Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/3F5F2D72174C11EE83C131284AD9E6FC.roa
File: 3F5F2D72174C11EE83C131284AD9E6FC.roa (raw, json)
Hash identifier: GQzsz7MrlSDKQfeV5a/48f9iDRJ7IrvlGx3eAG2L4u0=
Subject key identifier: 59:8C:08:4C:CA:C1:22:F0:3D:4E:DD:F9:B1:9D:07:5D:3B:76:B0:0A
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 040A
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/3F5F2D72174C11EE83C131284AD9E6FC.roa
Signing time: Fri 30 Jun 2023 13:44:34 +0000
ROA not before: Fri 30 Jun 2023 13:44:28 +0000
ROA not after: Sun 30 Jun 2024 13:44:28 +0000
asID: 328227
IP address blocks: 156.0.126.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1034 (0x40a)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 13:44:28 2023 GMT
Not After : Jun 30 13:44:28 2024 GMT
Subject: CN=649edc42-eeb2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:3e:73:73:2f:2c:41:7c:5d:a9:01:dd:c5:1c:
16:8c:94:9d:ec:50:e6:fb:60:5b:5f:07:1e:a6:88:
29:0b:89:c2:54:ea:b3:5a:67:83:fc:a8:32:58:a5:
0a:91:98:87:b3:22:f1:f0:9f:de:b9:28:e0:de:0b:
83:4b:e4:f4:9e:5c:ff:c0:42:93:1f:9b:28:b3:88:
1a:e3:c3:0c:e8:4f:7d:20:f9:ef:94:86:3d:54:3c:
53:cd:76:5b:6c:74:da:6c:e2:ce:e4:ed:31:da:0e:
12:96:89:ff:60:ac:4b:6d:bd:50:cb:d9:c8:2b:bd:
fd:a3:ac:ac:96:52:7a:d8:62:7f:f7:2f:93:92:2a:
6f:d9:5e:5e:8c:3f:54:38:6b:17:93:10:92:6a:29:
60:e1:84:ee:73:2c:a8:c5:60:2b:2f:49:75:d6:d0:
d2:fa:15:2e:60:ee:4c:05:aa:84:25:49:73:5a:28:
00:6d:09:d0:b4:12:66:0f:1c:e8:4d:48:27:3b:d7:
f9:81:30:e6:82:7f:5f:f7:89:6f:1a:b2:8c:c5:60:
9c:2b:b6:c0:85:f4:1f:d1:c2:42:20:51:00:8a:16:
c4:8a:88:66:ee:b3:b2:ce:ec:22:3b:6e:5b:1f:66:
5b:c5:29:0b:18:5d:0b:64:35:36:a4:5c:25:ac:75:
b2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
59:8C:08:4C:CA:C1:22:F0:3D:4E:DD:F9:B1:9D:07:5D:3B:76:B0:0A
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/3F5F2D72174C11EE83C131284AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.126.0/24
Signature Algorithm: sha256WithRSAEncryption
42:81:da:16:d7:1c:d8:a8:26:84:4c:c6:d4:13:69:ef:5c:94:
3f:06:c3:10:f6:2b:60:5c:b7:1a:d1:4c:f4:d5:1f:83:eb:7b:
a7:6e:00:42:44:08:75:ac:77:76:89:62:0b:2d:9e:5d:ad:81:
d0:85:af:19:7c:df:dc:51:71:d4:85:2e:48:91:49:8f:43:27:
00:9f:66:ee:0a:8c:b2:6d:60:df:71:fe:17:11:22:f0:54:8d:
ff:f4:4b:b9:cf:6c:67:15:ed:3d:24:a9:c5:92:81:4b:59:6b:
9e:24:3e:7e:cc:ef:8c:d3:bb:5d:d5:1b:7b:38:3b:9d:5f:35:
2d:66:82:11:bb:03:72:63:08:5d:c7:09:6a:69:57:1c:02:0b:
57:8b:84:9d:0d:f4:94:1a:15:2f:34:ec:cd:42:d1:5d:85:4e:
0c:bb:84:2a:71:88:d4:73:34:a4:10:c2:ad:2a:95:0e:0e:de:
4e:ea:1d:bb:a4:94:b3:bc:71:2c:8f:39:82:bb:a4:2c:96:59:
0b:89:d1:41:36:06:6f:7c:5a:1c:36:f8:58:db:63:4e:5f:eb:
5a:00:61:e1:da:a4:ab:25:89:40:6b:61:b6:17:d6:4d:05:23:
fb:17:7e:6d:e8:ca:4a:67:96:60:84:6b:9a:e1:7d:b5:28:33:
30:96:3b:ba
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBAowDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMzQ0MjhaFw0yNDA2MzAxMzQ0MjhaMBgxFjAU
BgNVBAMTDTY0OWVkYzQyLWVlYjIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9PnNzLyxBfF2pAd3FHBaMlJ3sUOb7YFtfBx6miCkLicJU6rNaZ4P8qDJY
pQqRmIezIvHwn965KODeC4NL5PSeXP/AQpMfmyiziBrjwwzoT30g+e+Uhj1UPFPN
dltsdNps4s7k7THaDhKWif9grEttvVDL2cgrvf2jrKyWUnrYYn/3L5OSKm/ZXl6M
P1Q4axeTEJJqKWDhhO5zLKjFYCsvSXXW0NL6FS5g7kwFqoQlSXNaKABtCdC0EmYP
HOhNSCc71/mBMOaCf1/3iW8asozFYJwrtsCF9B/RwkIgUQCKFsSKiGbus7LO7CI7
blsfZlvFKQsYXQtkNTakXCWsdbLlAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUWYwI
TMrBIvA9Tt35sZ0HXTt2sAowHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzNGNUYyRDcyMTc0QzExRUU4M0MxMzEyODRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAH4wDQYJKoZIhvcNAQELBQAD
ggEBAEKB2hbXHNioJoRMxtQTae9clD8GwxD2K2BctxrRTPTVH4Pre6duAEJECHWs
d3aJYgstnl2tgdCFrxl839xRcdSFLkiRSY9DJwCfZu4KjLJtYN9x/hcRIvBUjf/0
S7nPbGcV7T0kqcWSgUtZa54kPn7M74zTu13VG3s4O51fNS1mghG7A3JjCF3HCWpp
VxwCC1eLhJ0N9JQaFS807M1C0V2FTgy7hCpxiNRzNKQQwq0qlQ4O3k7qHbuklLO8
cSyPOYK7pCyWWQuJ0UE2Bm98Whw2+FjbY05f61oAYeHapKsliUBrYbYX1k0FI/sX
fm3oykpnlmCEa5rhfbUoMzCWO7o=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org