Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/07A9D2C250A111EE82DC4F514AD9E6FC.roa
File: 07A9D2C250A111EE82DC4F514AD9E6FC.roa (raw, json)
Hash identifier: VOdYI2ThT1OaM+u6P7qPjqegG5lnNu5fEUWLjYzHxFI=
Subject key identifier: 43:EC:ED:27:C0:C1:8C:2E:0E:83:E5:AA:2D:B9:3D:0B:7E:87:B1:74
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 04B1
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/07A9D2C250A111EE82DC4F514AD9E6FC.roa
Signing time: Mon 11 Sep 2023 12:45:04 +0000
ROA not before: Mon 11 Sep 2023 12:45:01 +0000
ROA not after: Wed 11 Sep 2024 12:45:01 +0000
asID: 209181
IP address blocks: 156.0.127.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1201 (0x4b1)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Sep 11 12:45:01 2023 GMT
Not After : Sep 11 12:45:01 2024 GMT
Subject: CN=64ff0bd0-b16e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:08:66:3e:2e:41:cb:f3:ee:4a:b9:d6:bb:b7:
4c:39:23:58:fb:71:59:f7:67:b0:ab:ea:97:f6:ac:
28:e8:7c:9b:27:ce:9c:d7:b6:85:85:2f:90:ba:3f:
a2:88:fd:db:e0:63:be:93:29:7b:80:2a:f4:14:d5:
42:33:9e:e9:ea:46:3c:86:4c:58:02:da:37:77:ac:
69:80:0f:59:f4:1a:34:c6:46:b5:85:a7:da:fd:25:
bf:3f:de:dd:47:70:6d:c6:29:f4:c5:fb:a1:47:25:
45:32:c3:93:1c:4f:f1:8c:46:7c:eb:01:c5:c6:1e:
13:96:d6:fe:62:a8:b9:9b:5f:78:90:72:c6:fb:0c:
d8:1f:08:94:ea:ca:0d:b7:12:9f:23:57:28:b8:fc:
64:50:75:a6:15:bd:76:60:8b:97:a7:a9:16:58:4b:
1c:29:52:05:1e:e4:d7:4a:f2:a3:11:57:5e:b1:cd:
90:9a:10:d8:00:5e:2c:bc:4b:af:03:61:b4:50:68:
f0:4d:e4:40:c7:0f:43:2b:2b:46:79:5c:f0:10:24:
8a:f0:52:00:58:95:1a:c0:08:26:f3:1a:7a:e4:b3:
c6:2c:f4:f3:d1:93:df:93:dc:eb:7b:98:fd:42:67:
74:4f:85:68:91:06:db:24:f7:e7:aa:da:1e:7f:53:
86:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
43:EC:ED:27:C0:C1:8C:2E:0E:83:E5:AA:2D:B9:3D:0B:7E:87:B1:74
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/07A9D2C250A111EE82DC4F514AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.127.0/24
Signature Algorithm: sha256WithRSAEncryption
82:cb:62:c8:5a:fc:a5:e6:02:27:d2:95:0d:17:84:51:4b:47:
8d:90:16:80:3e:5f:d2:b1:66:59:fe:d2:57:5a:ea:18:27:9c:
d5:c5:d4:c0:45:34:59:80:38:c7:d4:b0:03:91:e0:eb:32:7e:
6c:2a:c6:3a:0f:6a:71:52:34:8e:84:44:67:2b:9d:7d:ba:b5:
eb:9d:53:0b:57:98:5f:dc:19:93:4c:5f:e0:e9:f5:e4:78:b7:
69:48:ba:22:92:14:ef:66:fb:a2:d0:c6:74:9a:97:c6:57:6a:
1f:c5:5f:48:e6:f7:53:19:80:3f:e1:20:b4:4a:b5:ce:25:d9:
67:66:54:81:05:2b:11:e9:c4:04:cc:82:2b:49:02:80:18:0f:
58:a3:e3:ec:db:9a:6d:5e:cf:9d:84:e1:77:42:9f:17:46:84:
19:0a:71:0c:99:68:eb:17:90:92:af:c4:f2:7b:37:9e:db:3a:
33:df:86:3e:58:36:66:df:37:dc:b1:73:84:d1:7b:21:df:64:
ad:18:58:82:45:ab:a8:8b:7b:8b:25:00:c9:78:dc:0e:f2:d3:
f2:1b:73:4e:b6:01:79:f5:ab:1c:4a:14:63:79:21:d1:37:21:
0f:b6:99:ec:0c:53:1d:81:7b:3b:18:86:40:e2:62:d2:43:68:
45:28:f6:2d
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBLEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA5MTExMjQ1MDFaFw0yNDA5MTExMjQ1MDFaMBgxFjAU
BgNVBAMTDTY0ZmYwYmQwLWIxNmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC6CGY+LkHL8+5Kuda7t0w5I1j7cVn3Z7Cr6pf2rCjofJsnzpzXtoWFL5C6
P6KI/dvgY76TKXuAKvQU1UIznunqRjyGTFgC2jd3rGmAD1n0GjTGRrWFp9r9Jb8/
3t1HcG3GKfTF+6FHJUUyw5McT/GMRnzrAcXGHhOW1v5iqLmbX3iQcsb7DNgfCJTq
yg23Ep8jVyi4/GRQdaYVvXZgi5enqRZYSxwpUgUe5NdK8qMRV16xzZCaENgAXiy8
S68DYbRQaPBN5EDHD0MrK0Z5XPAQJIrwUgBYlRrACCbzGnrks8Ys9PPRk9+T3Ot7
mP1CZ3RPhWiRBtsk9+eq2h5/U4ZzAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUQ+zt
J8DBjC4Og+WqLbk9C36HsXQwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzA3QTlEMkMyNTBBMTExRUU4MkRDNEY1MTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAH8wDQYJKoZIhvcNAQELBQAD
ggEBAILLYsha/KXmAifSlQ0XhFFLR42QFoA+X9KxZln+0lda6hgnnNXF1MBFNFmA
OMfUsAOR4OsyfmwqxjoPanFSNI6ERGcrnX26teudUwtXmF/cGZNMX+Dp9eR4t2lI
uiKSFO9m+6LQxnSal8ZXah/FX0jm91MZgD/hILRKtc4l2WdmVIEFKxHpxATMgitJ
AoAYD1ij4+zbmm1ez52E4XdCnxdGhBkKcQyZaOsXkJKvxPJ7N57bOjPfhj5YNmbf
N9yxc4TReyHfZK0YWIJFq6iLe4slAMl43A7y0/Ibc062AXn1qxxKFGN5IdE3IQ+2
mewMUx2BezsYhkDiYtJDaEUo9i0=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org