Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/11632086174C11EE91BF87274AD9E6FC.roa
File: 11632086174C11EE91BF87274AD9E6FC.roa (raw, json)
Hash identifier: 1580JO9Z7k5/yMMHsXLBn2DKWcK4cDHlwBeLY63fZ4g=
Subject key identifier: 5D:4B:1D:77:9B:FF:4A:00:D9:7B:94:F1:5F:56:E9:86:49:25:77:B5
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0408
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/11632086174C11EE91BF87274AD9E6FC.roa
Signing time: Fri 30 Jun 2023 13:43:17 +0000
ROA not before: Fri 30 Jun 2023 13:43:10 +0000
ROA not after: Sun 30 Jun 2024 13:43:10 +0000
asID: 328227
IP address blocks: 156.0.125.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1032 (0x408)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 13:43:10 2023 GMT
Not After : Jun 30 13:43:10 2024 GMT
Subject: CN=649edbf5-8675
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ee:80:44:16:69:d1:6a:c8:b2:da:52:70:3a:
fe:b1:a7:b3:cf:b1:52:a5:cf:5d:a2:1c:5d:9a:73:
2a:19:72:0a:25:49:89:16:a3:a7:0d:08:a4:85:f0:
5b:65:11:4a:6e:7b:8c:bd:54:38:8b:f4:88:e5:b3:
20:3b:59:32:dc:09:4d:24:82:d4:b6:ff:94:71:cb:
d0:35:09:e6:cd:34:2d:e3:99:d7:d7:7e:77:8c:cb:
5c:80:00:da:42:df:e9:a0:89:2f:13:c4:e5:6b:ea:
e6:67:bf:b0:ae:a2:95:9d:38:49:5d:90:17:0c:20:
9c:86:30:21:7c:eb:0e:3c:10:17:1b:98:fa:2f:88:
87:4f:8e:69:e4:32:78:98:96:d9:6d:29:37:85:d8:
98:ed:72:ab:f1:25:e7:14:5d:43:6d:84:a8:2a:84:
f6:17:5e:a3:bb:d4:0f:a4:b9:7a:b3:43:24:6c:3d:
6d:9f:d5:f9:fc:2c:80:71:5f:67:71:fd:a0:b7:a2:
f8:2e:b2:b5:92:18:33:fd:d1:07:e3:fb:f1:66:f1:
2a:87:f5:55:83:53:81:9e:18:7c:4c:c8:8b:88:f1:
a6:54:ce:02:c0:06:5f:d6:ed:69:55:84:0a:45:0a:
ce:49:88:75:ff:ec:cc:8d:80:9b:e7:42:53:7c:88:
68:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:4B:1D:77:9B:FF:4A:00:D9:7B:94:F1:5F:56:E9:86:49:25:77:B5
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/11632086174C11EE91BF87274AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.125.0/24
Signature Algorithm: sha256WithRSAEncryption
b5:7e:f7:f9:09:d2:7d:0c:83:c8:1a:2b:b2:8a:c7:9f:aa:d3:
39:76:8b:d4:a1:f1:7c:e9:03:b3:9c:f8:fd:8b:30:da:96:da:
81:70:4a:80:e6:a5:06:e5:db:60:94:51:1e:e7:45:ec:02:bd:
51:bc:6f:18:ef:cb:db:b1:81:a4:e5:d4:42:97:b8:e1:e1:04:
97:c1:3d:dd:35:7e:e5:49:d8:f8:8b:77:6b:00:43:f9:33:76:
91:2f:84:cd:09:cc:1d:54:6c:38:3b:09:15:d3:89:a0:da:a8:
93:e7:aa:89:24:69:d0:aa:49:4d:55:a3:8b:8c:ef:b8:a0:7c:
3b:a8:62:0f:f7:b4:c0:bc:80:9c:a3:10:87:03:e0:09:8d:7a:
be:ad:e4:f0:ad:3c:19:71:22:d3:c1:44:74:a4:f9:c2:80:ed:
50:2d:b2:f6:37:5a:ba:dd:94:d6:d5:6f:28:e0:1e:24:66:ef:
58:51:eb:b3:76:09:ed:3b:ef:b1:44:7e:12:36:38:71:3d:6f:
19:fc:5e:bf:79:42:cb:54:33:14:2b:31:3f:32:9b:95:c8:73:
0a:aa:c2:d6:02:d1:fb:37:09:3d:fe:27:4b:bb:db:e0:15:3b:
2e:a0:0d:73:22:8a:1e:7e:6a:28:90:cc:86:2c:b5:28:d4:aa:
86:b5:e5:ca
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBAgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMzQzMTBaFw0yNDA2MzAxMzQzMTBaMBgxFjAU
BgNVBAMTDTY0OWVkYmY1LTg2NzUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCm7oBEFmnRasiy2lJwOv6xp7PPsVKlz12iHF2acyoZcgolSYkWo6cNCKSF
8FtlEUpue4y9VDiL9IjlsyA7WTLcCU0kgtS2/5Rxy9A1CebNNC3jmdfXfneMy1yA
ANpC3+mgiS8TxOVr6uZnv7CuopWdOEldkBcMIJyGMCF86w48EBcbmPoviIdPjmnk
MniYltltKTeF2JjtcqvxJecUXUNthKgqhPYXXqO71A+kuXqzQyRsPW2f1fn8LIBx
X2dx/aC3ovgusrWSGDP90Qfj+/Fm8SqH9VWDU4GeGHxMyIuI8aZUzgLABl/W7WlV
hApFCs5JiHX/7MyNgJvnQlN8iGj/AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUXUsd
d5v/SgDZe5TxX1bphkkld7UwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzExNjMyMDg2MTc0QzExRUU5MUJGODcyNzRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAH0wDQYJKoZIhvcNAQELBQAD
ggEBALV+9/kJ0n0Mg8gaK7KKx5+q0zl2i9Sh8XzpA7Oc+P2LMNqW2oFwSoDmpQbl
22CUUR7nRewCvVG8bxjvy9uxgaTl1EKXuOHhBJfBPd01fuVJ2PiLd2sAQ/kzdpEv
hM0JzB1UbDg7CRXTiaDaqJPnqokkadCqSU1Vo4uM77igfDuoYg/3tMC8gJyjEIcD
4AmNer6t5PCtPBlxItPBRHSk+cKA7VAtsvY3WrrdlNbVbyjgHiRm71hR67N2Ce07
77FEfhI2OHE9bxn8Xr95QstUMxQrMT8ym5XIcwqqwtYC0fs3CT3+J0u72+AVOy6g
DXMiih5+aiiQzIYstSjUqoa15co=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org