Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/8F92CAAC680411EE8CBF615A4AD9E6FC.roa
File: 8F92CAAC680411EE8CBF615A4AD9E6FC.roa (raw, json)
Hash identifier: qTcqiuY4326ke0wcxPEpWLJr4iue676BvF15dQtUZmk=
Subject key identifier: C7:D2:E0:7E:3C:86:4B:23:16:D4:82:FB:B5:7D:F4:C0:F0:10:AA:0E
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 04ED
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/8F92CAAC680411EE8CBF615A4AD9E6FC.roa
Signing time: Wed 11 Oct 2023 07:05:29 +0000
ROA not before: Wed 11 Oct 2023 07:05:26 +0000
ROA not after: Fri 11 Oct 2024 07:05:26 +0000
asID: 205320
IP address blocks: 156.0.108.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1261 (0x4ed)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Oct 11 07:05:26 2023 GMT
Not After : Oct 11 07:05:26 2024 GMT
Subject: CN=65264939-dff3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:18:19:2a:e2:4e:b5:4a:70:6e:29:8a:d6:0d:
68:14:f9:ed:2a:13:88:68:22:60:45:78:e6:09:97:
d9:b4:b9:ef:a1:99:c5:08:58:85:03:44:b8:d9:fd:
ea:9e:c9:0b:e5:86:7e:07:01:f5:5c:8c:28:cb:1b:
4c:57:ac:68:6c:5a:a1:61:71:49:6d:d6:d7:ef:b6:
1b:ba:bf:a4:99:e8:34:42:f3:14:af:30:b8:a7:f0:
73:84:c3:75:42:9b:9a:66:de:67:7c:ff:59:b2:82:
24:58:40:07:c5:56:5b:c2:fb:19:4e:72:7e:22:ff:
d5:f1:71:a8:a8:2f:8a:85:7d:2b:75:76:55:93:e7:
93:0f:03:6f:86:fe:76:e4:61:ef:69:02:8c:8a:e9:
b6:ac:5f:70:23:4b:21:d3:76:89:1a:25:22:d3:b3:
bc:8a:e6:67:2a:28:d7:15:e7:56:5f:73:cf:de:82:
ba:96:eb:43:24:7b:65:38:66:72:1b:ec:6d:30:3e:
d4:96:46:6d:e6:b6:58:b1:ce:ea:b7:62:e5:c7:0f:
f3:95:14:1b:21:45:9c:71:be:0b:3c:c5:69:1f:d5:
73:ac:3d:0a:38:2b:1e:ad:cb:60:d3:84:71:60:d4:
85:7d:69:12:85:4d:bf:82:00:7d:09:21:04:fc:11:
2a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:D2:E0:7E:3C:86:4B:23:16:D4:82:FB:B5:7D:F4:C0:F0:10:AA:0E
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/8F92CAAC680411EE8CBF615A4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.108.0/24
Signature Algorithm: sha256WithRSAEncryption
7b:1c:18:1d:f7:41:65:11:af:32:2a:bf:90:c3:7c:a6:2f:dd:
ed:79:e0:c0:65:19:92:af:90:b1:e0:a2:e8:8c:d9:1f:f8:b2:
3f:d8:c4:80:50:66:f3:65:08:42:8b:dc:4e:dd:41:46:82:bc:
40:13:6b:2e:bc:e7:dd:44:26:f9:e3:43:f1:4b:9c:f1:71:35:
55:d6:85:08:2d:3a:73:06:09:4b:7e:3d:2f:e7:65:3f:03:66:
e2:c8:e2:53:6e:eb:81:7a:e1:19:a2:82:44:2d:91:fb:f8:2c:
18:f7:39:49:f9:e5:d3:7a:b7:70:86:40:07:09:92:7b:82:4e:
84:dc:35:bb:fe:db:50:48:68:5d:22:76:ef:85:b8:dc:e3:88:
e0:1f:44:74:a5:ef:ed:b3:92:21:28:66:1e:8a:67:2d:62:7a:
15:d8:31:72:b0:51:13:8a:02:e3:b5:32:8f:eb:00:56:b8:5e:
e8:26:51:41:d5:52:8a:63:8a:df:48:45:ca:24:b3:1f:69:ea:
5e:84:2e:71:34:36:73:d4:c4:7d:f9:44:68:c9:6d:27:1e:11:
90:b5:5f:12:9c:db:dd:27:44:35:50:a3:a5:9f:68:2c:e0:ea:
7f:d6:dc:d2:f3:2c:45:81:34:73:4c:69:b6:83:e9:20:9e:33:
cf:e6:f2:aa
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBO0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzEwMTEwNzA1MjZaFw0yNDEwMTEwNzA1MjZaMBgxFjAU
BgNVBAMTDTY1MjY0OTM5LWRmZjMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDUGBkq4k61SnBuKYrWDWgU+e0qE4hoImBFeOYJl9m0ue+hmcUIWIUDRLjZ
/eqeyQvlhn4HAfVcjCjLG0xXrGhsWqFhcUlt1tfvthu6v6SZ6DRC8xSvMLin8HOE
w3VCm5pm3md8/1mygiRYQAfFVlvC+xlOcn4i/9XxcaioL4qFfSt1dlWT55MPA2+G
/nbkYe9pAoyK6basX3AjSyHTdokaJSLTs7yK5mcqKNcV51Zfc8/egrqW60Mke2U4
ZnIb7G0wPtSWRm3mtlixzuq3YuXHD/OVFBshRZxxvgs8xWkf1XOsPQo4Kx6ty2DT
hHFg1IV9aRKFTb+CAH0JIQT8ESpTAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUx9Lg
fjyGSyMW1IL7tX30wPAQqg4wHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzhGOTJDQUFDNjgwNDExRUU4Q0JGNjE1QTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAGwwDQYJKoZIhvcNAQELBQAD
ggEBAHscGB33QWURrzIqv5DDfKYv3e154MBlGZKvkLHgouiM2R/4sj/YxIBQZvNl
CEKL3E7dQUaCvEATay68591EJvnjQ/FLnPFxNVXWhQgtOnMGCUt+PS/nZT8DZuLI
4lNu64F64RmigkQtkfv4LBj3OUn55dN6t3CGQAcJknuCToTcNbv+21BIaF0idu+F
uNzjiOAfRHSl7+2zkiEoZh6KZy1iehXYMXKwUROKAuO1Mo/rAFa4XugmUUHVUopj
it9IRcoksx9p6l6ELnE0NnPUxH35RGjJbSceEZC1XxKc290nRDVQo6WfaCzg6n/W
3NLzLEWBNHNMabaD6SCeM8/m8qo=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:07 2024 by rpki-client on console-fra.rpki-client.org