Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/332B8880174611EEBD656D154AD9E6FC.roa
File: 332B8880174611EEBD656D154AD9E6FC.roa (raw, json)
Hash identifier: zVZuziJ/VoQdolbg7JJ53hl4rPJT2oKtb77E4wnLi7Y=
Subject key identifier: D5:FB:B8:6F:0F:D4:98:39:58:03:33:D4:A0:35:42:78:67:0A:E5:0A
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 03E6
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/332B8880174611EEBD656D154AD9E6FC.roa
Signing time: Fri 30 Jun 2023 13:01:17 +0000
ROA not before: Fri 30 Jun 2023 13:01:13 +0000
ROA not after: Sun 30 Jun 2024 13:01:13 +0000
asID: 328227
IP address blocks: 156.0.106.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 998 (0x3e6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 13:01:13 2023 GMT
Not After : Jun 30 13:01:13 2024 GMT
Subject: CN=649ed21d-0db0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:d8:b9:1f:0f:2d:86:f3:86:c9:e5:4a:13:e3:
a2:ec:91:66:d6:29:36:65:83:52:59:ad:a0:58:82:
4d:5e:7c:73:30:c6:a7:f2:f7:08:b8:5d:bf:7b:60:
73:9e:95:a2:09:6a:ff:5e:70:7b:65:bd:60:4c:95:
33:22:2a:9c:d7:a7:d8:97:a6:47:2b:0a:c3:83:de:
64:c0:f5:e4:d0:e6:11:8d:f8:2e:fe:06:a6:b7:14:
19:97:f0:82:a2:81:06:48:39:29:b7:e6:2f:5b:40:
2f:30:6f:6a:ba:f9:9f:07:0f:da:51:e9:d9:56:f5:
e9:89:57:f5:5d:ef:a4:97:ef:27:61:53:ad:26:b5:
da:c1:e2:04:fd:f1:15:83:eb:87:37:df:00:a5:b2:
4e:87:5f:e1:ae:04:6a:16:1f:a3:a1:cf:30:27:6f:
95:b4:27:21:10:80:ff:31:a7:e9:c6:8c:bf:0c:d1:
09:35:4d:82:1c:00:05:01:92:1d:7f:33:9c:6c:44:
e7:83:e7:49:8c:58:75:b4:10:40:f7:bf:e0:d1:b4:
af:68:66:9e:a3:f4:bf:26:65:81:13:87:37:aa:93:
2a:d8:21:86:e0:74:79:8c:6d:3f:bc:48:61:ec:f7:
5e:20:8b:24:04:48:de:ec:22:12:a5:43:6f:3d:5f:
80:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:FB:B8:6F:0F:D4:98:39:58:03:33:D4:A0:35:42:78:67:0A:E5:0A
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/332B8880174611EEBD656D154AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.106.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:90:59:39:c5:96:d0:8f:b3:d3:94:fe:0f:a7:60:ff:f4:fd:
28:4c:fa:12:89:26:32:69:d9:17:77:d9:65:69:d1:49:5c:47:
07:b2:a8:b5:9d:48:fd:17:cc:81:6d:91:34:39:32:8a:04:e0:
e1:61:e9:b2:a4:9d:39:cd:b4:27:21:c1:45:57:f6:f7:85:6e:
93:73:38:b8:1f:aa:e9:c8:d5:89:30:e7:47:6d:52:4f:f7:6e:
42:82:30:ec:30:24:64:44:13:94:ed:b2:25:86:7c:f4:ca:f5:
1e:d9:5c:d1:ff:b8:6b:76:85:7d:e1:45:1b:b1:b3:3c:5a:16:
f2:33:19:88:cf:62:bb:a1:c1:5d:8b:eb:a5:b5:55:bf:10:c1:
3e:72:a7:22:9b:2a:29:95:8f:50:23:51:53:4a:f0:be:55:60:
a3:9e:ca:8a:f5:b4:e5:d8:78:12:47:64:5e:71:e7:14:1f:f9:
05:54:b3:4e:2d:07:69:c9:ff:63:09:79:92:1a:f7:ad:ab:8a:
56:4a:3f:fb:c4:ff:bc:d2:d4:f7:6b:60:9e:26:d4:54:12:2b:
14:da:d5:7d:16:5b:5a:d7:66:76:89:79:20:0f:68:99:b6:f3:
0a:a3:41:32:7d:6f:01:e2:72:9a:6f:d2:18:fa:f6:07:c1:7e:
a7:e6:1e:64
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA+YwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMzAxMTNaFw0yNDA2MzAxMzAxMTNaMBgxFjAU
BgNVBAMTDTY0OWVkMjFkLTBkYjAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDN2LkfDy2G84bJ5UoT46LskWbWKTZlg1JZraBYgk1efHMwxqfy9wi4Xb97
YHOelaIJav9ecHtlvWBMlTMiKpzXp9iXpkcrCsOD3mTA9eTQ5hGN+C7+Bqa3FBmX
8IKigQZIOSm35i9bQC8wb2q6+Z8HD9pR6dlW9emJV/Vd76SX7ydhU60mtdrB4gT9
8RWD64c33wClsk6HX+GuBGoWH6OhzzAnb5W0JyEQgP8xp+nGjL8M0Qk1TYIcAAUB
kh1/M5xsROeD50mMWHW0EED3v+DRtK9oZp6j9L8mZYEThzeqkyrYIYbgdHmMbT+8
SGHs914giyQESN7sIhKlQ289X4AhAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU1fu4
bw/UmDlYAzPUoDVCeGcK5QowHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzMzMkI4ODgwMTc0NjExRUVCRDY1NkQxNTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAGowDQYJKoZIhvcNAQELBQAD
ggEBAH+QWTnFltCPs9OU/g+nYP/0/ShM+hKJJjJp2Rd32WVp0UlcRweyqLWdSP0X
zIFtkTQ5MooE4OFh6bKknTnNtCchwUVX9veFbpNzOLgfqunI1Ykw50dtUk/3bkKC
MOwwJGREE5TtsiWGfPTK9R7ZXNH/uGt2hX3hRRuxszxaFvIzGYjPYruhwV2L66W1
Vb8QwT5ypyKbKimVj1AjUVNK8L5VYKOeyor1tOXYeBJHZF5x5xQf+QVUs04tB2nJ
/2MJeZIa962rilZKP/vE/7zS1PdrYJ4m1FQSKxTa1X0WW1rXZnaJeSAPaJm28wqj
QTJ9bwHicppv0hj69gfBfqfmHmQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org