Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/82C16C563A7E11EEBAEBFA314AD9E6FC.roa
File: 82C16C563A7E11EEBAEBFA314AD9E6FC.roa (raw, json)
Hash identifier: uU+Hqx908jg5YOPbyhnZUhZvoRWwOU86KZb/i9bHOaA=
Subject key identifier: 0A:DF:B6:4D:F2:E2:55:B9:37:33:8E:C0:92:E8:01:FD:B2:E6:95:7D
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 047D
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/82C16C563A7E11EEBAEBFA314AD9E6FC.roa
Signing time: Mon 14 Aug 2023 08:42:33 +0000
ROA not before: Mon 14 Aug 2023 08:42:29 +0000
ROA not after: Wed 14 Aug 2024 08:42:29 +0000
asID: 60539
IP address blocks: 156.0.104.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1149 (0x47d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Aug 14 08:42:29 2023 GMT
Not After : Aug 14 08:42:29 2024 GMT
Subject: CN=64d9e8f9-dbbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c2:ce:d0:21:80:6a:3f:4e:79:f5:52:4f:af:
81:69:af:6b:01:40:aa:09:c5:45:64:6b:5f:90:8a:
c6:7f:ba:f7:8f:35:eb:85:ae:c4:25:0b:54:56:e7:
ae:f1:bc:ab:97:a4:75:a1:1a:25:0d:e3:30:7b:58:
51:91:52:c4:45:62:c7:b9:e0:af:73:49:12:47:7f:
6c:25:5c:d0:c6:3f:a9:33:64:b5:a5:2c:61:18:3d:
b4:99:da:60:68:61:e3:0b:8b:98:b0:ce:49:e4:74:
fc:06:25:31:69:27:c8:df:ce:03:55:35:4c:ba:11:
a0:03:7a:33:13:6a:db:a3:08:5b:6b:46:b5:5e:8e:
5c:58:f9:51:ec:ba:8e:ab:aa:f2:7b:60:c5:b1:d4:
75:44:0e:02:85:2f:93:3b:d6:f3:4e:80:c3:c6:30:
e6:60:c9:89:03:b9:f1:67:18:f1:dc:e9:39:2d:b7:
07:f1:52:d3:f8:04:3e:61:93:5f:32:1e:08:33:14:
28:00:c0:c0:ed:27:3d:de:44:07:44:54:73:bc:21:
3d:ee:32:29:84:e0:9c:78:d2:06:3a:cf:f4:14:4d:
29:60:a2:2c:83:f0:70:8d:31:ec:97:80:39:21:fb:
32:17:14:23:90:72:1b:b8:47:48:8a:4a:de:32:a6:
27:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:DF:B6:4D:F2:E2:55:B9:37:33:8E:C0:92:E8:01:FD:B2:E6:95:7D
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/82C16C563A7E11EEBAEBFA314AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.104.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:62:49:12:5b:4b:9e:ab:4f:ef:3f:4d:86:32:d4:ed:86:65:
6b:22:ab:76:87:aa:3f:4c:50:43:45:77:fc:96:ab:50:9d:ed:
e1:1f:46:9c:78:6b:82:f0:cf:ed:2b:c3:c1:a9:f7:80:65:2f:
2a:c8:0d:95:78:b2:40:4f:82:c3:fb:6b:c8:dd:1d:61:3b:e8:
42:b9:17:a4:d7:5f:ee:f2:cf:7a:6f:8e:fa:36:7a:5e:da:db:
46:cc:7f:27:54:69:5e:dd:2e:e3:19:fb:be:8d:5e:01:2f:45:
3f:fb:7c:f7:1f:b0:b3:f1:cc:f9:db:7b:db:5d:4e:e4:56:7b:
16:a0:03:d0:01:b4:d4:9c:8f:b9:3a:26:79:1b:68:4a:d1:de:
bf:40:1a:eb:8b:3b:ea:7f:a2:df:a8:cb:47:b6:a1:eb:45:25:
5f:77:13:25:0d:90:7a:0f:fe:0f:0b:44:09:ec:fa:6d:a5:ae:
bf:16:5e:22:ca:0f:58:21:bf:8b:22:ef:80:32:a2:37:f3:bb:
ea:e0:3f:e0:03:19:59:82:a8:4b:b3:bf:9b:22:3e:8d:0a:5a:
0f:1b:e7:16:b5:4e:fd:06:9f:b8:4b:5d:18:86:0c:c1:35:ed:
88:8d:21:b4:c7:6c:34:af:75:83:f3:3a:78:4d:6a:ad:9f:dc:
33:8d:a7:bc
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBH0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA4MTQwODQyMjlaFw0yNDA4MTQwODQyMjlaMBgxFjAU
BgNVBAMTDTY0ZDllOGY5LWRiYmMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+ws7QIYBqP0559VJPr4Fpr2sBQKoJxUVka1+QisZ/uvePNeuFrsQlC1RW
567xvKuXpHWhGiUN4zB7WFGRUsRFYse54K9zSRJHf2wlXNDGP6kzZLWlLGEYPbSZ
2mBoYeMLi5iwzknkdPwGJTFpJ8jfzgNVNUy6EaADejMTatujCFtrRrVejlxY+VHs
uo6rqvJ7YMWx1HVEDgKFL5M71vNOgMPGMOZgyYkDufFnGPHc6TkttwfxUtP4BD5h
k18yHggzFCgAwMDtJz3eRAdEVHO8IT3uMimE4Jx40gY6z/QUTSlgoiyD8HCNMeyX
gDkh+zIXFCOQchu4R0iKSt4ypicjAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUCt+2
TfLiVbk3M47AkugB/bLmlX0wHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzgyQzE2QzU2M0E3RTExRUVCQUVCRkEzMTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAGgwDQYJKoZIhvcNAQELBQAD
ggEBAHtiSRJbS56rT+8/TYYy1O2GZWsiq3aHqj9MUENFd/yWq1Cd7eEfRpx4a4Lw
z+0rw8Gp94BlLyrIDZV4skBPgsP7a8jdHWE76EK5F6TXX+7yz3pvjvo2el7a20bM
fydUaV7dLuMZ+76NXgEvRT/7fPcfsLPxzPnbe9tdTuRWexagA9ABtNScj7k6Jnkb
aErR3r9AGuuLO+p/ot+oy0e2oetFJV93EyUNkHoP/g8LRAns+m2lrr8WXiLKD1gh
v4si74Ayojfzu+rgP+ADGVmCqEuzv5siPo0KWg8b5xa1Tv0Gn7hLXRiGDME17YiN
IbTHbDSvdYPzOnhNaq2f3DONp7w=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:06 2024 by rpki-client on console-fra.rpki-client.org