Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/1B230A3261F211EE9B1D7F104AD9E6FC.roa
File: 1B230A3261F211EE9B1D7F104AD9E6FC.roa (raw, json)
Hash identifier: Ri6eAeuh4tT7+iLRQoovrjO9Ev47mkISLRd06z6HAlM=
Subject key identifier: 59:BB:57:6E:8F:52:71:85:5F:49:BC:03:42:80:AA:81:E8:07:76:3D
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 04DF
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/1B230A3261F211EE9B1D7F104AD9E6FC.roa
Signing time: Tue 03 Oct 2023 13:38:16 +0000
ROA not before: Tue 03 Oct 2023 13:38:13 +0000
ROA not after: Thu 03 Oct 2024 13:38:13 +0000
asID: 205320
IP address blocks: 156.0.123.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1247 (0x4df)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Oct 3 13:38:13 2023 GMT
Not After : Oct 3 13:38:13 2024 GMT
Subject: CN=651c1948-2e7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:07:05:27:67:84:44:1b:8e:fd:f4:9b:f1:b5:
bb:06:fe:39:29:a3:b8:5c:60:3d:cb:66:29:30:c3:
2e:8b:ee:69:15:25:70:29:31:33:8f:41:16:9f:59:
d0:78:ce:ed:2b:89:15:73:15:4d:8b:19:2d:ae:f1:
3a:03:dc:d3:d9:39:4e:c4:e7:d8:c2:00:13:78:7c:
7c:6e:0a:a5:1a:e6:9b:14:82:ef:ba:89:2d:8f:a0:
bf:41:ab:e9:43:fc:db:9a:60:ef:76:4c:5f:af:91:
cb:94:36:e3:2b:5b:3e:02:48:b6:0a:1f:55:7d:44:
77:fe:45:98:ed:8f:d1:41:b0:22:80:1a:a6:1c:29:
24:6f:11:c7:53:c2:43:5a:d5:f3:ea:a2:9c:00:5a:
94:3f:57:a4:3e:78:66:95:38:02:b1:3c:98:8a:6b:
16:c1:e5:c8:a8:ed:84:24:65:37:64:36:e8:46:e1:
94:93:ec:16:de:c1:5f:76:1a:1f:9f:c9:da:3a:60:
e8:67:d4:ed:d9:81:0c:ed:5e:25:b6:2f:0c:74:f3:
95:af:7b:c8:6e:23:b1:03:d1:14:71:e3:7e:8a:5f:
ee:f0:73:51:9d:20:f1:38:a3:e2:90:76:ea:c6:2a:
f5:7c:30:14:7c:fd:9c:04:3e:9a:79:c4:0c:08:53:
b6:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:BB:57:6E:8F:52:71:85:5F:49:BC:03:42:80:AA:81:E8:07:76:3D
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/1B230A3261F211EE9B1D7F104AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.123.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:f8:cf:78:7e:e4:c6:f9:4a:90:c7:a5:87:28:b6:00:1e:f5:
67:23:70:a1:48:53:39:1f:92:d8:3a:c3:a3:6a:f1:fd:08:3c:
3d:25:1a:4b:92:1a:b6:99:eb:2a:2c:7c:a8:f9:43:ec:ae:ce:
30:74:a4:61:f5:2d:fe:a8:9b:ab:37:4c:dd:77:ea:82:b2:39:
bd:e1:7c:8f:20:b2:65:64:21:d1:4e:92:c4:ef:b3:56:54:18:
b7:ef:78:a8:50:41:81:9a:09:07:a6:58:3e:05:fe:a7:96:81:
62:8c:fa:d2:9e:f2:68:37:cc:5b:8e:3a:25:f7:2c:cd:0c:a6:
64:20:26:63:e3:a8:bd:00:86:3f:ac:6c:5f:a1:87:94:5e:87:
c8:8d:90:0b:ff:c3:c5:b3:6a:18:34:a7:12:3c:ff:f9:e2:3e:
c3:a2:c1:2e:18:6e:7f:9c:d4:cf:f9:33:f1:e4:d5:a2:bf:02:
bc:60:f6:cc:0b:ea:dc:cc:3b:d7:7d:f4:7f:23:3a:a9:18:29:
cd:a9:02:20:5e:b1:aa:62:5e:6f:92:05:7e:7f:e7:af:10:ad:
49:b6:46:c4:37:d5:f0:57:ca:e7:55:21:df:4e:18:f8:0b:2f:
fc:83:5c:ef:ca:5a:90:7c:dd:3e:3a:a4:37:4a:d8:3b:77:02:
d8:0c:06:42
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBN8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzEwMDMxMzM4MTNaFw0yNDEwMDMxMzM4MTNaMBgxFjAU
BgNVBAMTDTY1MWMxOTQ4LTJlN2EwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC/BwUnZ4REG4799JvxtbsG/jkpo7hcYD3LZikwwy6L7mkVJXApMTOPQRaf
WdB4zu0riRVzFU2LGS2u8ToD3NPZOU7E59jCABN4fHxuCqUa5psUgu+6iS2PoL9B
q+lD/NuaYO92TF+vkcuUNuMrWz4CSLYKH1V9RHf+RZjtj9FBsCKAGqYcKSRvEcdT
wkNa1fPqopwAWpQ/V6Q+eGaVOAKxPJiKaxbB5cio7YQkZTdkNuhG4ZST7BbewV92
Gh+fydo6YOhn1O3ZgQztXiW2Lwx085Wve8huI7ED0RRx436KX+7wc1GdIPE4o+KQ
durGKvV8MBR8/ZwEPpp5xAwIU7bjAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUWbtX
bo9ScYVfSbwDQoCqgegHdj0wHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzFCMjMwQTMyNjFGMjExRUU5QjFEN0YxMDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHswDQYJKoZIhvcNAQELBQAD
ggEBAKn4z3h+5Mb5SpDHpYcotgAe9WcjcKFIUzkfktg6w6Nq8f0IPD0lGkuSGraZ
6yosfKj5Q+yuzjB0pGH1Lf6om6s3TN136oKyOb3hfI8gsmVkIdFOksTvs1ZUGLfv
eKhQQYGaCQemWD4F/qeWgWKM+tKe8mg3zFuOOiX3LM0MpmQgJmPjqL0Ahj+sbF+h
h5Reh8iNkAv/w8Wzahg0pxI8//niPsOiwS4Ybn+c1M/5M/Hk1aK/Arxg9swL6tzM
O9d99H8jOqkYKc2pAiBesapiXm+SBX5/568QrUm2RsQ31fBXyudVId9OGPgLL/yD
XO/KWpB83T46pDdK2Dt3AtgMBkI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org