Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/15681EEE674611EEB77F89794AD9E6FC.roa
File: 15681EEE674611EEB77F89794AD9E6FC.roa (raw, json)
Hash identifier: HnxLWrA8YCNsV784V/tIOebhX6KJzTy+dQJP8vc1axc=
Subject key identifier: 3F:64:A4:39:76:BF:5B:52:B0:2F:CD:FF:03:54:58:C2:21:1C:48:7D
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 04E9
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/15681EEE674611EEB77F89794AD9E6FC.roa
Signing time: Tue 10 Oct 2023 08:22:00 +0000
ROA not before: Tue 10 Oct 2023 08:21:57 +0000
ROA not after: Thu 10 Oct 2024 08:21:57 +0000
asID: 205320
IP address blocks: 156.0.108.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1257 (0x4e9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Oct 10 08:21:57 2023 GMT
Not After : Oct 10 08:21:57 2024 GMT
Subject: CN=652509a8-f1b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:2b:ed:bf:e8:39:24:50:b8:1c:a2:60:cf:8d:
b1:94:ac:a7:0c:97:a9:1d:f6:dc:30:e1:54:04:50:
92:81:b2:44:c4:e7:bb:9d:ab:51:07:b3:06:25:42:
dc:b7:10:2a:6b:98:65:ef:fd:a4:ed:3b:1d:2d:aa:
de:c9:d8:ac:43:3b:82:4c:5b:d3:e5:5f:79:19:35:
44:70:ed:5f:48:f8:e9:2a:c3:b5:70:09:d3:22:0a:
c2:7f:8d:d1:74:35:61:b6:19:b9:5e:f5:38:8b:f1:
ec:bd:fa:08:79:73:fb:d6:41:b9:31:1f:23:3e:7a:
bc:ae:d6:53:78:7b:39:c7:78:de:13:81:ea:da:54:
31:d9:25:6d:f7:4b:df:0b:5c:18:a0:d4:22:18:ed:
e3:df:c3:bb:20:11:12:cb:80:3a:a0:51:f7:4e:ef:
34:84:8a:57:e6:df:d7:ed:44:af:25:96:39:54:f4:
df:98:ac:53:f3:f0:a8:2b:21:85:da:ab:af:18:8c:
73:79:7c:b8:8b:29:de:49:cb:e0:77:c3:e9:22:29:
d7:93:1a:81:e5:ce:09:9f:cc:f0:c9:62:ef:8a:c0:
cc:57:86:6e:05:d3:a3:50:47:82:9a:a0:ef:2b:4e:
bb:e7:bf:bb:e1:d2:f7:53:cf:85:21:67:bf:dc:37:
a1:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:64:A4:39:76:BF:5B:52:B0:2F:CD:FF:03:54:58:C2:21:1C:48:7D
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/15681EEE674611EEB77F89794AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.108.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:ac:80:3b:04:a3:e6:d2:cc:94:f2:33:69:e6:5a:40:02:ab:
84:ef:71:92:0d:3f:eb:ee:0c:8c:63:a4:15:90:56:02:5e:59:
1a:f5:fc:98:3e:15:d6:32:f6:8a:b9:48:bb:64:93:01:d6:12:
3f:a5:46:3c:17:63:23:ae:be:e6:e5:1b:d2:50:91:ec:50:68:
37:38:21:29:b3:c2:55:96:1f:e2:a2:58:86:7c:5d:1b:a7:a2:
97:b8:7d:04:29:0d:2d:43:ad:85:43:bf:f2:62:ac:d8:77:35:
b5:a0:f3:e4:73:6a:0c:9e:d2:1a:ac:0d:3c:60:97:b1:78:da:
a7:86:77:d4:8a:c8:e0:41:fb:fe:3d:a8:75:57:26:cd:d6:e4:
5e:f4:65:53:18:88:9f:a0:5d:3e:49:f2:7a:a6:20:b0:78:bc:
2b:5c:3d:62:80:bd:7b:01:42:3e:31:5d:01:0c:ff:f8:ab:07:
5c:f6:3c:51:1b:ca:be:9f:cc:de:c9:fe:2f:bb:95:0f:9e:cb:
e4:55:73:35:61:8d:6d:25:3d:df:66:6f:f0:d2:9b:14:06:a6:
3a:75:64:42:39:02:1b:9e:9b:51:e3:de:45:c3:29:f8:26:19:
0c:cf:9a:e4:51:db:de:1c:21:de:9f:c9:73:02:c0:85:c3:7a:
fc:c6:e9:d0
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBOkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzEwMTAwODIxNTdaFw0yNDEwMTAwODIxNTdaMBgxFjAU
BgNVBAMTDTY1MjUwOWE4LWYxYjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC8K+2/6DkkULgcomDPjbGUrKcMl6kd9tww4VQEUJKBskTE57udq1EHswYl
Qty3ECprmGXv/aTtOx0tqt7J2KxDO4JMW9PlX3kZNURw7V9I+Okqw7VwCdMiCsJ/
jdF0NWG2Gble9TiL8ey9+gh5c/vWQbkxHyM+eryu1lN4eznHeN4TgeraVDHZJW33
S98LXBig1CIY7ePfw7sgERLLgDqgUfdO7zSEilfm39ftRK8lljlU9N+YrFPz8Kgr
IYXaq68YjHN5fLiLKd5Jy+B3w+kiKdeTGoHlzgmfzPDJYu+KwMxXhm4F06NQR4Ka
oO8rTrvnv7vh0vdTz4UhZ7/cN6GfAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUP2Sk
OXa/W1KwL83/A1RYwiEcSH0wHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzE1NjgxRUVFNjc0NjExRUVCNzdGODk3OTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAGwwDQYJKoZIhvcNAQELBQAD
ggEBAGqsgDsEo+bSzJTyM2nmWkACq4TvcZINP+vuDIxjpBWQVgJeWRr1/Jg+FdYy
9oq5SLtkkwHWEj+lRjwXYyOuvublG9JQkexQaDc4ISmzwlWWH+KiWIZ8XRunope4
fQQpDS1DrYVDv/JirNh3NbWg8+Rzagye0hqsDTxgl7F42qeGd9SKyOBB+/49qHVX
Js3W5F70ZVMYiJ+gXT5J8nqmILB4vCtcPWKAvXsBQj4xXQEM//irB1z2PFEbyr6f
zN7J/i+7lQ+ey+RVczVhjW0lPd9mb/DSmxQGpjp1ZEI5Ahuem1Hj3kXDKfgmGQzP
muRR294cId6fyXMCwIXDevzG6dA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org