Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/12DB20045EA911EEAB3DD21D4AD9E6FC.roa
File: 12DB20045EA911EEAB3DD21D4AD9E6FC.roa (raw, json)
Hash identifier: py5lWS2bxCBalzY+g5Pjd9jjphhJZ6AObkHi/JMD3u8=
Subject key identifier: 86:03:CE:D9:18:04:3B:97:FE:F0:79:9D:B6:05:A2:65:E8:99:26:A3
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 04D5
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/12DB20045EA911EEAB3DD21D4AD9E6FC.roa
Signing time: Fri 29 Sep 2023 09:17:55 +0000
ROA not before: Fri 29 Sep 2023 09:17:52 +0000
ROA not after: Sun 29 Sep 2024 09:17:52 +0000
asID: 205320
IP address blocks: 156.0.122.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1237 (0x4d5)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Sep 29 09:17:52 2023 GMT
Not After : Sep 29 09:17:52 2024 GMT
Subject: CN=65169643-8976
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:bd:6d:cd:3d:18:7f:48:96:23:13:7f:93:6d:
d9:85:33:4f:6e:ff:8c:d0:94:ec:c3:d2:54:2a:86:
36:25:eb:f1:98:2c:94:91:98:2d:6c:c4:23:6f:f4:
8a:72:98:d7:ff:e0:c9:6e:f7:78:45:45:51:eb:2a:
dd:8b:33:c0:dc:b6:44:77:f0:3b:a8:e9:bc:ce:0f:
57:77:52:6a:2b:36:36:90:03:6f:ee:41:94:62:d7:
b2:a5:c7:89:15:1f:db:d6:9b:e6:4e:07:1f:4c:63:
bf:0b:3b:26:3c:be:87:86:ef:e4:a2:71:45:3d:f4:
eb:e6:ae:0b:39:6f:31:0b:0f:c5:f6:a9:36:7e:38:
4b:f0:7b:d3:14:ec:0f:85:73:da:9c:64:fa:60:a6:
8e:be:c0:55:8d:e9:fd:4f:a2:98:92:6f:b8:61:43:
e6:01:3e:07:35:a4:3c:39:03:dd:77:7f:c3:0d:eb:
5c:9d:70:cd:1c:1b:09:50:71:80:19:2c:94:32:e2:
fd:f5:a9:97:16:00:53:21:f0:53:49:da:42:12:f8:
cb:f9:d1:0d:87:fe:33:2a:b5:3e:d0:7b:e9:31:8d:
b2:dc:51:ed:56:29:e9:92:64:98:b7:d7:87:89:76:
cf:73:fe:eb:66:2c:88:0f:b4:75:ba:54:95:90:b5:
bb:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
86:03:CE:D9:18:04:3B:97:FE:F0:79:9D:B6:05:A2:65:E8:99:26:A3
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/12DB20045EA911EEAB3DD21D4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.122.0/24
Signature Algorithm: sha256WithRSAEncryption
1c:40:20:f1:69:a6:d1:49:c1:a1:98:21:c8:7a:7b:46:1a:41:
2f:a0:65:1f:0b:f0:89:87:6c:c2:6b:5d:e4:d1:5d:88:e8:f1:
17:76:74:26:24:48:d7:ee:cd:47:6e:01:95:c9:19:97:23:b3:
70:f3:92:b4:10:08:0e:b4:2c:d1:00:49:b9:3c:21:01:88:ad:
d8:e1:e0:4a:d4:93:36:e1:af:59:cb:85:21:76:7b:51:80:f1:
4a:08:ac:cc:2d:50:f4:f8:df:41:a8:12:8b:e3:1a:db:44:44:
18:c5:40:89:45:44:05:0e:6a:18:36:d6:15:6d:96:44:54:17:
5f:f3:4b:c8:b3:a1:bf:2e:25:f7:f5:5c:9b:e7:10:ef:f1:0c:
05:80:d6:ec:ed:f5:3e:59:2b:e1:e3:fe:6f:39:5d:de:03:28:
32:d6:7a:79:47:3b:cd:e1:5c:66:9d:04:36:9e:35:9e:64:56:
d1:ca:1e:80:cc:cf:19:d2:6c:c4:cb:d6:10:04:0e:ad:d7:a6:
1f:8e:83:fd:34:53:18:6b:91:07:ac:e9:75:ab:29:32:15:80:
bc:f1:fa:f0:94:99:8f:10:59:3c:3b:f5:85:c2:7f:41:75:ea:
a6:70:49:b9:20:70:a2:09:3b:e8:8f:1f:1f:c4:b1:19:56:42:
08:05:b4:e6
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBNUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA5MjkwOTE3NTJaFw0yNDA5MjkwOTE3NTJaMBgxFjAU
BgNVBAMTDTY1MTY5NjQzLTg5NzYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDWvW3NPRh/SJYjE3+TbdmFM09u/4zQlOzD0lQqhjYl6/GYLJSRmC1sxCNv
9IpymNf/4Mlu93hFRVHrKt2LM8DctkR38Duo6bzOD1d3UmorNjaQA2/uQZRi17Kl
x4kVH9vWm+ZOBx9MY78LOyY8voeG7+SicUU99Ovmrgs5bzELD8X2qTZ+OEvwe9MU
7A+Fc9qcZPpgpo6+wFWN6f1PopiSb7hhQ+YBPgc1pDw5A913f8MN61ydcM0cGwlQ
cYAZLJQy4v31qZcWAFMh8FNJ2kIS+Mv50Q2H/jMqtT7Qe+kxjbLcUe1WKemSZJi3
14eJds9z/utmLIgPtHW6VJWQtbvRAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUhgPO
2RgEO5f+8HmdtgWiZeiZJqMwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzEyREIyMDA0NUVBOTExRUVBQjNERDIxRDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHowDQYJKoZIhvcNAQELBQAD
ggEBABxAIPFpptFJwaGYIch6e0YaQS+gZR8L8ImHbMJrXeTRXYjo8Rd2dCYkSNfu
zUduAZXJGZcjs3DzkrQQCA60LNEASbk8IQGIrdjh4ErUkzbhr1nLhSF2e1GA8UoI
rMwtUPT430GoEovjGttERBjFQIlFRAUOahg21hVtlkRUF1/zS8izob8uJff1XJvn
EO/xDAWA1uzt9T5ZK+Hj/m85Xd4DKDLWenlHO83hXGadBDaeNZ5kVtHKHoDMzxnS
bMTL1hAEDq3Xph+Og/00UxhrkQes6XWrKTIVgLzx+vCUmY8QWTw79YXCf0F16qZw
SbkgcKIJO+iPHx/EsRlWQggFtOY=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org