Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/55F6C890174911EE9183561E4AD9E6FC.roa
File: 55F6C890174911EE9183561E4AD9E6FC.roa (raw, json)
Hash identifier: mK1F4OzAncUXYv6bZ6hfemRdqMC7gnoErJueB8CQU9M=
Subject key identifier: A8:15:40:13:26:B3:1B:77:E5:9D:9C:40:72:68:58:25:44:2A:EB:FB
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 03F0
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/55F6C890174911EE9183561E4AD9E6FC.roa
Signing time: Fri 30 Jun 2023 13:23:44 +0000
ROA not before: Fri 30 Jun 2023 13:23:40 +0000
ROA not after: Sun 30 Jun 2024 13:23:40 +0000
asID: 57097
IP address blocks: 156.0.112.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1008 (0x3f0)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 13:23:40 2023 GMT
Not After : Jun 30 13:23:40 2024 GMT
Subject: CN=649ed760-5085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:99:d3:ed:a2:05:68:0a:3a:e0:42:57:07:8e:
07:7e:06:1e:3f:74:3f:45:0e:3f:e2:4c:2e:72:27:
ee:a6:f0:fe:a8:fe:39:50:c1:58:cb:c5:99:85:1b:
cd:aa:6d:db:30:ff:9a:04:45:e4:0a:88:b3:5a:aa:
29:2e:d8:90:4c:d0:8b:d4:2c:dd:25:58:a4:54:ec:
78:cf:f7:f2:26:de:b0:d9:0a:cf:97:ee:09:36:d2:
c4:44:bc:fb:18:45:ff:84:77:19:28:9b:26:43:eb:
30:c2:f2:59:ea:cd:67:86:fe:9b:b3:47:a0:a6:5a:
b5:da:81:42:2c:72:d1:88:68:fe:ce:c2:62:b0:27:
db:e3:d8:ea:1f:99:cb:3c:66:91:80:bf:2c:f9:a3:
e0:05:e4:0a:1f:e9:00:78:2c:bb:71:7a:5a:82:aa:
18:e0:23:5e:8e:f2:bf:94:5e:c2:c5:bd:05:cc:c7:
ce:38:56:0b:68:7f:fc:ef:b7:af:5c:c3:cd:ee:43:
31:70:41:9b:8c:31:65:4b:b4:c2:2e:fd:6f:ea:9f:
6b:42:69:a5:db:65:8a:2c:45:a7:d9:37:91:c4:73:
d6:d4:e9:2e:6b:c6:5f:be:5e:1e:f1:ba:50:3f:54:
56:15:c1:31:10:2f:1b:0b:fd:be:74:bc:0d:0f:00:
b4:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:15:40:13:26:B3:1B:77:E5:9D:9C:40:72:68:58:25:44:2A:EB:FB
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/55F6C890174911EE9183561E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.112.0/24
Signature Algorithm: sha256WithRSAEncryption
76:20:f9:c2:48:61:c2:a2:4c:a1:fb:47:cd:79:64:17:cb:40:
f2:04:11:d5:53:d2:c7:59:1c:5d:08:09:cb:85:50:b3:dc:2a:
c8:66:63:33:88:f1:35:86:54:c7:89:b4:b4:a9:ef:d6:19:0c:
ae:1a:70:14:27:b7:32:0a:f4:e6:61:1d:88:22:cd:58:b7:18:
a3:e9:40:df:af:73:c9:65:8f:a4:29:d8:01:47:0a:6e:09:ac:
54:01:b5:b8:1f:cd:63:65:5d:1c:f1:0c:45:7f:87:9d:a5:d4:
8c:dc:39:fc:9b:30:86:43:29:6c:35:ae:eb:29:da:23:d6:41:
d4:e5:4b:a8:71:59:43:f2:36:5e:44:0a:bf:79:c4:7e:04:0f:
ae:e1:96:49:33:2a:47:5f:1f:a6:2e:f5:7c:d2:b4:e6:95:58:
1a:da:a4:52:37:9b:97:eb:e0:47:56:39:11:8f:d2:14:d8:46:
5f:29:f8:e8:b2:de:67:c0:89:cb:8c:97:3b:4e:2c:d9:84:0a:
22:9d:80:db:58:59:be:0f:b6:cc:70:7e:88:2c:55:71:d2:45:
2f:06:74:d5:ba:a3:98:94:71:17:e5:c9:43:3d:b7:dd:fa:cd:
34:7b:37:46:57:b6:2e:ff:3c:67:1e:cc:b0:6a:10:e8:6f:23:
29:66:ca:fe
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA/AwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMzIzNDBaFw0yNDA2MzAxMzIzNDBaMBgxFjAU
BgNVBAMTDTY0OWVkNzYwLTUwODUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCmmdPtogVoCjrgQlcHjgd+Bh4/dD9FDj/iTC5yJ+6m8P6o/jlQwVjLxZmF
G82qbdsw/5oEReQKiLNaqiku2JBM0IvULN0lWKRU7HjP9/Im3rDZCs+X7gk20sRE
vPsYRf+EdxkomyZD6zDC8lnqzWeG/puzR6CmWrXagUIsctGIaP7OwmKwJ9vj2Oof
mcs8ZpGAvyz5o+AF5Aof6QB4LLtxelqCqhjgI16O8r+UXsLFvQXMx844Vgtof/zv
t69cw83uQzFwQZuMMWVLtMIu/W/qn2tCaaXbZYosRafZN5HEc9bU6S5rxl++Xh7x
ulA/VFYVwTEQLxsL/b50vA0PALRhAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUqBVA
EyazG3flnZxAcmhYJUQq6/swHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzU1RjZDODkwMTc0OTExRUU5MTgzNTYxRTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHAwDQYJKoZIhvcNAQELBQAD
ggEBAHYg+cJIYcKiTKH7R815ZBfLQPIEEdVT0sdZHF0ICcuFULPcKshmYzOI8TWG
VMeJtLSp79YZDK4acBQntzIK9OZhHYgizVi3GKPpQN+vc8llj6Qp2AFHCm4JrFQB
tbgfzWNlXRzxDEV/h52l1IzcOfybMIZDKWw1rusp2iPWQdTlS6hxWUPyNl5ECr95
xH4ED67hlkkzKkdfH6Yu9XzStOaVWBrapFI3m5fr4EdWORGP0hTYRl8p+Oiy3mfA
icuMlztOLNmECiKdgNtYWb4PtsxwfogsVXHSRS8GdNW6o5iUcRflyUM9t936zTR7
N0ZXti7/PGcezLBqEOhvIylmyv4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org