Route Origin Authorization
$ rpki-client -vvf rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233352e302f32342d3234203d3e20313338393935.roa
File: 32372e302e3233352e302f32342d3234203d3e20313338393935.roa (raw, json)
Hash identifier: dWEOALTvRgC5juuxBKrSZNUXsZu7egN+toEjfl8sRX4=
Subject key identifier: 9A:1F:9E:7A:64:B3:54:40:0D:3B:04:F0:4F:EB:8A:F6:DA:9B:89:D1
Certificate issuer: /CN=A91115900000/serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Certificate serial: 08A2491724643B7D1C81338FC32B06CA4D5A0848
Authority key identifier: 59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
Authority info access: rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject info access: rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233352e302f32342d3234203d3e20313338393935.roa
Signing time: Tue 03 Jan 2023 02:07:01 +0000
ROA not before: Tue 03 Jan 2023 02:02:01 +0000
ROA not after: Tue 02 Jan 2024 02:07:01 +0000
asID: 138995
IP address blocks: 27.0.235.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
08:a2:49:17:24:64:3b:7d:1c:81:33:8f:c3:2b:06:ca:4d:5a:08:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=A91115900000, serialNumber=5953AC0A64BF9656B442D3C32313435ECB495F68
Validity
Not Before: Jan 3 02:02:01 2023 GMT
Not After : Jan 2 02:07:01 2024 GMT
Subject: CN=9A1F9E7A64B354400D3B04F04FEB8AF6DA9B89D1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e9:81:65:7b:d5:9f:e1:67:9d:16:c3:ab:e0:cf:
b0:99:38:25:b4:6b:0d:aa:01:d1:85:01:75:32:99:
10:4a:b5:b0:36:1b:08:96:e2:bc:17:d8:d1:39:aa:
20:00:e4:e1:31:19:a7:37:21:31:19:9d:ef:12:ce:
4e:20:c4:da:8e:ec:6a:0f:46:86:84:e1:f0:67:bd:
e6:c0:ba:08:df:3d:a7:aa:88:4c:9a:6d:02:63:63:
f8:92:eb:8f:1f:15:5a:cd:1b:3e:86:34:c8:e8:dc:
70:29:9a:ab:55:64:6e:56:e5:7c:0c:5f:51:ea:1c:
8f:58:da:13:3d:d9:8d:ba:31:09:45:c6:e4:48:ae:
48:8c:41:86:fc:ff:22:36:bf:c1:99:6d:e8:27:61:
65:6a:5e:5d:1c:08:28:53:a1:39:36:8d:a5:84:d0:
0e:e3:25:e9:60:91:1a:c8:ec:14:53:c0:ac:b7:31:
6b:2d:97:3d:68:0d:cf:f0:5c:34:0a:51:b4:49:5d:
3a:e0:02:9e:a0:7c:ea:f4:cd:46:cf:7c:a4:fc:1f:
4e:86:ef:9c:88:52:b4:8b:89:00:55:1f:d9:bd:84:
db:26:2a:0b:14:91:87:68:bc:f1:48:ba:b2:1f:d7:
82:43:cf:65:df:80:c8:d1:c7:c6:7c:3b:e0:d0:9a:
43:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:1F:9E:7A:64:B3:54:40:0D:3B:04:F0:4F:EB:8A:F6:DA:9B:89:D1
X509v3 Authority Key Identifier:
keyid:59:53:AC:0A:64:BF:96:56:B4:42:D3:C3:23:13:43:5E:CB:49:5F:68
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/5953AC0A64BF9656B442D3C32313435ECB495F68.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.apnic.net/repository/B527EF581D6611E2BB468F7C72FD1FF2/WVOsCmS_lla0QtPDIxNDXstJX2g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rps.arin.net/repository/8a848adf850d063e0185755c91be3f9d/3/32372e302e3233352e302f32342d3234203d3e20313338393935.roa
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
