Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/0F92C26C382011EEA0C3E48A4AD9E6FC.roa
File: 0F92C26C382011EEA0C3E48A4AD9E6FC.roa (raw, json)
Hash identifier: N/0UVZbfrv5kLiNa3Z2teqDFhllwMaM1dhV/CbozZhg=
Subject key identifier: 1A:8D:2A:C7:B5:32:CE:D2:EB:ED:F3:25:23:3B:A7:A5:F6:64:B6:1A
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0462
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/0F92C26C382011EEA0C3E48A4AD9E6FC.roa
Signing time: Fri 11 Aug 2023 08:21:25 +0000
ROA not before: Fri 11 Aug 2023 08:21:21 +0000
ROA not after: Sun 11 Aug 2024 08:21:21 +0000
asID: 328227
IP address blocks: 156.0.121.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1122 (0x462)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Aug 11 08:21:21 2023 GMT
Not After : Aug 11 08:21:21 2024 GMT
Subject: CN=64d5ef85-ce6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:62:7a:4c:48:da:27:41:67:1c:85:e2:d6:6c:
99:00:1c:e1:d4:9a:a6:53:44:0d:a5:7d:2d:50:77:
47:b6:08:78:70:d3:50:fc:bd:cb:e2:03:41:7a:9d:
d8:73:b1:5b:39:e7:84:ee:59:e0:56:20:92:aa:b3:
d0:fc:70:bc:23:c0:3c:f0:ce:7f:67:5a:11:4d:4f:
ac:ce:0f:e8:05:58:0e:f5:3e:c1:bf:8f:09:67:ea:
f5:b1:22:29:e8:ac:eb:4a:67:af:52:f6:4c:1f:a3:
b6:b4:a1:b9:b3:13:f8:2c:3f:3b:ba:9b:cb:f3:4b:
51:4c:41:d4:4f:e8:4b:30:23:7a:e0:f1:07:40:8b:
ce:9f:2e:14:38:ae:22:e1:90:0a:42:0b:23:1f:f4:
0e:71:9e:68:3c:09:e4:63:28:58:83:c9:bd:03:4b:
34:f6:7d:99:72:c2:f8:9d:90:af:93:84:76:1c:23:
e7:ea:da:14:ed:8f:76:54:98:77:a9:b2:e9:ae:1e:
74:c3:53:8f:fc:ad:7f:da:97:de:1a:12:33:73:19:
80:57:e6:3a:b5:db:53:2c:b8:f0:9f:fb:d8:15:ed:
74:1f:e1:48:11:a5:8d:cd:ff:03:f3:5d:be:8f:90:
84:a9:98:dc:98:6a:b2:2d:1f:61:9a:05:ee:95:c1:
05:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1A:8D:2A:C7:B5:32:CE:D2:EB:ED:F3:25:23:3B:A7:A5:F6:64:B6:1A
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/0F92C26C382011EEA0C3E48A4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.121.0/24
Signature Algorithm: sha256WithRSAEncryption
0c:c2:d5:d0:ce:a5:10:29:ba:53:1b:0e:cb:87:a3:54:ed:55:
be:7c:93:27:10:2f:fd:5f:46:e0:62:bb:d6:70:1f:ad:9e:15:
25:60:77:11:dd:a8:42:4f:92:1a:03:54:91:db:f5:48:ab:ea:
b1:bf:b7:13:24:38:12:b3:3c:ce:34:48:ee:9b:7e:2c:7b:94:
9e:65:f3:49:97:e6:cd:84:95:ce:32:10:85:b3:4b:d6:42:24:
e0:3f:d9:94:57:46:fe:7e:95:0f:91:87:fa:32:d3:2d:7e:cb:
87:ad:81:75:b0:66:47:d7:8d:3c:73:05:cf:f9:cc:45:f1:15:
cd:2d:99:6f:cd:54:8b:3f:00:9f:02:b7:36:56:9c:8d:8d:ff:
e7:53:79:7a:89:5b:63:36:63:10:86:16:9b:5e:d6:92:55:bf:
56:b3:d6:91:08:72:8c:e9:da:d5:39:b8:a2:2d:19:bf:ed:09:
70:64:2f:ed:ae:3b:59:b3:a6:93:40:6e:bd:30:d9:f7:e1:a0:
fb:bf:2d:58:1f:ef:98:d3:ea:48:48:d5:8f:d6:2d:ef:de:78:
70:ae:fb:db:f2:ba:51:4d:ee:2e:4c:4a:ad:ac:4a:a3:c7:06:
f3:22:b0:83:49:eb:26:fb:6b:6b:b2:4d:47:f0:67:3b:74:c0:
95:31:0e:05
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBGIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA4MTEwODIxMjFaFw0yNDA4MTEwODIxMjFaMBgxFjAU
BgNVBAMTDTY0ZDVlZjg1LWNlNmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDVYnpMSNonQWccheLWbJkAHOHUmqZTRA2lfS1Qd0e2CHhw01D8vcviA0F6
ndhzsVs554TuWeBWIJKqs9D8cLwjwDzwzn9nWhFNT6zOD+gFWA71PsG/jwln6vWx
IinorOtKZ69S9kwfo7a0obmzE/gsPzu6m8vzS1FMQdRP6EswI3rg8QdAi86fLhQ4
riLhkApCCyMf9A5xnmg8CeRjKFiDyb0DSzT2fZlywvidkK+ThHYcI+fq2hTtj3ZU
mHepsumuHnTDU4/8rX/al94aEjNzGYBX5jq121MsuPCf+9gV7XQf4UgRpY3N/wPz
Xb6PkISpmNyYarItH2GaBe6VwQWtAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUGo0q
x7UyztLr7fMlIzunpfZkthowHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzBGOTJDMjZDMzgyMDExRUVBMEMzRTQ4QTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHkwDQYJKoZIhvcNAQELBQAD
ggEBAAzC1dDOpRApulMbDsuHo1TtVb58kycQL/1fRuBiu9ZwH62eFSVgdxHdqEJP
khoDVJHb9Uir6rG/txMkOBKzPM40SO6bfix7lJ5l80mX5s2Elc4yEIWzS9ZCJOA/
2ZRXRv5+lQ+Rh/oy0y1+y4etgXWwZkfXjTxzBc/5zEXxFc0tmW/NVIs/AJ8CtzZW
nI2N/+dTeXqJW2M2YxCGFpte1pJVv1az1pEIcozp2tU5uKItGb/tCXBkL+2uO1mz
ppNAbr0w2ffhoPu/LVgf75jT6khI1Y/WLe/eeHCu+9vyulFN7i5MSq2sSqPHBvMi
sINJ6yb7a2uyTUfwZzt0wJUxDgU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org