Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/1006A09A5EA111EEBAA1AD834AD9E6FC.roa
File: 1006A09A5EA111EEBAA1AD834AD9E6FC.roa (raw, json)
Hash identifier: NfXE+2FrA4xCbqQPo1f6gK7qC0uMR3HVEdWdztmGp7o=
Subject key identifier: 5A:4B:85:EC:00:FA:DE:25:49:BE:C9:79:EB:0B:D2:A3:DB:F7:96:49
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 04CC
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/1006A09A5EA111EEBAA1AD834AD9E6FC.roa
Signing time: Fri 29 Sep 2023 08:20:35 +0000
ROA not before: Fri 29 Sep 2023 08:20:31 +0000
ROA not after: Sun 29 Sep 2024 08:20:31 +0000
asID: 328227
IP address blocks: 156.0.110.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1228 (0x4cc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Sep 29 08:20:31 2023 GMT
Not After : Sep 29 08:20:31 2024 GMT
Subject: CN=651688d3-957f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:c4:21:35:e3:f9:2d:19:fb:bc:4c:cd:e5:50:
8a:f7:e8:d4:e1:ed:a6:93:4e:15:7d:d1:e2:ae:1f:
5b:d4:7e:ed:59:69:3b:25:c9:34:69:ac:78:07:50:
01:8e:35:46:f1:0e:8c:49:88:4b:0d:60:b1:c6:3f:
ef:30:b8:1f:a4:15:d5:0a:f7:ba:a5:92:65:79:e9:
1e:b9:10:a5:b3:83:16:bd:58:dc:41:28:8a:bd:eb:
d7:91:40:c3:79:82:4c:7d:f3:16:17:57:3f:16:f5:
f9:34:1d:03:30:1b:8d:17:7c:96:a0:b7:02:c1:66:
19:04:25:95:26:d6:76:95:b7:43:5f:37:ac:79:6e:
80:62:b7:a0:cf:15:af:08:cd:3e:69:db:c6:e9:c1:
a3:d1:21:0c:80:e6:a4:b0:33:ce:35:bc:b6:26:76:
f3:d7:b0:56:59:b0:6c:d0:a2:c9:ca:49:eb:57:5d:
35:c3:ee:8e:f4:ef:bb:a3:88:31:27:26:62:05:cf:
eb:bd:a7:44:34:a7:b7:c3:32:8d:70:68:60:c8:3b:
43:87:dd:08:84:7e:bf:ba:b3:8e:d7:e4:58:5d:46:
ea:96:82:1b:b4:26:04:da:1f:df:34:ca:b0:23:e2:
ff:be:bd:ce:74:75:94:34:47:6a:1f:bc:cf:99:8e:
2f:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5A:4B:85:EC:00:FA:DE:25:49:BE:C9:79:EB:0B:D2:A3:DB:F7:96:49
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/1006A09A5EA111EEBAA1AD834AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.110.0/24
Signature Algorithm: sha256WithRSAEncryption
66:e4:0b:7a:3f:c3:67:2c:20:9b:4c:bc:07:60:57:4a:12:54:
91:58:8d:eb:e7:a4:40:a6:1b:54:58:81:94:9b:f5:c5:28:7b:
3b:ca:50:dd:2d:41:d0:e2:84:06:60:bb:b7:6c:9d:d2:95:7f:
ae:0f:9c:65:b4:d5:b3:74:fc:0e:08:a9:f2:c5:a4:1c:09:89:
78:37:a4:01:fa:e7:bd:eb:ae:e7:74:89:2f:46:03:1f:68:9c:
b1:f0:c6:72:fd:be:99:5f:7a:a1:3c:d8:dd:05:66:0b:39:c8:
c2:0a:0b:01:4a:32:07:29:50:8a:56:5a:b3:2b:28:94:ef:bc:
b6:e6:18:57:97:87:14:a6:31:41:84:94:bd:8d:b8:0b:6a:f0:
84:a9:3f:d2:04:de:b7:14:28:e0:91:e5:70:33:ab:f5:fa:17:
4c:45:80:26:7c:f8:ba:97:3f:6c:4b:b3:4b:12:53:d5:e2:5b:
72:32:67:2d:46:12:60:ca:c2:74:eb:3e:38:35:4f:f5:42:a5:
16:9b:a0:1e:f7:d1:ff:dd:20:b6:ba:8c:b3:9b:87:41:26:0e:
1d:50:26:80:b8:63:84:6a:da:dc:ea:d7:49:47:e5:80:1f:a5:
32:8f:fb:6a:9f:95:54:39:af:73:17:84:9b:17:24:b9:46:41:
5c:e5:f1:3e
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBMwwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA5MjkwODIwMzFaFw0yNDA5MjkwODIwMzFaMBgxFjAU
BgNVBAMTDTY1MTY4OGQzLTk1N2YwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDBxCE14/ktGfu8TM3lUIr36NTh7aaTThV90eKuH1vUfu1ZaTslyTRprHgH
UAGONUbxDoxJiEsNYLHGP+8wuB+kFdUK97qlkmV56R65EKWzgxa9WNxBKIq969eR
QMN5gkx98xYXVz8W9fk0HQMwG40XfJagtwLBZhkEJZUm1naVt0NfN6x5boBit6DP
Fa8IzT5p28bpwaPRIQyA5qSwM841vLYmdvPXsFZZsGzQosnKSetXXTXD7o7077uj
iDEnJmIFz+u9p0Q0p7fDMo1waGDIO0OH3QiEfr+6s47X5FhdRuqWghu0JgTaH980
yrAj4v++vc50dZQ0R2ofvM+Zji9hAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUWkuF
7AD63iVJvsl56wvSo9v3lkkwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzEwMDZBMDlBNUVBMTExRUVCQUExQUQ4MzRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAG4wDQYJKoZIhvcNAQELBQAD
ggEBAGbkC3o/w2csIJtMvAdgV0oSVJFYjevnpECmG1RYgZSb9cUoezvKUN0tQdDi
hAZgu7dsndKVf64PnGW01bN0/A4IqfLFpBwJiXg3pAH6573rrud0iS9GAx9onLHw
xnL9vplfeqE82N0FZgs5yMIKCwFKMgcpUIpWWrMrKJTvvLbmGFeXhxSmMUGElL2N
uAtq8ISpP9IE3rcUKOCR5XAzq/X6F0xFgCZ8+LqXP2xLs0sSU9XiW3IyZy1GEmDK
wnTrPjg1T/VCpRaboB730f/dILa6jLObh0EmDh1QJoC4Y4Rq2tzq10lH5YAfpTKP
+2qflVQ5r3MXhJsXJLlGQVzl8T4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org