Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/5DF4EABC174A11EEADC0A5214AD9E6FC.roa
File: 5DF4EABC174A11EEADC0A5214AD9E6FC.roa (raw, json)
Hash identifier: 3x2RVhk+yKsfZzkpvteahHwn64Kh6peVWcyDI75YPfc=
Subject key identifier: B5:4B:C1:D8:3D:5C:8A:00:D2:02:BD:E7:4C:FF:50:42:05:01:76:A4
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 03FA
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/5DF4EABC174A11EEADC0A5214AD9E6FC.roa
Signing time: Fri 30 Jun 2023 13:31:07 +0000
ROA not before: Fri 30 Jun 2023 13:31:03 +0000
ROA not after: Sun 30 Jun 2024 13:31:03 +0000
asID: 328227
IP address blocks: 156.0.118.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1018 (0x3fa)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 13:31:03 2023 GMT
Not After : Jun 30 13:31:03 2024 GMT
Subject: CN=649ed91b-d73b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:9d:c4:7a:3a:00:ae:a6:95:0d:5f:70:8c:b8:
2a:89:2e:d9:21:c8:29:8b:cd:e2:fe:77:97:fa:6a:
19:90:bb:05:f9:30:8c:6f:7c:59:79:92:c5:fb:92:
fe:4e:b6:bb:f6:42:ca:eb:a3:e7:9c:c5:8b:e5:fa:
98:95:48:7d:d0:f4:ac:26:ff:11:51:e4:c5:25:1f:
a2:9a:e6:a4:e7:60:d9:4a:fd:02:b1:40:14:b0:f0:
7c:c7:86:b0:b2:5f:ed:a9:77:f5:8a:f2:20:6c:b6:
08:57:dd:d1:e5:8e:62:b0:d9:c8:37:69:4b:c9:c6:
9c:1b:b3:ba:d5:25:d2:3a:9a:77:c4:76:af:0e:8a:
01:e8:c4:36:7e:8c:50:ea:15:9d:a5:87:f8:2a:5a:
6b:22:65:80:8f:52:30:cc:66:04:e3:ac:e7:db:84:
dd:60:d7:93:3b:90:19:a0:d4:94:4d:93:3a:48:34:
8b:56:63:bc:76:a9:5b:2f:25:91:a5:02:84:1d:6c:
ac:59:80:02:29:5a:0f:9d:04:41:29:2a:15:1d:82:
3b:eb:6f:0f:f4:45:6b:12:25:16:c4:59:7f:03:ce:
09:69:54:78:12:23:72:c2:39:68:7c:6e:67:36:5b:
ca:75:19:3a:32:90:a2:27:8c:2f:da:09:76:0d:54:
83:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:4B:C1:D8:3D:5C:8A:00:D2:02:BD:E7:4C:FF:50:42:05:01:76:A4
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/5DF4EABC174A11EEADC0A5214AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.118.0/24
Signature Algorithm: sha256WithRSAEncryption
23:71:af:21:97:c1:1d:ed:f6:29:2f:76:e7:3e:c2:52:8c:bb:
8f:4b:bf:95:66:6f:a4:02:61:87:0d:70:d5:eb:53:be:47:38:
eb:50:ce:a7:ba:b1:f3:88:45:89:4e:08:2f:e2:f6:01:ed:b3:
fa:14:c4:10:e9:b0:3e:78:49:4b:0e:c4:44:ce:29:cd:86:da:
72:9e:cf:b0:d4:e5:ce:88:55:70:37:22:4d:dc:45:dd:94:ee:
fb:95:da:b3:0a:ad:b0:8e:08:3f:4e:e3:37:6e:86:fd:ca:6e:
c6:4e:8d:1f:ff:17:db:25:7f:c2:7a:b9:28:9c:62:f2:46:db:
29:a3:7a:4e:92:fe:21:ea:ae:d0:c0:9a:47:bb:93:05:97:cb:
a9:37:96:9c:b6:1b:53:a8:e7:df:22:f7:65:91:08:02:bd:f5:
c4:8d:ab:f5:7d:7c:6b:80:28:24:b6:1c:df:96:e5:e8:e2:b4:
88:71:f1:c2:12:89:03:b6:d3:a6:11:1a:5e:81:e2:39:d3:65:
0e:ff:3f:2c:d1:16:49:41:65:66:69:95:56:69:3c:51:58:86:
0c:50:d3:72:0d:fc:0e:bf:44:e1:ea:98:98:6f:6c:42:27:11:
e4:f0:68:67:9f:74:ab:36:07:31:9c:e9:38:cd:72:ba:27:9a:
30:f5:2d:a9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA/owDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMzMxMDNaFw0yNDA2MzAxMzMxMDNaMBgxFjAU
BgNVBAMTDTY0OWVkOTFiLWQ3M2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQChncR6OgCuppUNX3CMuCqJLtkhyCmLzeL+d5f6ahmQuwX5MIxvfFl5ksX7
kv5Otrv2Qsrro+ecxYvl+piVSH3Q9Kwm/xFR5MUlH6Ka5qTnYNlK/QKxQBSw8HzH
hrCyX+2pd/WK8iBstghX3dHljmKw2cg3aUvJxpwbs7rVJdI6mnfEdq8OigHoxDZ+
jFDqFZ2lh/gqWmsiZYCPUjDMZgTjrOfbhN1g15M7kBmg1JRNkzpINItWY7x2qVsv
JZGlAoQdbKxZgAIpWg+dBEEpKhUdgjvrbw/0RWsSJRbEWX8DzglpVHgSI3LCOWh8
bmc2W8p1GToykKInjC/aCXYNVINlAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUtUvB
2D1cigDSAr3nTP9QQgUBdqQwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzVERjRFQUJDMTc0QTExRUVBREMwQTUyMTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHYwDQYJKoZIhvcNAQELBQAD
ggEBACNxryGXwR3t9ikvduc+wlKMu49Lv5Vmb6QCYYcNcNXrU75HOOtQzqe6sfOI
RYlOCC/i9gHts/oUxBDpsD54SUsOxETOKc2G2nKez7DU5c6IVXA3Ik3cRd2U7vuV
2rMKrbCOCD9O4zduhv3KbsZOjR//F9slf8J6uSicYvJG2ymjek6S/iHqrtDAmke7
kwWXy6k3lpy2G1Oo598i92WRCAK99cSNq/V9fGuAKCS2HN+W5ejitIhx8cISiQO2
06YRGl6B4jnTZQ7/PyzRFklBZWZplVZpPFFYhgxQ03IN/A6/ROHqmJhvbEInEeTw
aGefdKs2BzGc6TjNcronmjD1Lak=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org