Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/5846DF8E5EA911EE9994A21E4AD9E6FC.roa
File: 5846DF8E5EA911EE9994A21E4AD9E6FC.roa (raw, json)
Hash identifier: 1Y09U2prCo/isgm6oTvrXcHV36zr6TM/q3U4wzsGUeQ=
Subject key identifier: 5C:7B:0E:30:02:EB:50:4C:D1:AC:5E:4A:18:DD:36:45:59:AB:91:2F
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 04D8
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/5846DF8E5EA911EE9994A21E4AD9E6FC.roa
Signing time: Fri 29 Sep 2023 09:19:52 +0000
ROA not before: Fri 29 Sep 2023 09:19:49 +0000
ROA not after: Sun 29 Sep 2024 09:19:49 +0000
asID: 205320
IP address blocks: 156.0.126.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1240 (0x4d8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Sep 29 09:19:49 2023 GMT
Not After : Sep 29 09:19:49 2024 GMT
Subject: CN=651696b8-0c0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:e2:ed:0f:16:eb:eb:9d:d2:d4:a0:2c:ff:38:
eb:ee:a6:bb:f8:df:f9:08:3e:b6:cb:c2:a8:bb:65:
ae:fb:d4:4e:10:87:fe:41:15:9d:e6:8f:e5:ac:c9:
93:31:4f:38:ed:f9:b6:d4:68:b3:99:c5:d4:f0:d9:
d5:55:f9:22:b4:f5:1f:93:a6:d1:04:b0:c0:55:c0:
bb:18:a0:1b:be:bd:6f:60:19:83:ca:28:da:4c:61:
1a:b9:45:43:0a:5c:fa:fc:aa:cb:fd:88:bb:cb:b1:
c0:ee:fe:a5:77:1c:38:02:5c:f1:15:54:40:cc:a8:
49:15:99:ab:e7:a6:6f:66:1f:b0:9d:00:ae:8c:83:
ea:c3:18:8e:74:51:10:f3:ec:f2:10:8b:a5:bf:19:
ba:b6:35:fa:d6:52:f3:21:8b:54:a0:a9:42:cd:23:
ab:33:20:6f:11:20:74:25:7e:c8:e0:2b:f0:91:2c:
b7:c8:d3:5c:24:81:47:c8:60:78:00:91:16:03:0f:
9b:51:b5:36:36:38:ef:fa:6b:9c:c4:21:9e:bf:b3:
96:32:aa:17:29:56:4a:7d:02:5d:1b:16:9d:52:94:
25:5a:d9:a8:06:23:26:f0:06:b8:45:47:23:87:93:
25:5f:54:b0:23:ad:95:a4:fe:1e:b0:32:6d:14:6d:
2a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:7B:0E:30:02:EB:50:4C:D1:AC:5E:4A:18:DD:36:45:59:AB:91:2F
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/5846DF8E5EA911EE9994A21E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.126.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:9a:6b:a0:f4:96:21:c3:42:44:49:34:05:b0:d9:07:62:f6:
de:d7:18:6e:42:76:fa:a4:69:dd:8f:eb:11:46:8b:b1:7f:25:
ad:b8:11:9a:c2:98:61:93:d7:53:4b:6b:06:57:a3:b4:79:52:
f4:4b:17:de:1f:7b:1c:1b:9a:d4:08:29:38:9e:c5:7a:5a:7d:
b6:c1:aa:21:ad:aa:e9:f9:59:a7:c8:91:a0:57:0c:d6:99:7c:
5a:a0:84:61:55:ea:c5:a5:0e:8e:22:36:97:25:49:b8:01:00:
26:ea:e4:35:3a:f9:c2:1a:23:2c:b7:08:31:15:f0:88:6b:cf:
09:a3:aa:41:4f:c4:96:e2:52:9a:a9:62:77:3c:2e:12:60:d9:
05:63:eb:70:fb:53:b5:44:9d:00:f0:ed:23:83:63:b1:36:84:
c1:bf:e0:54:24:dc:bb:47:b6:9e:59:c2:4e:31:6e:34:9b:c9:
fb:90:3e:be:9b:11:14:28:a1:62:92:da:93:67:d4:92:5c:47:
f0:f6:fc:0e:cf:b3:84:f9:83:b5:90:96:27:97:ec:c2:81:bb:
00:c9:48:1e:e0:db:a0:ab:6b:89:28:27:3f:59:5c:3c:28:51:
e8:2e:6d:c8:be:63:69:fa:66:9d:09:44:37:b0:8b:d9:da:e6:
81:11:d7:90
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBNgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA5MjkwOTE5NDlaFw0yNDA5MjkwOTE5NDlaMBgxFjAU
BgNVBAMTDTY1MTY5NmI4LTBjMGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCr4u0PFuvrndLUoCz/OOvuprv43/kIPrbLwqi7Za771E4Qh/5BFZ3mj+Ws
yZMxTzjt+bbUaLOZxdTw2dVV+SK09R+TptEEsMBVwLsYoBu+vW9gGYPKKNpMYRq5
RUMKXPr8qsv9iLvLscDu/qV3HDgCXPEVVEDMqEkVmavnpm9mH7CdAK6Mg+rDGI50
URDz7PIQi6W/Gbq2NfrWUvMhi1SgqULNI6szIG8RIHQlfsjgK/CRLLfI01wkgUfI
YHgAkRYDD5tRtTY2OO/6a5zEIZ6/s5YyqhcpVkp9Al0bFp1SlCVa2agGIybwBrhF
RyOHkyVfVLAjrZWk/h6wMm0UbSrnAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUXHsO
MALrUEzRrF5KGN02RVmrkS8wHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzU4NDZERjhFNUVBOTExRUU5OTk0QTIxRTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAH4wDQYJKoZIhvcNAQELBQAD
ggEBADqaa6D0liHDQkRJNAWw2Qdi9t7XGG5Cdvqkad2P6xFGi7F/Ja24EZrCmGGT
11NLawZXo7R5UvRLF94fexwbmtQIKTiexXpafbbBqiGtqun5WafIkaBXDNaZfFqg
hGFV6sWlDo4iNpclSbgBACbq5DU6+cIaIyy3CDEV8IhrzwmjqkFPxJbiUpqpYnc8
LhJg2QVj63D7U7VEnQDw7SODY7E2hMG/4FQk3LtHtp5Zwk4xbjSbyfuQPr6bERQo
oWKS2pNn1JJcR/D2/A7Ps4T5g7WQlieX7MKBuwDJSB7g26Cra4koJz9ZXDwoUegu
bci+Y2n6Zp0JRDewi9na5oER15A=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org