Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/7F8502BA426611EEB4E29F794AD9E6FC.roa
File: 7F8502BA426611EEB4E29F794AD9E6FC.roa (raw, json)
Hash identifier: 3zz6EXI/nEmpTc0KoFYMw1MxevA+ztvZUSAwzHbBLVw=
Subject key identifier: 80:41:2F:AC:44:E6:90:FC:D5:93:D4:0E:C7:46:74:46:F6:2E:47:92
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0496
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/7F8502BA426611EEB4E29F794AD9E6FC.roa
Signing time: Thu 24 Aug 2023 10:10:49 +0000
ROA not before: Thu 24 Aug 2023 10:10:46 +0000
ROA not after: Sat 24 Aug 2024 10:10:46 +0000
asID: 398465
IP address blocks: 156.0.125.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1174 (0x496)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Aug 24 10:10:46 2023 GMT
Not After : Aug 24 10:10:46 2024 GMT
Subject: CN=64e72ca9-e88e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:56:2c:95:54:e4:02:5e:1b:75:d4:20:52:0c:
15:5c:46:d8:79:cd:16:7d:71:b6:e7:12:07:dc:5c:
00:5c:c5:b3:6c:de:43:ab:68:a4:04:8b:b6:e2:ee:
57:20:d6:a5:16:85:b7:51:01:9b:dd:01:35:7d:58:
5c:09:d6:dd:f1:fa:73:72:63:5c:93:9b:85:1a:b9:
d6:8b:e7:42:7a:2c:e9:24:63:9a:55:75:27:57:9a:
d9:0c:e4:4d:62:45:ee:78:95:4a:94:cf:6a:dc:4d:
43:e7:e1:9c:b9:ec:59:84:85:de:fa:c6:95:ad:e6:
7c:1b:02:d9:fd:7c:da:03:46:bf:a8:35:89:9f:f0:
88:44:a0:0c:85:f6:a5:37:2d:ff:97:b9:8e:31:15:
88:38:de:3d:e9:b7:04:76:79:2c:09:43:ba:9a:e8:
11:87:44:ba:cb:ec:bd:3a:88:d4:59:4e:76:7b:89:
5d:22:9d:b7:98:eb:4e:56:6c:0f:9b:4c:3d:8e:64:
97:a8:a1:40:d9:90:75:3b:9a:f5:9a:6d:97:10:08:
0f:cb:aa:a8:39:25:c3:5a:a5:e6:c9:12:00:c5:7a:
e9:bb:13:64:2b:a2:1b:c9:fd:78:6f:0e:61:af:de:
ee:b3:48:21:83:7e:ba:78:2c:13:c0:96:24:b6:95:
3a:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
80:41:2F:AC:44:E6:90:FC:D5:93:D4:0E:C7:46:74:46:F6:2E:47:92
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/7F8502BA426611EEB4E29F794AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.125.0/24
Signature Algorithm: sha256WithRSAEncryption
94:a5:02:06:d3:01:1f:fd:2d:5c:6e:16:db:d1:6f:37:ad:e7:
d9:1e:37:7d:7a:82:97:bd:a5:30:d7:31:f5:63:1d:b3:42:0d:
97:ef:8c:b2:cc:7f:6d:e3:d8:78:32:39:c9:3b:26:6a:ef:62:
de:51:57:4a:91:62:07:ea:94:b7:a5:6b:50:a7:db:c7:70:f6:
79:c9:00:52:c0:47:4f:1b:bd:e7:97:91:38:89:ca:1b:e7:cb:
1f:e5:c2:4b:7b:79:9c:3b:e9:82:11:c3:1c:e3:39:48:82:8e:
a8:e8:9d:e1:17:2a:d1:24:09:6c:c1:17:c6:f9:52:f4:e5:33:
13:e1:3b:cf:df:5d:37:ca:a9:6f:88:85:ab:9f:d6:70:62:22:
20:9e:8d:9b:52:f1:d5:22:1e:40:7e:38:26:eb:a8:f8:44:c2:
17:5a:b8:10:3a:47:dc:3c:7e:5f:f3:80:b0:9c:6c:24:c6:87:
24:f1:46:2f:2f:65:fa:9b:ee:89:e4:1f:ff:a1:d1:77:8c:13:
cd:bd:ca:9d:c9:a0:e9:f1:b0:06:df:90:83:c1:97:2d:24:ea:
89:fe:3e:4d:24:21:20:9e:25:7a:2d:62:61:8f:6b:7b:cb:8b:
a6:83:44:14:fb:51:bf:33:74:83:7c:81:ff:cc:a9:70:b0:13:
dc:50:5f:25
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBJYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA4MjQxMDEwNDZaFw0yNDA4MjQxMDEwNDZaMBgxFjAU
BgNVBAMTDTY0ZTcyY2E5LWU4OGUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC9ViyVVOQCXht11CBSDBVcRth5zRZ9cbbnEgfcXABcxbNs3kOraKQEi7bi
7lcg1qUWhbdRAZvdATV9WFwJ1t3x+nNyY1yTm4UaudaL50J6LOkkY5pVdSdXmtkM
5E1iRe54lUqUz2rcTUPn4Zy57FmEhd76xpWt5nwbAtn9fNoDRr+oNYmf8IhEoAyF
9qU3Lf+XuY4xFYg43j3ptwR2eSwJQ7qa6BGHRLrL7L06iNRZTnZ7iV0inbeY605W
bA+bTD2OZJeooUDZkHU7mvWabZcQCA/Lqqg5JcNapebJEgDFeum7E2QrohvJ/Xhv
DmGv3u6zSCGDfrp4LBPAliS2lTr1AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUgEEv
rETmkPzVk9QOx0Z0RvYuR5IwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzdGODUwMkJBNDI2NjExRUVCNEUyOUY3OTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAH0wDQYJKoZIhvcNAQELBQAD
ggEBAJSlAgbTAR/9LVxuFtvRbzet59keN316gpe9pTDXMfVjHbNCDZfvjLLMf23j
2HgyOck7JmrvYt5RV0qRYgfqlLela1Cn28dw9nnJAFLAR08bveeXkTiJyhvnyx/l
wkt7eZw76YIRwxzjOUiCjqjoneEXKtEkCWzBF8b5UvTlMxPhO8/fXTfKqW+Ihauf
1nBiIiCejZtS8dUiHkB+OCbrqPhEwhdauBA6R9w8fl/zgLCcbCTGhyTxRi8vZfqb
7onkH/+h0XeME829yp3JoOnxsAbfkIPBly0k6on+Pk0kISCeJXotYmGPa3vLi6aD
RBT7Ub8zdIN8gf/MqXCwE9xQXyU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org