27.0.235.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:b0:ae:28:27:59:2b:b4:9c:d5:26:96:6d:e4:d6:80:33:f2:
5c:e1:a4:58:a3:bc:0f:41:a5:1f:5e:dd:e3:2d:6a:1d:7c:08:
1e:5c:10:3a:98:fb:5f:f3:7e:6f:c6:d3:94:6c:1a:e5:e6:2e:
f0:78:fe:bd:e8:60:27:e6:3b:32:b5:1e:dc:e3:62:9e:f9:8a:
b2:99:2a:ab:99:fe:34:bb:a4:fa:e8:12:65:b1:a3:a1:6f:fc:
a7:13:7e:96:58:fd:94:d7:69:d6:ee:51:22:2d:d4:78:20:8b:
56:21:1d:65:28:82:cf:4d:6c:08:39:4a:5e:d0:bf:75:24:2d:
29:e4:79:66:28:10:3f:5b:37:a7:2f:4a:cb:e1:b1:0d:33:d6:
fa:43:3f:a0:07:d5:07:6c:19:7f:0f:49:50:ef:6e:14:d9:d3:
02:20:8f:ef:7f:e9:cd:c7:4e:a4:50:e7:d8:65:33:d0:11:3f:
f4:20:4a:9c:de:01:e0:0a:99:7f:bc:a2:3f:41:c8:5b:d8:0d:
ba:3f:61:18:e3:41:ee:3e:a8:cb:6d:2b:90:08:7a:84:69:28:
33:57:9d:d5:2a:99:0e:b9:28:c1:4c:9f:3a:8c:dd:cf:57:db:
cb:5e:29:58:18:b9:d0:f2:55:19:75:c7:1c:1a:0d:bf:eb:64:
fe:86:ea:f7
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgIUCKJJFyRkO30cgTOPwysGyk1aCEgwDQYJKoZIhvcNAQEL
BQAwSjEVMBMGA1UEAxMMQTkxMTE1OTAwMDAwMTEwLwYDVQQFEyg1OTUzQUMwQTY0
QkY5NjU2QjQ0MkQzQzMyMzEzNDM1RUNCNDk1RjY4MB4XDTIzMDEwMzAyMDIwMVoX
DTI0MDEwMjAyMDcwMVowMzExMC8GA1UEAxMoOUExRjlFN0E2NEIzNTQ0MDBEM0Iw
NEYwNEZFQjhBRjZEQTlCODlEMTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBAOmBZXvVn+FnnRbDq+DPsJk4JbRrDaoB0YUBdTKZEEq1sDYbCJbivBfY0Tmq
IADk4TEZpzchMRmd7xLOTiDE2o7sag9GhoTh8Ge95sC6CN89p6qITJptAmNj+JLr
jx8VWs0bPoY0yOjccCmaq1VkblblfAxfUeocj1jaEz3ZjboxCUXG5EiuSIxBhvz/
Ija/wZlt6CdhZWpeXRwIKFOhOTaNpYTQDuMl6WCRGsjsFFPArLcxay2XPWgNz/Bc
NApRtEldOuACnqB86vTNRs98pPwfTobvnIhStIuJAFUf2b2E2yYqCxSRh2i88Ui6
sh/XgkPPZd+AyNHHxnw74NCaQ7UCAwEAAaOCAjowggI2MB0GA1UdDgQWBBSaH556
ZLNUQA07BPBP64r22puJ0TAfBgNVHSMEGDAWgBRZU6wKZL+WVrRC08MjE0Ney0lf
aDAOBgNVHQ8BAf8EBAMCB4AwgYUGA1UdHwR+MHwweqB4oHaGdHJzeW5jOi8vcnBr
aS1ycHMuYXJpbi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1
NWM5MWJlM2Y5ZC8zLzU5NTNBQzBBNjRCRjk2NTZCNDQyRDNDMzIzMTM0MzVFQ0I0
OTVGNjguY3JsMH4GCCsGAQUFBwEBBHIwcDBuBggrBgEFBQcwAoZicnN5bmM6Ly9y
cGtpLmFwbmljLm5ldC9yZXBvc2l0b3J5L0I1MjdFRjU4MUQ2NjExRTJCQjQ2OEY3
QzcyRkQxRkYyL1dWT3NDbVNfbGxhMFF0UERJeE5EWHN0SlgyZy5jZXIwgaAGCCsG
AQUFBwELBIGTMIGQMIGNBggrBgEFBQcwC4aBgHJzeW5jOi8vcnBraS1ycHMuYXJp
bi5uZXQvcmVwb3NpdG9yeS84YTg0OGFkZjg1MGQwNjNlMDE4NTc1NWM5MWJlM2Y5
ZC8zLzMyMzcyZTMwMmUzMjMzMzUyZTMwMmYzMjM0MmQzMjM0MjAzZDNlMjAzMTMz
MzgzOTM5MzUucm9hMBgGA1UdIAEB/wQOMAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUH
AQcBAf8EEDAOMAwEAgABMAYDBAAbAOswDQYJKoZIhvcNAQELBQADggEBAB+wrign
WSu0nNUmlm3k1oAz8lzhpFijvA9BpR9e3eMtah18CB5cEDqY+1/zfm/G05RsGuXm
LvB4/r3oYCfmOzK1HtzjYp75irKZKquZ/jS7pProEmWxo6Fv/KcTfpZY/ZTXadbu
USIt1Hggi1YhHWUogs9NbAg5Sl7Qv3UkLSnkeWYoED9bN6cvSsvhsQ0z1vpDP6AH
1QdsGX8PSVDvbhTZ0wIgj+9/6c3HTqRQ59hlM9ARP/QgSpzeAeAKmX+8oj9ByFvY
Dbo/YRjjQe4+qMttK5AIeoRpKDNXndUqmQ65KMFMnzqM3c9X28teKVgYudDyVRl1
xxwaDb/rZP6G6vc=
-----END CERTIFICATE-----
Generated at Sun May 11 18:08:09 2025 by rpki-client