Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/3367B44E209311EEA860A8654AD9E6FC.roa
File: 3367B44E209311EEA860A8654AD9E6FC.roa (raw, json)
Hash identifier: 9mKDMfUhm2I3I17sfmVWiYAQJ1I7bTNeRSrw8Yld5t4=
Subject key identifier: 2D:D6:F9:46:69:36:05:B2:26:48:73:12:18:85:42:9D:D6:AF:1A:56
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0425
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/3367B44E209311EEA860A8654AD9E6FC.roa
Signing time: Wed 12 Jul 2023 09:05:09 +0000
ROA not before: Wed 12 Jul 2023 09:05:06 +0000
ROA not after: Fri 12 Jul 2024 09:05:06 +0000
asID: 17941
IP address blocks: 156.0.121.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1061 (0x425)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jul 12 09:05:06 2023 GMT
Not After : Jul 12 09:05:06 2024 GMT
Subject: CN=64ae6cc5-6323
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:e9:c8:b9:15:d0:e7:09:9a:61:b7:53:41:be:
f2:72:b0:33:cb:79:68:2f:99:7a:e1:44:b3:b7:fc:
2a:79:50:f5:b5:50:d8:40:22:97:d7:42:82:5a:51:
98:5a:45:d4:18:24:37:ac:3d:29:38:45:f6:ff:cd:
8d:99:5f:8c:d5:bc:a6:c0:80:25:94:78:34:c5:59:
2b:f5:d7:5c:f1:ab:ba:a8:d2:b4:5a:9f:fe:19:62:
d7:ff:2b:89:0a:93:fd:d6:bb:a3:4f:84:63:5a:25:
df:73:95:91:28:8a:f7:8f:78:57:7c:9b:ff:64:85:
84:d3:00:05:53:51:06:ff:eb:d3:d1:7c:66:8f:de:
db:10:d6:d7:2d:60:91:24:eb:45:65:cf:13:b9:8f:
04:34:b9:70:93:ba:80:25:ce:01:bf:48:79:a0:64:
8c:29:b3:05:6b:c5:e1:94:7b:52:2b:05:a4:f0:3d:
8f:96:74:c6:c8:65:c5:7f:48:4d:5c:1e:07:26:bf:
3d:ac:bb:02:34:eb:9a:13:a1:5b:34:d7:0d:5e:8b:
5e:83:15:f5:12:7d:72:b8:11:14:52:d2:a3:94:75:
84:04:fb:09:64:bf:7e:89:a6:a8:19:1b:ab:ce:4a:
43:31:81:9c:df:e4:32:82:9f:e7:52:99:58:9b:6b:
c1:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:D6:F9:46:69:36:05:B2:26:48:73:12:18:85:42:9D:D6:AF:1A:56
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/3367B44E209311EEA860A8654AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.121.0/24
Signature Algorithm: sha256WithRSAEncryption
46:18:24:44:72:2f:9d:d2:4f:fd:56:e7:ff:81:2e:cf:3d:a7:
83:75:f0:4b:d6:c4:d6:e5:cf:88:a5:25:1b:88:9e:4e:d4:64:
4c:a7:69:fa:0f:7a:ea:ee:c8:ad:42:09:87:8d:6a:a4:bc:d2:
dd:f3:03:9a:eb:a9:21:00:16:07:24:b8:1a:ab:e0:74:7a:16:
ed:09:4a:de:b1:e7:a0:7c:a2:53:0a:b7:5d:15:af:9f:ff:05:
be:fb:5d:4e:55:ab:a9:39:c4:f3:66:71:c1:1c:25:27:69:9b:
4c:61:c9:6a:02:8a:e5:66:e2:e0:a5:7f:ac:4d:35:13:d1:61:
ff:04:50:0b:14:f3:ea:04:d8:2f:63:25:70:b4:6c:6d:d6:95:
6b:19:87:b6:4e:6f:97:3a:2e:a7:2a:f3:e7:ad:3f:38:c8:f2:
5a:ec:b7:6f:39:f6:9a:27:5f:2c:8a:4f:d2:93:d9:22:ac:fb:
e7:eb:69:e2:73:fd:52:20:08:76:13:7b:a1:f1:8a:51:ec:e2:
bb:44:36:df:29:d7:b7:c9:3f:fa:eb:1d:9d:39:42:02:b8:33:
75:7d:bc:d4:6b:c2:f0:2d:84:96:98:a8:7c:bd:20:f8:82:a2:
51:5d:8a:ff:4c:72:03:63:12:ae:35:d2:07:14:20:fb:2c:9f:
02:3c:2d:4c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBCUwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA3MTIwOTA1MDZaFw0yNDA3MTIwOTA1MDZaMBgxFjAU
BgNVBAMTDTY0YWU2Y2M1LTYzMjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDS6ci5FdDnCZpht1NBvvJysDPLeWgvmXrhRLO3/Cp5UPW1UNhAIpfXQoJa
UZhaRdQYJDesPSk4Rfb/zY2ZX4zVvKbAgCWUeDTFWSv111zxq7qo0rRan/4ZYtf/
K4kKk/3Wu6NPhGNaJd9zlZEoivePeFd8m/9khYTTAAVTUQb/69PRfGaP3tsQ1tct
YJEk60VlzxO5jwQ0uXCTuoAlzgG/SHmgZIwpswVrxeGUe1IrBaTwPY+WdMbIZcV/
SE1cHgcmvz2suwI065oToVs01w1ei16DFfUSfXK4ERRS0qOUdYQE+wlkv36JpqgZ
G6vOSkMxgZzf5DKCn+dSmViba8EJAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQULdb5
Rmk2BbImSHMSGIVCndavGlYwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzMzNjdCNDRFMjA5MzExRUVBODYwQTg2NTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHkwDQYJKoZIhvcNAQELBQAD
ggEBAEYYJERyL53ST/1W5/+BLs89p4N18EvWxNblz4ilJRuInk7UZEynafoPeuru
yK1CCYeNaqS80t3zA5rrqSEAFgckuBqr4HR6Fu0JSt6x56B8olMKt10Vr5//Bb77
XU5Vq6k5xPNmccEcJSdpm0xhyWoCiuVm4uClf6xNNRPRYf8EUAsU8+oE2C9jJXC0
bG3WlWsZh7ZOb5c6Lqcq8+etPzjI8lrst2859ponXyyKT9KT2SKs++fraeJz/VIg
CHYTe6HxilHs4rtENt8p17fJP/rrHZ05QgK4M3V9vNRrwvAthJaYqHy9IPiColFd
iv9McgNjEq410gcUIPssnwI8LUw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org