88:24:56:f9:82:
61:53:da:2e:59:2b:c8:32:d3:00:b7:52:b4:0b:98:
59:4a:b3:51:e6:fb:3d:2b:c5:51:d6:f7:ec:b9:6d:
5d:c6:67:96:b0:cb:53:79:11:7f:49:0b:ef:c0:36:
b9:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:40:2C:F0:1B:63:83:46:6C:19:BA:AF:E5:80:6B:62:12:CA:3A:1E
X509v3 Authority Key Identifier:
keyid:59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/5953AC0A64BF9656B442D3C32313435ECB495F68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233342e302f32342d3234203d3e20313439303230.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.0.234.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:a7:c5:6f:31:d6:6d:90:73:2b:80:9e:8e:f7:0b:25:fe:c7:
0c:ac:b6:f4:8b:39:b7:c3:f8:e4:6e:cb:14:cb:15:0e:10:ce:
5c:69:f6:b2:e5:1f:6a:3d:c1:eb:25:4a:e1:7d:b2:22:f3:cd:
e3:13:7a:22:89:a8:cf:5a:ce:58:dd:3d:f0:58:63:e8:84:11:
c0:43:40:7a:7f:e1:89:9f:12:89:24:81:dd:74:5c:90:bb:1c:
9e:e2:e1:ca:c6:57:2b:f6:ea:aa:33:b2:1e:c2:02:05:7a:43:
77:9b:30:5d:29:6a:14:ea:2b:8e:89:94:48:e9:93:df:a8:5c:
7b:97:e5:3a:a3:d8:93:36:f8:e9:bd:8c:31:07:32:f4:c5:c9:
66:db:fe:42:8e:83:c5:6c:ec:d3:16:78:8e:a2:11:c8:47:1a:
1d:37:fe:e1:66:3b:10:08:70:3d:c7:4a:c9:e5:96:c0:ab:c6:
20:9c:a8:67:5d:4a:99:91:c1:62:05:d3:9f:44:65:5f:18:fc:
b0:81:9b:21:86:b5:f1:ff:62:2e:4b:f0:42:a9:84:06:27:07:
8a:4a:cc:38:ed:87:3b:36:47:e1:d4:ce:10:1b:4d:da:09:08:
4f:a3:2f:74:17:f5:8c:6d:d6:a7:9b:9f:80:de:45:34:6c:8a:
45:f9:65:bf
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUOQdi7u0Aew8Vr8xMthMDr8F7gFwwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMTE1OTAwMDAwMTEwLwYDVQQFEyg1OTUzQUMwQTY0
QkY5NjU2QjQ0MkQzQzMyMzEzNDM1RUNCNDk1RjY4MB4XDTIzMDEwMzAyMDIwMloX
DTI0MDEwMjAyMDcwMlowMzExMC8GA1UEAxMoMTM0MDJDRjAxQjYzODM0NjZDMTlC
QUFGRTU4MDZCNjIxMkNBM0ExRTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAMAXe9rsWafCZigWrb4fwwRf2SpjA36S4d875XRYFqbA0CUY8EFFam9UR2H7
KhzepYxecV7y4kjJp1cOElSbX/jVEN2YJlLJ7tRujpY0Zksp/s++DKM8jNomiHir
1nLfzSqIZ1SMwF04Lxf8AL/lvE7rmc85nr7gBAA4oxyeYyZjolSM7kK8NKSDAwP4
6DgCjX0S9gn1tT9Fx2ao37XO25F3H0DOIClm6DlLtc2Ns+2xyumkPeylszyWVfJT
/dCLRWeQeFx7HGcQ6TR4rogkVvmCYVPaLlkryDLTALdStAuYWUqzUeb7PSvFUdb3
7LltXcZnlrDLU3kRf0kL78A2uesCAwEAAaOCAjowggI2MB0GA1UdDgQWBBQTQCzw
G2ODRmwZuq/lgGtiEso6HjAfBgNVHSMEGDAWgBRZU6wKZL+WVrRC08MjE0Ney0lf
aDAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1
NWM5MWJlM2Y5ZC8zLzU5NTNBQzBBNjRCRjk2NTZCNDQyRDNDMzIzMTM0MzVFQ0I0
OTVGNjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL1dWT3NDbVNfbGxhMFF0UERJeE5EWHN0SlgyZy5jZXIwgaAGCCsG
AQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5
ZC8zLzMyMzcyZTMwMmUzMjMzMzQyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTM0
MzkzMDMyMzAucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAbAOowDQYJKoZIhvcNAQELBQADggEBAMCnxW8x
1m2QcyuAno73CyX+xwystvSLObfD+ORuyxTLFQ4Qzlxp9rLlH2o9weslSuF9siLz
zeMTeiKJqM9azljdPfBYY+iEEcBDQHp/4YmfEokkgd10XJC7HJ7i4crGVyv26qoz
sh7CAgV6Q3ebMF0pahTqK46JlEjpk9+oXHuX5Tqj2JM2+Om9jDEHMvTFyWbb/kKO
g8Vs7NMWeI6iEchHGh03/uFmOxAIcD3HSsnllsCrxiCcqGddSpmRwWIF059EZV8Y
/LCBmyGGtfH/Yi5L8EKphAYnB4pKzDjthzs2R+HUzhAbTdoJCE+jL3QX9Yxt1qeb
n4DeRTRsikX5Zb8=
-----END CERTIFICATE-----
Generated at Mon Sep 18 19:45:06 2023 by rpki-client on console-ams.rpki-client.org