Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/7ED42B58EB7A11EEB323A1AA775412E6.roa
File: 7ED42B58EB7A11EEB323A1AA775412E6.roa (raw, json)
Hash identifier: f4ITGeD33oExI9gqH5CKt6mY9eME7I/z5D9bZ8BGkrA=
Subject key identifier: 18:40:7D:A9:EB:76:E9:F6:09:3A:E7:70:2C:3F:62:98:26:BE:B9:BC
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 05D7
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/7ED42B58EB7A11EEB323A1AA775412E6.roa
Signing time: Tue 26 Mar 2024 14:09:44 +0000
ROA not before: Tue 26 Mar 2024 14:09:41 +0000
ROA not after: Tue 25 Mar 2025 14:09:41 +0000
asID: 209181
IP address blocks: 156.0.127.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1495 (0x5d7)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Mar 26 14:09:41 2024 GMT
Not After : Mar 25 14:09:41 2025 GMT
Subject: CN=6602d728-fcfe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:b2:e0:8d:e3:27:9d:4a:be:fe:70:08:e2:f1:
a0:7e:25:a7:3f:f6:15:2b:20:17:b6:df:2e:28:a7:
70:5c:d2:0b:ff:2a:00:95:62:b9:23:68:96:a8:f3:
ed:40:ce:65:3c:5d:f0:c5:9e:ef:cd:8e:d2:d6:0f:
2f:0d:91:a5:5e:e3:a5:82:63:b0:9a:e6:ef:fb:ba:
96:fb:e8:07:ad:36:30:cb:64:7c:41:23:51:10:1c:
ad:a6:95:b5:57:75:ca:92:ec:4e:00:fe:3d:58:20:
ca:1b:b1:6c:a9:06:b0:05:73:1d:02:5e:c0:02:96:
66:69:6c:5a:37:26:a3:14:29:db:c0:22:f4:76:c0:
3e:3a:e0:07:d2:4a:a2:ea:07:06:15:f1:74:d0:0c:
85:85:e6:6e:76:95:a0:2e:b3:f3:3c:df:86:f8:80:
a4:97:c3:22:3e:20:6e:3a:d6:e0:c4:c3:a9:3a:72:
18:61:01:f4:32:81:92:1b:67:38:b0:96:85:ee:77:
ca:72:ed:de:35:8c:e3:e0:48:15:97:bf:64:34:50:
5b:c7:bc:c0:0a:0a:4f:91:e1:52:3a:fc:5b:35:2a:
35:40:d4:69:97:74:01:84:77:38:0d:4c:84:4b:d4:
fa:f8:f6:73:74:aa:fb:32:a8:a2:87:e4:ea:5b:02:
84:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:40:7D:A9:EB:76:E9:F6:09:3A:E7:70:2C:3F:62:98:26:BE:B9:BC
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/7ED42B58EB7A11EEB323A1AA775412E6.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.127.0/24
Signature Algorithm: sha256WithRSAEncryption
30:c3:dc:47:35:de:9e:25:dd:97:6c:dc:8b:53:c2:fe:7b:af:
b9:24:55:83:95:3a:2d:4a:fd:83:7d:10:c7:e1:d4:09:1f:c9:
f1:29:47:45:92:46:89:2f:ae:4f:46:14:87:4e:b0:cb:76:44:
41:34:f7:41:dc:af:85:09:ed:7c:25:f2:4f:dc:6f:62:91:7f:
b3:f4:d8:34:ff:ac:fb:95:22:38:78:3d:6a:d5:68:0a:bb:34:
ae:f9:02:bc:59:a9:76:f0:e8:a2:12:d1:86:96:d5:22:e3:01:
0a:79:93:eb:97:fe:de:05:0a:1a:78:a1:2c:bd:6e:fc:72:09:
1f:e7:4f:d9:00:e6:23:36:5c:b9:76:9f:10:d5:2e:4e:da:d4:
f5:32:3a:6f:16:ba:78:4c:ca:8d:53:5c:1b:01:d5:ba:c6:9c:
ee:65:f2:e9:bd:6b:36:2e:3a:11:d4:19:c2:67:a4:31:2a:6f:
de:b0:26:3d:03:ca:07:36:7e:2a:b5:40:1d:87:bc:81:a0:c2:
16:b5:ac:16:57:7c:ec:7c:c6:e2:f7:7a:1f:13:f0:75:d6:21:
1a:80:5c:a1:b9:f8:51:04:17:31:39:59:74:f5:2a:2d:22:0a:
3b:3f:57:a1:4b:98:53:a0:8d:ad:e4:14:6f:50:74:5a:e8:c1:
b1:ba:ba:ec
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBdcwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yNDAzMjYxNDA5NDFaFw0yNTAzMjUxNDA5NDFaMBgxFjAU
BgNVBAMTDTY2MDJkNzI4LWZjZmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDssuCN4yedSr7+cAji8aB+Jac/9hUrIBe23y4op3Bc0gv/KgCVYrkjaJao
8+1AzmU8XfDFnu/NjtLWDy8NkaVe46WCY7Ca5u/7upb76AetNjDLZHxBI1EQHK2m
lbVXdcqS7E4A/j1YIMobsWypBrAFcx0CXsAClmZpbFo3JqMUKdvAIvR2wD464AfS
SqLqBwYV8XTQDIWF5m52laAus/M834b4gKSXwyI+IG461uDEw6k6chhhAfQygZIb
ZziwloXud8py7d41jOPgSBWXv2Q0UFvHvMAKCk+R4VI6/Fs1KjVA1GmXdAGEdzgN
TIRL1Pr49nN0qvsyqKKH5OpbAoSTAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUGEB9
qet26fYJOudwLD9imCa+ubwwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzdFRDQyQjU4RUI3QTExRUVCMzIzQTFBQTc3NTQxMkU2LnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAH8wDQYJKoZIhvcNAQELBQAD
ggEBADDD3Ec13p4l3Zds3ItTwv57r7kkVYOVOi1K/YN9EMfh1AkfyfEpR0WSRokv
rk9GFIdOsMt2REE090Hcr4UJ7Xwl8k/cb2KRf7P02DT/rPuVIjh4PWrVaAq7NK75
ArxZqXbw6KIS0YaW1SLjAQp5k+uX/t4FChp4oSy9bvxyCR/nT9kA5iM2XLl2nxDV
Lk7a1PUyOm8WunhMyo1TXBsB1brGnO5l8um9azYuOhHUGcJnpDEqb96wJj0Dygc2
fiq1QB2HvIGgwha1rBZXfOx8xuL3eh8T8HXWIRqAXKG5+FEEFzE5WXT1Ki0iCjs/
V6FLmFOgja3kFG9QdFrowbG6uuw=
-----END CERTIFICATE-----
Generated at Wed May 1 02:07:10 2024 by rpki-client on console-fra.rpki-client.org