Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/22CAC81E32CD11EE860D31694AD9E6FC.roa
File: 22CAC81E32CD11EE860D31694AD9E6FC.roa (raw, json)
Hash identifier: e9PfbfreiSKnj4bHVj1FJEDrQk4sad7lHqx0j8yADxI=
Subject key identifier: 03:3A:02:4B:1C:78:5A:8A:CB:41:2E:72:96:A1:AE:64:BA:AE:68:33
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0457
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/22CAC81E32CD11EE860D31694AD9E6FC.roa
Signing time: Fri 04 Aug 2023 13:45:13 +0000
ROA not before: Fri 04 Aug 2023 13:45:09 +0000
ROA not after: Sun 04 Aug 2024 13:45:09 +0000
asID: 328227
IP address blocks: 156.0.113.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1111 (0x457)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Aug 4 13:45:09 2023 GMT
Not After : Aug 4 13:45:09 2024 GMT
Subject: CN=64cd00e9-d446
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:19:8c:5b:07:97:dd:f4:bf:ff:3d:c5:14:b9:
b7:32:65:15:1a:74:f3:93:c9:84:65:65:ed:48:96:
3d:0c:26:e5:c4:66:f8:33:3e:85:c1:92:b5:de:73:
8f:9a:4a:5c:4b:14:aa:b4:d9:2b:58:9e:d9:e5:11:
fa:4a:df:95:6d:d8:5d:8f:cc:53:bf:2a:a6:a1:d1:
37:f2:66:19:b3:95:bd:20:ed:fa:2b:43:f9:a4:7f:
07:c1:ab:60:4f:ce:3e:3c:c7:64:1f:24:47:0b:42:
41:df:81:67:4e:6d:51:22:6b:60:b3:b8:c7:c0:0a:
e0:be:83:53:47:47:20:ec:bc:42:ff:11:e2:ea:60:
13:49:44:00:42:72:66:c6:3a:3d:6e:d3:95:9c:15:
26:41:81:6b:93:aa:79:3a:d4:23:3a:9f:cf:24:6a:
8c:d2:29:9d:10:73:20:1a:3b:92:1e:a5:de:79:b8:
3f:95:6b:f0:9f:54:e0:ea:45:fa:c0:fd:4e:a7:31:
50:88:50:8c:14:d3:54:a3:ab:ca:ab:5f:77:87:c6:
99:29:da:a1:02:89:3e:de:b3:1f:de:ac:ec:e2:4d:
43:c6:df:08:1f:ba:31:62:5b:d8:0f:44:d7:94:37:
dc:06:9c:6a:3e:7b:fe:9b:26:05:38:ed:3d:ab:c2:
99:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:3A:02:4B:1C:78:5A:8A:CB:41:2E:72:96:A1:AE:64:BA:AE:68:33
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/22CAC81E32CD11EE860D31694AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.113.0/24
Signature Algorithm: sha256WithRSAEncryption
95:fa:0c:59:81:95:21:2f:39:8f:aa:e2:20:a4:58:1a:f7:bb:
bb:e7:57:42:b2:07:ce:e2:cc:3c:50:67:dd:27:91:70:a8:8f:
5e:31:f4:24:b4:4b:80:24:15:fa:69:8c:f8:15:5c:07:40:21:
b4:ae:25:92:4d:c2:78:de:0f:ad:20:fd:13:9e:c5:31:17:3a:
84:b6:79:9f:d5:92:ef:5c:f1:4a:b2:80:14:43:62:f6:3f:cd:
a7:5b:b7:b5:7c:41:be:64:ec:93:af:44:bc:9e:5d:1e:48:26:
a9:cc:03:0b:c9:e7:de:d9:2b:47:93:cf:b8:b4:18:f6:9d:05:
12:dd:52:71:a2:dd:79:2d:c3:d4:3a:ec:2c:65:d9:a8:24:07:
6c:0b:21:01:6c:85:47:26:e4:a0:62:a0:77:c4:54:6f:d4:a7:
52:a6:70:8c:2a:a6:37:1b:ff:2e:80:21:cd:89:3f:84:d9:41:
fe:24:2f:1b:54:71:ba:34:a4:af:2f:15:71:6b:d6:58:66:1b:
3d:13:07:57:cc:c9:1a:10:db:eb:72:b8:d0:de:ad:a5:cd:49:
15:9e:2c:4b:5c:32:75:9b:a1:63:66:d1:5a:cd:30:b0:85:37:
51:08:d2:62:c0:76:05:19:c6:70:72:a6:f7:32:24:ef:39:a2:
49:81:19:ff
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBFcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA4MDQxMzQ1MDlaFw0yNDA4MDQxMzQ1MDlaMBgxFjAU
BgNVBAMTDTY0Y2QwMGU5LWQ0NDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCvGYxbB5fd9L//PcUUubcyZRUadPOTyYRlZe1Ilj0MJuXEZvgzPoXBkrXe
c4+aSlxLFKq02StYntnlEfpK35Vt2F2PzFO/Kqah0TfyZhmzlb0g7forQ/mkfwfB
q2BPzj48x2QfJEcLQkHfgWdObVEia2CzuMfACuC+g1NHRyDsvEL/EeLqYBNJRABC
cmbGOj1u05WcFSZBgWuTqnk61CM6n88kaozSKZ0QcyAaO5Iepd55uD+Va/CfVODq
RfrA/U6nMVCIUIwU01Sjq8qrX3eHxpkp2qECiT7esx/erOziTUPG3wgfujFiW9gP
RNeUN9wGnGo+e/6bJgU47T2rwpnzAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUAzoC
Sxx4WorLQS5ylqGuZLquaDMwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzIyQ0FDODFFMzJDRDExRUU4NjBEMzE2OTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHEwDQYJKoZIhvcNAQELBQAD
ggEBAJX6DFmBlSEvOY+q4iCkWBr3u7vnV0KyB87izDxQZ90nkXCoj14x9CS0S4Ak
FfppjPgVXAdAIbSuJZJNwnjeD60g/ROexTEXOoS2eZ/Vku9c8UqygBRDYvY/zadb
t7V8Qb5k7JOvRLyeXR5IJqnMAwvJ597ZK0eTz7i0GPadBRLdUnGi3Xktw9Q67Cxl
2agkB2wLIQFshUcm5KBioHfEVG/Up1KmcIwqpjcb/y6AIc2JP4TZQf4kLxtUcbo0
pK8vFXFr1lhmGz0TB1fMyRoQ2+tyuNDeraXNSRWeLEtcMnWboWNm0VrNMLCFN1EI
0mLAdgUZxnBypvcyJO85okmBGf8=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org