Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/6AC47BE25EA111EE8CA115854AD9E6FC.roa
File: 6AC47BE25EA111EE8CA115854AD9E6FC.roa (raw, json)
Hash identifier: 67VIfu+gv1Pg4z5GwgWdwssbZJTjkioIumIKhRcFpb0=
Subject key identifier: 90:83:A1:86:25:DC:38:83:19:54:5C:CB:A2:52:0B:C4:E6:D6:76:64
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 04CF
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/6AC47BE25EA111EE8CA115854AD9E6FC.roa
Signing time: Fri 29 Sep 2023 08:23:07 +0000
ROA not before: Fri 29 Sep 2023 08:23:04 +0000
ROA not after: Sun 29 Sep 2024 08:23:04 +0000
asID: 328227
IP address blocks: 156.0.111.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1231 (0x4cf)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Sep 29 08:23:04 2023 GMT
Not After : Sep 29 08:23:04 2024 GMT
Subject: CN=6516896b-9734
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:55:1a:41:4e:33:b1:96:11:96:89:3e:18:e3:
dc:8a:c8:f1:90:40:01:f0:07:42:55:7b:5c:03:8e:
36:b7:45:11:5b:7b:25:79:90:7a:63:88:59:0c:e4:
59:35:f6:5b:ce:1a:5a:db:64:6e:95:b3:8f:b6:42:
9d:57:3c:8c:c7:77:21:0f:42:1b:03:43:3c:aa:4f:
9c:a5:14:e4:f7:5b:70:d6:df:ef:49:d9:89:3f:35:
9a:24:68:1f:71:5f:56:68:37:b0:5f:53:0c:be:47:
79:76:61:24:24:45:cc:6f:d7:66:b9:18:99:2c:b0:
6c:87:1d:ea:41:c7:21:c1:4b:75:fb:b5:5b:37:c0:
06:d7:56:df:1a:a3:7b:e0:b3:08:ce:09:c4:05:ff:
be:dc:26:91:f8:42:ca:70:04:96:64:ef:07:02:c2:
ad:90:62:9b:fc:30:8a:12:03:6c:80:d8:18:bc:4b:
c4:e0:52:b4:ef:f4:8c:5d:e3:44:13:27:12:0b:f7:
52:ef:92:a9:05:13:e1:5d:3c:41:f2:1e:2e:e4:fe:
70:f5:a8:db:ba:d3:1a:93:9d:ec:1c:21:3c:9f:8e:
bc:ad:24:5b:47:9c:c1:50:51:11:1e:ef:a6:b8:00:
2c:c6:0b:f3:fd:c6:44:aa:fb:7a:e6:7d:f7:76:23:
9c:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:83:A1:86:25:DC:38:83:19:54:5C:CB:A2:52:0B:C4:E6:D6:76:64
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/6AC47BE25EA111EE8CA115854AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.111.0/24
Signature Algorithm: sha256WithRSAEncryption
28:f9:b3:58:e1:92:59:a9:77:13:91:51:37:6e:e4:de:e1:a8:
f8:27:61:d2:26:6e:04:de:ef:e9:3f:a1:a4:d3:dd:5a:4a:69:
5f:53:37:5a:95:95:e4:3e:37:20:b9:14:ac:b3:35:ae:f5:77:
01:00:0a:fb:5f:26:df:ad:8f:46:14:62:18:36:27:2e:a8:5a:
4e:12:c8:8f:92:be:81:df:13:5e:a9:21:1c:b6:a2:c9:66:8b:
5c:e1:36:eb:ae:25:bb:26:8c:d6:1a:1d:c8:a2:d7:a4:83:52:
f1:75:fb:ee:70:e6:dd:dc:86:47:94:5b:5a:f1:1c:da:f2:ca:
20:83:0c:99:c3:dc:98:1b:18:9f:bb:60:bb:84:01:e0:7d:1c:
d4:da:d5:a9:62:49:31:e5:57:7e:5d:1e:27:be:0a:b8:1c:71:
62:ba:90:5b:71:75:bf:cd:f9:b4:59:f5:c5:d9:d0:0e:29:f4:
9a:81:e2:1e:0d:e6:86:1d:94:71:31:bc:56:1b:e7:ed:14:76:
8f:d9:d2:dc:bf:3f:d2:c4:e3:b9:0a:97:9d:8f:6e:39:96:b5:
4f:9b:03:df:44:1a:de:23:c1:7c:ac:eb:c1:d1:a2:f2:a6:58:
25:79:85:85:dd:e2:38:ea:f7:0b:1c:de:9d:44:ea:db:73:90:
d1:47:1d:ce
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBM8wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA5MjkwODIzMDRaFw0yNDA5MjkwODIzMDRaMBgxFjAU
BgNVBAMTDTY1MTY4OTZiLTk3MzQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDgVRpBTjOxlhGWiT4Y49yKyPGQQAHwB0JVe1wDjja3RRFbeyV5kHpjiFkM
5Fk19lvOGlrbZG6Vs4+2Qp1XPIzHdyEPQhsDQzyqT5ylFOT3W3DW3+9J2Yk/NZok
aB9xX1ZoN7BfUwy+R3l2YSQkRcxv12a5GJkssGyHHepBxyHBS3X7tVs3wAbXVt8a
o3vgswjOCcQF/77cJpH4QspwBJZk7wcCwq2QYpv8MIoSA2yA2Bi8S8TgUrTv9Ixd
40QTJxIL91LvkqkFE+FdPEHyHi7k/nD1qNu60xqTnewcITyfjrytJFtHnMFQUREe
76a4ACzGC/P9xkSq+3rmffd2I5yfAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUkIOh
hiXcOIMZVFzLolILxObWdmQwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzZBQzQ3QkUyNUVBMTExRUU4Q0ExMTU4NTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAG8wDQYJKoZIhvcNAQELBQAD
ggEBACj5s1jhklmpdxORUTdu5N7hqPgnYdImbgTe7+k/oaTT3VpKaV9TN1qVleQ+
NyC5FKyzNa71dwEACvtfJt+tj0YUYhg2Jy6oWk4SyI+SvoHfE16pIRy2oslmi1zh
NuuuJbsmjNYaHcii16SDUvF1++5w5t3chkeUW1rxHNryyiCDDJnD3JgbGJ+7YLuE
AeB9HNTa1aliSTHlV35dHie+CrgccWK6kFtxdb/N+bRZ9cXZ0A4p9JqB4h4N5oYd
lHExvFYb5+0Udo/Z0ty/P9LE47kKl52PbjmWtU+bA99EGt4jwXys68HRovKmWCV5
hYXd4jjq9wsc3p1E6ttzkNFHHc4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org