Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/8B499D78209611EE885A656F4AD9E6FC.roa
File: 8B499D78209611EE885A656F4AD9E6FC.roa (raw, json)
Hash identifier: 0nvnDjqGxWSIL1AbMjLwBfXzal8Or9V0JVsobbJ4ZcE=
Subject key identifier: E3:A9:1A:EE:1D:76:70:06:30:5D:6F:33:02:C4:76:6F:A6:B5:3B:27
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 042E
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/8B499D78209611EE885A656F4AD9E6FC.roa
Signing time: Wed 12 Jul 2023 09:29:05 +0000
ROA not before: Wed 12 Jul 2023 09:29:01 +0000
ROA not after: Fri 12 Jul 2024 09:29:01 +0000
asID: 17941
IP address blocks: 156.0.125.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1070 (0x42e)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jul 12 09:29:01 2023 GMT
Not After : Jul 12 09:29:01 2024 GMT
Subject: CN=64ae7261-a67c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e2:b0:02:c0:e3:d4:23:9e:85:f3:3b:f7:01:1f:
aa:30:08:3c:e5:37:3e:85:ba:d9:3c:cf:bc:b7:f4:
13:d4:72:52:8f:c9:a6:c0:f8:d3:0f:f7:08:25:d3:
09:e5:10:6e:5e:51:8b:ca:b1:13:5c:5a:14:28:33:
0b:d3:f1:96:b9:3b:c6:b0:cf:38:b0:7d:e3:61:72:
a5:4b:ed:74:07:21:e2:2f:3f:59:fe:6e:6d:84:20:
ba:72:df:1e:82:08:e5:75:66:6c:a2:4f:e5:a8:bd:
ca:41:ab:d3:97:da:43:b5:82:ed:b3:cc:36:61:ad:
b0:bb:16:67:9f:16:72:0c:22:b9:0c:c2:16:9d:b4:
4c:3a:be:f6:cc:70:f6:4b:27:18:01:ce:a3:76:c8:
fb:93:62:e6:7d:95:9b:fb:c1:6c:9d:33:56:ec:22:
78:d2:94:80:09:d2:c1:a1:73:35:b5:42:18:12:c4:
b8:dd:b8:9d:47:14:49:ff:bf:56:17:14:5b:03:a8:
04:29:ae:af:d8:12:19:45:a8:b4:17:85:d6:ee:93:
34:97:45:d5:37:c7:f6:30:86:7c:52:6d:6e:9e:6b:
af:63:df:3e:30:96:0b:e4:8d:7a:2e:ee:02:70:09:
92:18:45:de:d1:b5:67:39:85:8f:c1:5d:af:91:5f:
2b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:A9:1A:EE:1D:76:70:06:30:5D:6F:33:02:C4:76:6F:A6:B5:3B:27
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/8B499D78209611EE885A656F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.125.0/24
Signature Algorithm: sha256WithRSAEncryption
73:84:34:2d:a5:56:86:28:aa:a4:dc:60:a7:f4:f6:a4:f8:81:
ca:67:59:f0:e5:a2:d7:2a:04:00:1d:e6:88:6f:f1:5d:31:02:
1c:f1:18:bf:04:fb:9d:9e:7f:fe:ac:52:73:e2:f1:91:bf:0e:
00:3a:7e:bd:09:5d:29:2d:2b:47:c2:bb:43:84:66:7d:86:82:
99:a7:62:8f:7e:ee:e5:9c:35:94:5f:46:0f:8e:80:d9:cf:85:
df:77:de:bc:7d:5c:f4:0c:31:b0:7d:aa:40:6a:be:4c:75:07:
71:40:27:fe:61:d6:d8:17:50:82:a8:5e:69:ad:a9:cc:7f:a3:
66:8a:87:b9:c5:b3:a9:4e:59:7f:a3:40:57:c4:3f:e2:52:52:
50:25:36:a8:36:17:8a:d0:df:4b:22:46:99:fa:a3:e3:68:75:
2a:23:de:a9:2d:85:1c:1a:3b:a1:61:ab:c7:e6:dc:ef:d2:35:
97:5e:8a:76:70:9e:ae:6e:89:bb:2e:14:8a:6c:27:8f:ea:c8:
2b:57:62:78:e1:21:39:21:bc:76:70:89:c7:aa:20:19:b5:f0:
ef:39:2a:3b:0d:46:05:07:40:a2:71:29:fe:bb:78:ba:7c:84:
cc:96:cf:e5:f0:38:38:9b:21:ab:9a:43:b4:84:f3:dd:35:09:
58:0b:1f:53
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBC4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA3MTIwOTI5MDFaFw0yNDA3MTIwOTI5MDFaMBgxFjAU
BgNVBAMTDTY0YWU3MjYxLWE2N2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDisALA49QjnoXzO/cBH6owCDzlNz6Futk8z7y39BPUclKPyabA+NMP9wgl
0wnlEG5eUYvKsRNcWhQoMwvT8Za5O8awzziwfeNhcqVL7XQHIeIvP1n+bm2EILpy
3x6CCOV1ZmyiT+WovcpBq9OX2kO1gu2zzDZhrbC7FmefFnIMIrkMwhadtEw6vvbM
cPZLJxgBzqN2yPuTYuZ9lZv7wWydM1bsInjSlIAJ0sGhczW1QhgSxLjduJ1HFEn/
v1YXFFsDqAQprq/YEhlFqLQXhdbukzSXRdU3x/YwhnxSbW6ea69j3z4wlgvkjXou
7gJwCZIYRd7RtWc5hY/BXa+RXytvAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU46ka
7h12cAYwXW8zAsR2b6a1OycwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzhCNDk5RDc4MjA5NjExRUU4ODVBNjU2RjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAH0wDQYJKoZIhvcNAQELBQAD
ggEBAHOENC2lVoYoqqTcYKf09qT4gcpnWfDlotcqBAAd5ohv8V0xAhzxGL8E+52e
f/6sUnPi8ZG/DgA6fr0JXSktK0fCu0OEZn2GgpmnYo9+7uWcNZRfRg+OgNnPhd93
3rx9XPQMMbB9qkBqvkx1B3FAJ/5h1tgXUIKoXmmtqcx/o2aKh7nFs6lOWX+jQFfE
P+JSUlAlNqg2F4rQ30siRpn6o+NodSoj3qkthRwaO6Fhq8fm3O/SNZdeinZwnq5u
ibsuFIpsJ4/qyCtXYnjhITkhvHZwiceqIBm18O85KjsNRgUHQKJxKf67eLp8hMyW
z+XwODibIauaQ7SE8901CVgLH1M=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org