Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/73DFF262174B11EEA203AE254AD9E6FC.roa
File: 73DFF262174B11EEA203AE254AD9E6FC.roa (raw, json)
Hash identifier: qH0XV4wSZR/kg5eZmO6W0GSeMdY3wfcEJYAN82KyRtE=
Subject key identifier: 6C:54:4C:D4:04:2A:6A:9E:A8:CB:BA:E4:83:62:46:F3:F5:69:84:4A
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0402
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/73DFF262174B11EEA203AE254AD9E6FC.roa
Signing time: Fri 30 Jun 2023 13:38:53 +0000
ROA not before: Fri 30 Jun 2023 13:38:48 +0000
ROA not after: Sun 30 Jun 2024 13:38:48 +0000
asID: 328227
IP address blocks: 156.0.122.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1026 (0x402)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 13:38:48 2023 GMT
Not After : Jun 30 13:38:48 2024 GMT
Subject: CN=649edaed-c365
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:c7:f8:bb:94:e0:2d:46:a2:f6:d6:62:0e:1d:
d2:13:2d:1d:7e:1a:5e:6d:ca:9c:82:de:3d:93:28:
dd:4e:3f:0e:31:f9:20:8d:ac:30:9b:b5:a5:16:c8:
a0:2e:02:a8:94:9c:5f:eb:24:6a:d8:da:65:67:b5:
fe:28:a0:a5:d5:7a:27:f3:89:ad:fd:17:1a:7a:55:
20:54:4b:ff:9c:d2:27:f9:22:cc:05:84:a2:d7:56:
1b:5c:99:cf:0c:9d:61:50:00:4a:5e:97:a1:6a:aa:
81:8c:05:90:7d:14:af:8c:4b:e2:7b:b8:78:96:9f:
20:ec:5c:e4:f7:60:9b:b1:d6:7a:fe:69:4e:6e:ef:
6e:2f:b1:f9:0e:89:95:ea:fb:8d:b8:79:48:b3:2b:
19:ad:f3:47:74:ed:b3:31:ea:2f:b2:a4:c3:dc:05:
5e:23:3d:36:f7:21:95:59:33:40:df:0c:88:d8:ad:
78:38:03:d2:7a:00:a3:1b:b7:b3:bb:78:70:33:05:
9a:51:64:5f:dd:40:bd:81:68:d8:d9:9b:fa:cd:6c:
4e:bb:bc:55:7e:7d:0f:93:b1:71:c3:f6:a8:52:84:
89:da:af:db:9d:6e:b2:3a:a6:15:51:ba:94:6d:12:
0e:ca:46:9f:09:f2:37:d8:9a:ef:85:84:ec:6d:bc:
a7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:54:4C:D4:04:2A:6A:9E:A8:CB:BA:E4:83:62:46:F3:F5:69:84:4A
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/73DFF262174B11EEA203AE254AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.122.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:32:ba:7c:7b:e0:20:1e:ee:b8:26:7f:a3:e7:c8:28:ad:2b:
b5:46:42:b7:d1:cd:86:65:d2:d3:be:b8:98:81:44:e3:66:4d:
39:55:28:07:a3:60:1a:c9:09:b1:06:f0:89:4d:5b:6c:89:2a:
fa:4e:81:40:bb:8d:7e:e3:31:8d:e6:c3:d9:37:63:fc:ee:3f:
bb:bb:21:b4:36:42:e9:62:fa:6c:85:a9:8a:2e:ba:96:e3:26:
15:cd:ef:57:12:b6:c2:06:7f:fb:1a:11:49:59:fa:26:21:b1:
41:31:df:a2:51:52:bf:64:51:90:f1:13:66:31:86:0b:f6:a0:
2b:44:7e:f1:18:e7:9a:aa:a9:0e:57:3b:1f:f1:43:78:51:73:
a2:14:35:5b:ed:4d:a8:87:38:6b:ff:1c:aa:f2:6a:86:bd:30:
11:f6:fa:17:c1:18:ce:4c:0f:48:86:a9:ca:88:17:0f:bf:67:
3c:81:63:1d:bd:00:bb:b0:dc:0a:19:db:65:ab:42:f1:bc:ff:
0d:2c:ec:62:c3:48:c5:dc:ee:a0:89:7a:47:5d:da:9a:2b:e0:
84:c9:b4:2c:40:f0:14:52:3a:f1:64:8d:ff:a6:5c:1d:1b:9e:
cb:d3:f8:7b:ad:9e:56:32:2a:c2:8e:a0:ec:ef:08:aa:c9:12:
c9:ea:55:50
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBAIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMzM4NDhaFw0yNDA2MzAxMzM4NDhaMBgxFjAU
BgNVBAMTDTY0OWVkYWVkLWMzNjUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDAx/i7lOAtRqL21mIOHdITLR1+Gl5typyC3j2TKN1OPw4x+SCNrDCbtaUW
yKAuAqiUnF/rJGrY2mVntf4ooKXVeifzia39Fxp6VSBUS/+c0if5IswFhKLXVhtc
mc8MnWFQAEpel6FqqoGMBZB9FK+MS+J7uHiWnyDsXOT3YJux1nr+aU5u724vsfkO
iZXq+424eUizKxmt80d07bMx6i+ypMPcBV4jPTb3IZVZM0DfDIjYrXg4A9J6AKMb
t7O7eHAzBZpRZF/dQL2BaNjZm/rNbE67vFV+fQ+TsXHD9qhShInar9udbrI6phVR
upRtEg7KRp8J8jfYmu+FhOxtvKfXAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUbFRM
1AQqap6oy7rkg2JG8/VphEowHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzczREZGMjYyMTc0QjExRUVBMjAzQUUyNTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHowDQYJKoZIhvcNAQELBQAD
ggEBAG8yunx74CAe7rgmf6PnyCitK7VGQrfRzYZl0tO+uJiBRONmTTlVKAejYBrJ
CbEG8IlNW2yJKvpOgUC7jX7jMY3mw9k3Y/zuP7u7IbQ2Quli+myFqYouupbjJhXN
71cStsIGf/saEUlZ+iYhsUEx36JRUr9kUZDxE2Yxhgv2oCtEfvEY55qqqQ5XOx/x
Q3hRc6IUNVvtTaiHOGv/HKryaoa9MBH2+hfBGM5MD0iGqcqIFw+/ZzyBYx29ALuw
3AoZ22WrQvG8/w0s7GLDSMXc7qCJekdd2por4ITJtCxA8BRSOvFkjf+mXB0bnsvT
+HutnlYyKsKOoOzvCKrJEsnqVVA=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org