Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/199701B6F09911EDBECDE51F4AD9E6FC.roa
File: 199701B6F09911EDBECDE51F4AD9E6FC.roa (raw, json)
Hash identifier: 3VnaqL6C1igO/T98Kew1lQuZT3NE0F3v0veTOIx4Axs=
Subject key identifier: 20:F7:27:C5:4B:8B:05:D5:F6:1C:DF:1D:EC:41:B5:41:9C:EB:1D:74
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0396
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/199701B6F09911EDBECDE51F4AD9E6FC.roa
Signing time: Fri 12 May 2023 07:46:27 +0000
ROA not before: Fri 12 May 2023 07:46:23 +0000
ROA not after: Sun 12 May 2024 07:46:23 +0000
asID: 3507
IP address blocks: 156.0.109.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 918 (0x396)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: May 12 07:46:23 2023 GMT
Not After : May 12 07:46:23 2024 GMT
Subject: CN=645deed3-aac3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:b4:b5:d0:f7:ed:bb:cc:8a:ea:bf:25:d5:06:
88:0c:1a:35:01:0d:81:0f:af:c0:3a:de:aa:81:01:
22:74:02:a4:26:ac:ed:0f:4e:97:35:42:56:50:d1:
d0:ad:e1:7c:d7:4a:31:b6:c3:05:de:af:3c:63:ee:
50:39:cb:13:1f:d4:b4:59:45:6d:50:96:9e:78:46:
2e:1b:9b:70:f4:88:e4:c6:7e:f5:26:0f:ea:67:79:
44:12:cc:a1:0e:7b:6d:47:79:65:fe:83:20:39:a0:
35:9c:26:db:8d:4b:a9:7b:f7:db:5e:ff:c1:9d:50:
5b:87:74:7f:71:dd:40:a1:02:26:26:90:d2:20:51:
3e:91:0e:e3:75:b0:a7:38:4e:b8:26:87:f2:8d:36:
d2:96:ca:29:f6:6a:46:8d:a0:63:c9:c1:89:71:46:
7e:cf:f4:67:bb:87:5b:c0:c1:2b:21:77:c0:60:3a:
89:35:26:d0:86:0f:02:85:b3:2c:cf:17:39:45:73:
c8:9d:c4:d1:a1:0f:dd:49:e4:ee:10:be:e3:81:74:
5a:c2:8d:8c:25:8b:09:63:f7:e5:c6:25:9e:65:bb:
61:1b:0a:34:a5:44:b5:87:4f:af:73:d1:d1:ca:6e:
4c:f0:97:4c:93:d1:fb:b4:eb:05:85:db:57:f3:93:
f3:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:F7:27:C5:4B:8B:05:D5:F6:1C:DF:1D:EC:41:B5:41:9C:EB:1D:74
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/199701B6F09911EDBECDE51F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.109.0/24
Signature Algorithm: sha256WithRSAEncryption
00:96:c2:82:6a:40:3d:95:26:8b:3d:6b:a8:ac:0c:6c:68:56:
0d:db:c5:17:11:84:8c:a9:f7:c7:35:4f:71:a8:86:b5:22:d7:
f2:04:ae:fb:f6:b3:51:a9:dc:66:f5:6b:07:b2:2c:43:1a:43:
38:12:63:92:51:eb:ca:58:90:d7:4f:46:25:68:22:3d:79:8e:
68:de:77:f0:23:ef:cc:fd:f5:46:71:be:bc:f8:c1:78:b9:2e:
2b:57:5e:f1:c4:b7:e8:3b:f4:ea:6c:e7:9e:1f:c7:77:0a:97:
05:6c:d8:44:9d:8f:da:1b:2d:13:08:9a:8b:4c:5b:88:e1:18:
46:4c:36:ef:b1:e2:87:d0:da:e0:29:47:ba:77:23:b3:a1:8a:
09:ed:a2:53:5c:36:32:7a:89:8b:b0:41:f1:ef:14:00:6d:99:
dc:da:88:a4:07:cc:b5:1f:ea:16:6e:02:d2:ad:33:65:24:7b:
39:1c:73:30:b0:88:00:f1:de:9b:b8:8b:89:dd:2b:33:9c:7e:
0a:21:57:df:dc:85:af:1a:3e:9f:9b:a0:fd:ef:9f:77:ac:4d:
16:1d:54:5e:07:e0:02:90:85:12:09:f4:12:9e:42:82:c3:ff:
eb:a8:d0:6f:e3:1e:af:5a:4a:a0:c1:1d:67:b8:f4:69:0e:fe:
3b:18:fd:c5
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA5YwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA1MTIwNzQ2MjNaFw0yNDA1MTIwNzQ2MjNaMBgxFjAU
BgNVBAMTDTY0NWRlZWQzLWFhYzMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCztLXQ9+27zIrqvyXVBogMGjUBDYEPr8A63qqBASJ0AqQmrO0PTpc1QlZQ
0dCt4XzXSjG2wwXerzxj7lA5yxMf1LRZRW1Qlp54Ri4bm3D0iOTGfvUmD+pneUQS
zKEOe21HeWX+gyA5oDWcJtuNS6l799te/8GdUFuHdH9x3UChAiYmkNIgUT6RDuN1
sKc4Trgmh/KNNtKWyin2akaNoGPJwYlxRn7P9Ge7h1vAwSshd8BgOok1JtCGDwKF
syzPFzlFc8idxNGhD91J5O4QvuOBdFrCjYwliwlj9+XGJZ5lu2EbCjSlRLWHT69z
0dHKbkzwl0yT0fu06wWF21fzk/MrAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUIPcn
xUuLBdX2HN8d7EG1QZzrHXQwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzE5OTcwMUI2RjA5OTExRURCRUNERTUxRjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAG0wDQYJKoZIhvcNAQELBQAD
ggEBAACWwoJqQD2VJos9a6isDGxoVg3bxRcRhIyp98c1T3GohrUi1/IErvv2s1Gp
3Gb1aweyLEMaQzgSY5JR68pYkNdPRiVoIj15jmjed/Aj78z99UZxvrz4wXi5LitX
XvHEt+g79Ops554fx3cKlwVs2ESdj9obLRMImotMW4jhGEZMNu+x4ofQ2uApR7p3
I7OhigntolNcNjJ6iYuwQfHvFABtmdzaiKQHzLUf6hZuAtKtM2UkezkcczCwiADx
3pu4i4ndKzOcfgohV9/cha8aPp+boP3vn3esTRYdVF4H4AKQhRIJ9BKeQoLD/+uo
0G/jHq9aSqDBHWe49GkO/jsY/cU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org