Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/748ADEC45EA011EE80D7B8814AD9E6FC.roa
File: 748ADEC45EA011EE80D7B8814AD9E6FC.roa (raw, json)
Hash identifier: l9aAoqvVm/vVcnGwJifY+5TEyprRyqm8x89oPtGAXno=
Subject key identifier: 93:ED:3C:50:86:85:00:21:33:12:F7:89:68:B8:CB:11:AF:FA:96:40
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 04C6
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/748ADEC45EA011EE80D7B8814AD9E6FC.roa
Signing time: Fri 29 Sep 2023 08:16:14 +0000
ROA not before: Fri 29 Sep 2023 08:16:10 +0000
ROA not after: Sun 29 Sep 2024 08:16:10 +0000
asID: 328227
IP address blocks: 156.0.114.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1222 (0x4c6)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Sep 29 08:16:10 2023 GMT
Not After : Sep 29 08:16:10 2024 GMT
Subject: CN=651687ce-000d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:05:80:76:8f:96:07:05:57:84:1a:d8:86:87:
96:4d:65:17:05:3b:a6:c1:cc:8b:ea:da:a7:36:5a:
7b:29:8b:45:e0:5e:98:9c:08:8c:9d:32:70:8a:bb:
b4:fc:2c:72:c4:35:41:a2:50:64:b6:20:3d:8c:ae:
48:31:df:d7:d6:c8:66:5c:3c:4f:dc:b4:ed:d3:41:
48:3d:6f:4c:07:d7:e5:8a:3a:ae:de:73:a8:b1:3b:
b6:a2:82:05:09:6e:17:e8:10:f6:38:3f:02:a6:70:
cc:1c:84:b5:5a:b8:b0:33:07:a7:1d:59:c0:4b:22:
4b:ec:29:8d:dd:b9:86:54:cb:f5:22:b1:e1:01:be:
b1:89:e1:44:32:d1:9d:71:01:ae:c6:d8:66:88:4f:
d7:21:8b:9a:f4:d6:ba:3f:d3:77:05:9b:dd:45:c4:
87:c7:93:81:c1:d3:0b:f1:ad:53:8b:31:61:54:b7:
23:d1:59:2f:fc:7e:9d:9f:96:5c:03:ed:d1:2b:7a:
10:35:b6:33:b6:23:88:e4:2e:48:98:81:f5:dc:7c:
d7:1f:b3:ff:60:8a:b0:c3:c6:54:39:8b:2c:f7:61:
ff:7e:f5:83:29:8c:06:03:1c:f1:fb:8c:16:41:b0:
c6:ce:0b:a4:e2:b8:cf:da:b9:29:9e:af:32:00:92:
c2:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:ED:3C:50:86:85:00:21:33:12:F7:89:68:B8:CB:11:AF:FA:96:40
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/748ADEC45EA011EE80D7B8814AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.114.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:7c:95:be:f1:31:2d:66:05:7d:99:4d:f8:73:24:8b:30:51:
6f:b3:a5:56:95:ba:b3:3d:3c:d5:26:f3:63:f1:25:8b:04:b3:
11:ba:23:18:fc:b7:f1:a2:10:7b:7c:1d:90:86:8d:4a:fd:56:
46:5d:82:74:ef:fe:a4:77:84:ea:c8:a5:78:ef:04:10:1a:84:
67:47:79:3d:ea:f4:ec:b7:07:39:85:2b:6e:fb:97:92:ad:ae:
85:66:df:25:ca:3a:9b:2f:ee:4d:74:d1:2e:c3:a3:ce:63:75:
d7:e9:1f:c6:4d:b0:eb:20:4d:dc:ff:f0:17:ad:6b:1b:c8:3e:
3b:a1:1a:20:65:87:d3:78:45:a4:6a:12:42:47:71:aa:4b:24:
25:d1:fa:7f:7c:db:ce:57:a5:74:20:e8:b8:8a:df:bb:44:57:
9c:2a:0b:f5:97:71:23:70:95:59:44:ed:db:50:27:b8:07:22:
18:d4:23:15:56:6e:53:4a:0c:13:e3:13:37:9c:d6:95:3e:71:
a5:bd:3c:03:70:06:91:f1:6b:c9:3a:8c:99:76:3a:67:75:79:
47:68:6c:00:59:60:77:91:13:68:3c:fe:86:8b:56:d0:1b:47:
ab:8d:9c:0c:98:ca:39:8d:b6:8b:20:6d:69:70:d2:c4:06:f2:
a5:21:35:99
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBMYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA5MjkwODE2MTBaFw0yNDA5MjkwODE2MTBaMBgxFjAU
BgNVBAMTDTY1MTY4N2NlLTAwMGQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDIBYB2j5YHBVeEGtiGh5ZNZRcFO6bBzIvq2qc2Wnspi0XgXpicCIydMnCK
u7T8LHLENUGiUGS2ID2Mrkgx39fWyGZcPE/ctO3TQUg9b0wH1+WKOq7ec6ixO7ai
ggUJbhfoEPY4PwKmcMwchLVauLAzB6cdWcBLIkvsKY3duYZUy/UiseEBvrGJ4UQy
0Z1xAa7G2GaIT9chi5r01ro/03cFm91FxIfHk4HB0wvxrVOLMWFUtyPRWS/8fp2f
llwD7dErehA1tjO2I4jkLkiYgfXcfNcfs/9girDDxlQ5iyz3Yf9+9YMpjAYDHPH7
jBZBsMbOC6TiuM/auSmerzIAksInAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUk+08
UIaFACEzEveJaLjLEa/6lkAwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4Lzc0OEFERUM0NUVBMDExRUU4MEQ3Qjg4MTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHIwDQYJKoZIhvcNAQELBQAD
ggEBAD58lb7xMS1mBX2ZTfhzJIswUW+zpVaVurM9PNUm82PxJYsEsxG6Ixj8t/Gi
EHt8HZCGjUr9VkZdgnTv/qR3hOrIpXjvBBAahGdHeT3q9Oy3BzmFK277l5KtroVm
3yXKOpsv7k100S7Do85jddfpH8ZNsOsgTdz/8BetaxvIPjuhGiBlh9N4RaRqEkJH
capLJCXR+n98285XpXQg6LiK37tEV5wqC/WXcSNwlVlE7dtQJ7gHIhjUIxVWblNK
DBPjEzec1pU+caW9PANwBpHxa8k6jJl2Omd1eUdobABZYHeRE2g8/oaLVtAbR6uN
nAyYyjmNtosgbWlw0sQG8qUhNZk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org