Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/8D1E6AFA209311EEA6A7B6664AD9E6FC.roa
File: 8D1E6AFA209311EEA6A7B6664AD9E6FC.roa (raw, json)
Hash identifier: DEoDflVPFkDDxSNpBwd2wWMmBQ1X51C/xTqU2Fz0xt0=
Subject key identifier: 03:08:B6:78:93:9C:FC:AC:7F:5E:84:21:CD:77:1B:49:86:1C:95:4E
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0428
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/8D1E6AFA209311EEA6A7B6664AD9E6FC.roa
Signing time: Wed 12 Jul 2023 09:07:39 +0000
ROA not before: Wed 12 Jul 2023 09:07:36 +0000
ROA not after: Fri 12 Jul 2024 09:07:36 +0000
asID: 17941
IP address blocks: 156.0.122.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1064 (0x428)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jul 12 09:07:36 2023 GMT
Not After : Jul 12 09:07:36 2024 GMT
Subject: CN=64ae6d5b-2bef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:24:6d:b3:e5:4f:97:4a:c4:35:16:e3:88:be:
0e:e3:a0:5f:2d:d0:da:7f:09:ec:6d:8c:99:c0:f2:
38:b2:0f:85:43:35:97:da:36:b8:3f:de:3f:9a:28:
54:c8:25:e4:eb:24:7d:a0:f5:8d:1c:47:dc:02:37:
a4:b3:0c:d5:f8:ae:b3:6e:6d:db:9a:15:53:66:ad:
4e:6e:b4:5d:99:0c:67:7f:a9:5c:fd:b7:36:bf:14:
bb:38:92:59:97:c7:c3:c7:e1:29:cb:e2:87:5a:f0:
5d:9c:82:0c:47:b2:bf:65:99:bf:59:21:91:65:13:
9b:7c:f0:a4:e1:02:f6:a1:c4:ff:40:da:21:e4:b4:
e3:f5:a5:81:04:cc:c7:46:ad:d2:71:8f:c7:96:f4:
1c:3a:c5:b3:f0:f8:f6:7d:c2:64:43:81:66:55:b0:
4e:2a:43:5c:ec:49:56:7f:1d:74:e5:1b:79:01:94:
ae:86:63:ba:62:6e:f6:a0:14:57:b8:bd:80:b5:a0:
4a:53:77:d6:ea:06:e6:2e:43:c6:8d:b5:68:75:90:
1d:f4:0b:f2:98:e9:d6:8d:f2:ce:c7:bf:a0:ad:d8:
24:ba:fa:18:5c:ee:b5:a5:81:c9:cc:7b:59:b0:1f:
f2:9f:4b:18:9f:db:f7:b7:07:d8:b1:f6:d8:82:4c:
80:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:08:B6:78:93:9C:FC:AC:7F:5E:84:21:CD:77:1B:49:86:1C:95:4E
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/8D1E6AFA209311EEA6A7B6664AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.122.0/24
Signature Algorithm: sha256WithRSAEncryption
25:3a:21:e1:ef:75:f9:41:48:62:4d:d6:29:83:d4:43:ca:9a:
99:17:c2:07:17:de:dd:ae:f7:d8:e1:8e:97:65:7c:42:b3:ab:
67:d1:17:a1:2c:ea:cc:17:3c:2d:93:7d:9f:3f:7f:cc:98:51:
a5:cb:22:aa:1a:f2:7e:fc:fe:21:58:29:4a:76:be:58:c0:7e:
ad:b0:22:7f:4a:1f:26:63:e5:ab:67:1f:e0:93:42:39:c9:17:
a9:c8:7c:04:b4:fa:6f:c4:bf:95:6f:21:a0:94:85:09:58:e2:
1a:ea:4c:4e:25:25:90:5e:cf:7a:93:4e:68:06:76:8f:f7:b1:
00:e5:1a:90:00:8a:56:8f:d2:bd:bb:dd:86:dc:d6:f1:e7:1a:
5c:3a:26:07:3f:ec:64:29:39:20:2e:8c:59:7c:b0:46:17:cb:
75:2b:5d:cd:41:df:52:24:25:1b:25:8b:ba:a6:b0:ea:28:17:
c0:9a:a7:57:ef:bc:00:ac:52:ce:7f:97:80:5f:27:89:6e:5d:
71:7d:7b:ed:d1:13:9d:8a:cb:bb:c2:7d:c1:73:f1:1d:ca:67:
b3:a8:1e:b3:28:c8:0b:82:c2:82:4c:1a:16:bf:19:53:b4:14:
73:eb:65:88:6e:f4:b4:9d:20:a9:bd:2c:d2:76:49:ac:2c:8e:
fe:96:82:81
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBCgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA3MTIwOTA3MzZaFw0yNDA3MTIwOTA3MzZaMBgxFjAU
BgNVBAMTDTY0YWU2ZDViLTJiZWYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUJG2z5U+XSsQ1FuOIvg7joF8t0Np/CextjJnA8jiyD4VDNZfaNrg/3j+a
KFTIJeTrJH2g9Y0cR9wCN6SzDNX4rrNubduaFVNmrU5utF2ZDGd/qVz9tza/FLs4
klmXx8PH4SnL4oda8F2cggxHsr9lmb9ZIZFlE5t88KThAvahxP9A2iHktOP1pYEE
zMdGrdJxj8eW9Bw6xbPw+PZ9wmRDgWZVsE4qQ1zsSVZ/HXTlG3kBlK6GY7pibvag
FFe4vYC1oEpTd9bqBuYuQ8aNtWh1kB30C/KY6daN8s7Hv6Ct2CS6+hhc7rWlgcnM
e1mwH/KfSxif2/e3B9ix9tiCTID7AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUAwi2
eJOc/Kx/XoQhzXcbSYYclU4wHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzhEMUU2QUZBMjA5MzExRUVBNkE3QjY2NjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHowDQYJKoZIhvcNAQELBQAD
ggEBACU6IeHvdflBSGJN1imD1EPKmpkXwgcX3t2u99jhjpdlfEKzq2fRF6Es6swX
PC2TfZ8/f8yYUaXLIqoa8n78/iFYKUp2vljAfq2wIn9KHyZj5atnH+CTQjnJF6nI
fAS0+m/Ev5VvIaCUhQlY4hrqTE4lJZBez3qTTmgGdo/3sQDlGpAAilaP0r273Ybc
1vHnGlw6Jgc/7GQpOSAujFl8sEYXy3UrXc1B31IkJRsli7qmsOooF8Cap1fvvACs
Us5/l4BfJ4luXXF9e+3RE52Ky7vCfcFz8R3KZ7OoHrMoyAuCwoJMGha/GVO0FHPr
ZYhu9LSdIKm9LNJ2Sawsjv6WgoE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org