Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/5CB32AAC551C11EC81711E48D8A014CE.roa
File: 5CB32AAC551C11EC81711E48D8A014CE.roa (raw, json)
Hash identifier: ZKL5HCjA1wtLfwt7Q4RitkrVOl8MQIpMNobzUl8KMoQ=
Subject key identifier: 16:42:7C:F8:33:7B:9D:92:82:51:23:DE:86:70:08:0B:F9:E1:C2:94
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0167
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/5CB32AAC551C11EC81711E48D8A014CE.roa
Signing time: Sat 04 Dec 2021 16:08:05 +0000
ROA not before: Sat 04 Dec 2021 16:08:00 +0000
ROA not after: Thu 01 Dec 2022 16:08:00 +0000
asID: 328227
IP address blocks: 156.0.124.0/22 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 359 (0x167)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Dec 4 16:08:00 2021 GMT
Not After : Dec 1 16:08:00 2022 GMT
Subject: CN=61ab9264-1e5f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:05:71:d6:25:a0:50:d3:00:e3:ba:32:c0:5e:
79:87:4b:ea:57:17:3d:47:6a:bd:75:81:1d:21:b5:
15:84:83:6b:07:ab:3b:a3:b1:17:c3:a6:27:1d:09:
7c:63:dd:a2:9c:68:02:b1:78:a8:10:a4:7e:80:5e:
b5:01:2b:45:ca:52:9a:b8:dc:11:95:4d:77:2d:75:
74:02:f3:c8:b1:b7:5c:be:cf:47:41:6b:fb:27:f8:
b9:3d:47:26:64:9d:c2:27:43:82:00:5f:49:9c:57:
86:40:f6:77:7a:62:d4:ec:c4:60:ac:d3:8f:36:29:
c4:7d:2c:86:27:ec:28:96:b0:48:94:b0:24:cf:9a:
74:8a:dd:67:fa:6f:2f:cd:ce:3d:13:c9:8c:42:d5:
31:f6:24:07:5c:2f:07:b7:10:3f:bf:da:06:77:ab:
71:c3:18:0b:db:9e:e5:1a:0c:04:25:a3:2e:90:20:
b2:4a:a1:96:62:9d:55:2b:d5:80:82:7d:5d:d2:fc:
2f:14:f1:1a:17:4d:89:02:90:70:ab:cc:bb:d7:2e:
9c:63:c7:04:ff:5b:91:ce:55:f3:52:99:8f:ee:bf:
89:46:59:62:bd:29:96:98:7f:0a:de:31:7e:bc:c5:
be:8e:d6:25:61:21:a6:cf:52:8a:ea:65:18:d4:63:
ac:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
16:42:7C:F8:33:7B:9D:92:82:51:23:DE:86:70:08:0B:F9:E1:C2:94
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/5CB32AAC551C11EC81711E48D8A014CE.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.124.0/22
Signature Algorithm: sha256WithRSAEncryption
b1:ba:ad:8e:1e:e0:a9:c0:fe:a2:6c:3c:9f:a5:e5:29:15:44:
cd:d0:09:60:95:55:be:3d:0a:ea:97:17:a5:c8:27:fd:8a:75:
82:27:7e:47:e7:4c:8c:b2:12:be:88:fc:e3:16:90:76:34:4b:
d9:82:f3:30:59:61:b7:2b:49:e6:c7:d1:a2:eb:13:5b:2e:26:
d4:fe:1c:f2:be:8f:b7:01:c3:c8:9f:fd:2b:ba:3b:74:d9:87:
07:72:91:28:c9:14:c6:16:44:e7:48:6f:45:44:22:cd:00:5b:
bb:c2:af:ba:a4:0c:b7:58:09:c2:1e:4c:58:2c:32:4d:23:e4:
fb:f1:3c:81:6e:ce:12:3c:34:dc:89:dd:4a:81:40:c8:a9:f9:
36:cf:93:c1:22:63:d9:15:36:65:e1:5d:ee:be:73:04:f0:8e:
3d:11:8d:c3:70:c2:41:0f:89:e2:85:64:d1:47:a2:9d:48:70:
90:96:f0:65:e8:f1:95:22:dc:00:17:12:ec:28:77:26:94:ec:
64:c8:b4:21:aa:8c:bb:72:f4:01:33:ef:d2:59:95:a4:79:e3:
1f:1b:fe:0b:d9:94:6e:f7:0e:b5:50:4a:5c:e0:4b:aa:5b:27:
d2:02:22:61:a8:c7:5f:4d:6e:07:d4:61:1a:44:c8:59:bb:5f:
ba:19:44:f4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICAWcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMTEyMDQxNjA4MDBaFw0yMjEyMDExNjA4MDBaMBgxFjAU
BgNVBAMMDTYxYWI5MjY0LTFlNWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC7BXHWJaBQ0wDjujLAXnmHS+pXFz1Har11gR0htRWEg2sHqzujsRfDpicd
CXxj3aKcaAKxeKgQpH6AXrUBK0XKUpq43BGVTXctdXQC88ixt1y+z0dBa/sn+Lk9
RyZkncInQ4IAX0mcV4ZA9nd6YtTsxGCs0482KcR9LIYn7CiWsEiUsCTPmnSK3Wf6
by/Nzj0TyYxC1TH2JAdcLwe3ED+/2gZ3q3HDGAvbnuUaDAQloy6QILJKoZZinVUr
1YCCfV3S/C8U8RoXTYkCkHCrzLvXLpxjxwT/W5HOVfNSmY/uv4lGWWK9KZaYfwre
MX68xb6O1iVhIabPUorqZRjUY6zxAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUFkJ8
+DN7nZKCUSPehnAIC/nhwpQwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzVDQjMyQUFDNTUxQzExRUM4MTcxMUU0OEQ4QTAxNENFLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAKcAHwwDQYJKoZIhvcNAQELBQAD
ggEBALG6rY4e4KnA/qJsPJ+l5SkVRM3QCWCVVb49CuqXF6XIJ/2KdYInfkfnTIyy
Er6I/OMWkHY0S9mC8zBZYbcrSebH0aLrE1suJtT+HPK+j7cBw8if/Su6O3TZhwdy
kSjJFMYWROdIb0VEIs0AW7vCr7qkDLdYCcIeTFgsMk0j5PvxPIFuzhI8NNyJ3UqB
QMip+TbPk8EiY9kVNmXhXe6+cwTwjj0RjcNwwkEPieKFZNFHop1IcJCW8GXo8ZUi
3AAXEuwodyaU7GTItCGqjLty9AEz79JZlaR54x8b/gvZlG73DrVQSlzgS6pbJ9IC
ImGox19NbgfUYRpEyFm7X7oZRPQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org