Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/3C2F0DE474AC11EE8EF211494AD9E6FC.roa
File: 3C2F0DE474AC11EE8EF211494AD9E6FC.roa (raw, json)
Hash identifier: 63TNnZJMxG10BseEL9JzmmNdGNcwxYpJ9wgi204T42c=
Subject key identifier: 70:04:62:B1:B9:7F:E2:2E:8E:66:CB:57:6B:5A:29:8D:09:05:70:96
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0508
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/3C2F0DE474AC11EE8EF211494AD9E6FC.roa
Signing time: Fri 27 Oct 2023 09:35:59 +0000
ROA not before: Fri 27 Oct 2023 09:35:56 +0000
ROA not after: Sun 27 Oct 2024 09:35:56 +0000
asID: 328227
IP address blocks: 156.0.125.0/25 maxlen: 25
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1288 (0x508)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Oct 27 09:35:56 2023 GMT
Not After : Oct 27 09:35:56 2024 GMT
Subject: CN=653b847f-7cb1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:dc:65:01:03:b9:87:27:13:de:0e:02:e8:51:
a6:0e:04:0c:21:ad:dd:a8:ef:55:44:cc:64:b8:7d:
36:79:71:d4:4a:d1:fc:ab:af:07:29:66:c7:58:05:
0e:c4:01:d7:79:41:98:01:cc:65:c9:90:d1:57:bb:
d8:52:0f:4d:ff:13:bb:f9:47:3b:95:9c:90:66:45:
7c:4c:5a:76:f7:05:04:cc:2b:5e:16:b4:ef:25:8b:
41:ea:94:c4:a3:16:1e:47:16:f1:7d:16:c5:09:cd:
fd:0c:a7:2b:f1:0c:9d:2e:30:3b:d2:9d:d1:08:34:
85:16:6e:1f:29:e2:3d:87:d4:9d:dc:4d:92:ad:17:
0c:ab:be:11:c1:50:d0:69:8f:8d:7d:f6:2a:ec:2e:
84:5a:52:c7:3e:ab:c8:66:97:8f:6d:07:31:d9:67:
d4:cf:99:1b:97:4d:b2:c2:36:36:1a:d9:71:96:b4:
b6:ed:fa:d9:61:c8:74:6a:f3:ab:e0:d2:67:eb:71:
78:e4:21:1e:09:1f:c8:e6:88:94:34:37:6b:6e:42:
87:be:a2:58:57:c9:90:01:1b:5c:0f:2e:ae:57:8e:
7f:8e:2f:26:b5:94:25:f8:b5:e7:49:e3:35:d8:9b:
98:db:33:0a:e0:66:a9:29:ae:01:e4:f4:78:71:5e:
62:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:04:62:B1:B9:7F:E2:2E:8E:66:CB:57:6B:5A:29:8D:09:05:70:96
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/3C2F0DE474AC11EE8EF211494AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.125.0/25
Signature Algorithm: sha256WithRSAEncryption
0b:38:dc:4d:78:61:af:4f:cf:6d:7e:0f:aa:74:31:ee:84:62:
c3:1f:64:13:54:0a:5b:d6:49:8f:c6:d9:ae:16:bf:e8:b9:cf:
ef:62:9d:47:20:f1:29:a8:fb:f9:1e:01:55:2e:4a:e6:a6:1f:
a6:fa:5b:49:ce:a4:a8:e0:fb:e1:d6:3e:31:d6:eb:48:a6:b1:
95:55:86:03:31:33:46:e5:f2:14:b4:66:b5:bb:36:dc:8b:51:
53:24:3f:42:63:b8:3b:31:5d:de:cb:e2:0b:1b:4b:d5:f1:f6:
46:ad:53:6e:60:25:10:6d:ef:c3:24:67:3f:ef:88:62:d8:87:
87:ee:99:58:56:58:19:c0:71:7b:a5:d4:dd:3c:f5:81:9c:26:
c6:1b:2a:1d:4a:f6:c9:a4:ee:6e:18:f0:58:0b:e4:6e:90:00:
c2:02:1e:de:2b:e4:2f:0c:8c:52:e7:f0:88:cb:33:d7:83:e0:
a1:f8:91:e9:af:54:7d:ec:a2:69:3b:79:d5:2c:00:3f:2f:4a:
b4:b7:f2:f4:f0:20:a1:33:3a:fb:94:41:a0:d5:15:c0:01:65:
eb:f4:e4:ed:e8:20:dd:17:f8:ee:71:f7:2d:ab:c0:ae:31:7e:
3b:0a:ce:b0:d6:35:33:41:1c:36:50:ee:6a:a8:d4:49:46:58:
1f:06:71:6a
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgICBQgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzEwMjcwOTM1NTZaFw0yNDEwMjcwOTM1NTZaMBgxFjAU
BgNVBAMTDTY1M2I4NDdmLTdjYjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCk3GUBA7mHJxPeDgLoUaYOBAwhrd2o71VEzGS4fTZ5cdRK0fyrrwcpZsdY
BQ7EAdd5QZgBzGXJkNFXu9hSD03/E7v5RzuVnJBmRXxMWnb3BQTMK14WtO8li0Hq
lMSjFh5HFvF9FsUJzf0MpyvxDJ0uMDvSndEINIUWbh8p4j2H1J3cTZKtFwyrvhHB
UNBpj4199irsLoRaUsc+q8hml49tBzHZZ9TPmRuXTbLCNjYa2XGWtLbt+tlhyHRq
86vg0mfrcXjkIR4JH8jmiJQ0N2tuQoe+olhXyZABG1wPLq5Xjn+OLya1lCX4tedJ
4zXYm5jbMwrgZqkprgHk9HhxXmJFAgMBAAGjggKjMIICnzAdBgNVHQ4EFgQUcARi
sbl/4i6OZstXa1opjQkFcJYwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzNDMkYwREU0NzRBQzExRUU4RUYyMTE0OTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
IAYIKwYBBQUHAQcBAf8EETAPMA0EAgABMAcDBQecAH0AMA0GCSqGSIb3DQEBCwUA
A4IBAQALONxNeGGvT89tfg+qdDHuhGLDH2QTVApb1kmPxtmuFr/ouc/vYp1HIPEp
qPv5HgFVLkrmph+m+ltJzqSo4Pvh1j4x1utIprGVVYYDMTNG5fIUtGa1uzbci1FT
JD9CY7g7MV3ey+ILG0vV8fZGrVNuYCUQbe/DJGc/74hi2IeH7plYVlgZwHF7pdTd
PPWBnCbGGyodSvbJpO5uGPBYC+RukADCAh7eK+QvDIxS5/CIyzPXg+Ch+JHpr1R9
7KJpO3nVLAA/L0q0t/L08CChMzr7lEGg1RXAAWXr9OTt6CDdF/jucfctq8CuMX47
Cs6w1jUzQRw2UO5qqNRJRlgfBnFq
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org