Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/99F11398426411EEB4C39C734AD9E6FC.roa
File: 99F11398426411EEB4C39C734AD9E6FC.roa (raw, json)
Hash identifier: xzY4f95NbAKFkHPxEAEfRN4acvu57nPHjk45O/i58OI=
Subject key identifier: 63:EC:4D:28:31:8B:71:C5:CE:EF:94:38:65:CF:CF:70:F4:61:47:21
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 048D
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/99F11398426411EEB4C39C734AD9E6FC.roa
Signing time: Thu 24 Aug 2023 09:57:14 +0000
ROA not before: Thu 24 Aug 2023 09:57:11 +0000
ROA not after: Sat 24 Aug 2024 09:57:11 +0000
asID: 398465
IP address blocks: 156.0.120.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1165 (0x48d)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Aug 24 09:57:11 2023 GMT
Not After : Aug 24 09:57:11 2024 GMT
Subject: CN=64e7297a-89e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:30:f9:96:08:7c:c3:f3:62:f2:4a:48:23:74:
62:48:f5:87:e2:90:04:fb:7d:9a:30:db:8b:a0:74:
2b:21:04:5c:c5:93:1b:6f:f5:f7:62:05:de:66:26:
0b:8a:f9:6f:94:c0:d9:44:6a:44:51:c1:3d:a1:14:
60:5d:56:c7:3f:20:7d:2a:18:c4:8b:57:19:41:87:
0c:d6:6e:78:15:0f:23:3f:34:79:cc:1c:6f:15:2e:
ce:ff:de:9a:39:23:84:e1:f8:a6:78:59:76:d3:58:
84:2e:74:2d:47:06:84:83:78:aa:9a:76:6b:0d:65:
82:5a:b4:48:a9:d2:69:32:66:41:4f:67:6f:1a:9b:
92:39:1d:89:40:03:df:0d:09:d5:a8:16:6d:bd:ad:
b3:34:18:8c:13:c2:18:64:be:95:f4:6d:1c:64:25:
0b:8e:ee:ab:24:2a:90:c0:3b:4b:03:1e:3a:85:69:
43:16:5a:b9:7d:42:65:3a:02:6a:37:e0:d4:35:a7:
9a:19:ee:d0:a7:db:9f:22:59:89:b5:05:da:27:6a:
39:e8:1c:34:57:f7:0a:25:3d:60:da:d9:a3:d4:28:
68:f7:93:24:b8:07:38:b8:88:d7:1f:09:85:b0:b3:
e5:6b:57:a9:b0:af:f8:47:5b:a9:ce:89:66:05:39:
ca:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:EC:4D:28:31:8B:71:C5:CE:EF:94:38:65:CF:CF:70:F4:61:47:21
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/99F11398426411EEB4C39C734AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.120.0/24
Signature Algorithm: sha256WithRSAEncryption
0d:51:04:8a:a5:95:53:2e:9f:3a:9e:a1:4b:9d:a4:40:e2:bf:
1a:a5:16:49:1f:5e:23:03:1f:d2:e3:1f:12:f3:13:ad:ab:0e:
45:10:10:16:28:64:bb:9b:ff:04:ce:89:95:40:de:96:ee:33:
58:d3:a2:8c:a8:bd:64:d0:36:02:02:04:08:dc:b8:f0:ff:5f:
72:eb:7b:90:63:f7:23:6f:9e:87:d9:02:19:f2:25:50:6e:89:
aa:ba:7c:c5:73:2e:af:cd:e1:8d:da:3d:3e:5a:f1:56:93:11:
bc:19:c1:67:43:88:c9:75:f7:4b:a8:9a:3e:4e:41:1b:0f:87:
58:aa:9c:3d:4b:59:5d:8c:d3:e7:e1:cb:9e:7a:04:09:c1:93:
28:d0:30:d2:01:80:06:3b:37:5c:83:2c:a5:27:b0:02:1a:90:
6d:a0:2b:03:81:cf:be:91:0c:77:63:e3:1d:0d:6f:1c:44:e7:
70:1b:4a:fc:b3:6f:6a:39:b0:31:77:ae:05:85:da:f5:df:41:
68:49:71:c9:d4:71:92:81:4b:f0:2c:50:20:41:06:7a:da:b0:
eb:04:ce:da:e9:6c:af:27:41:cc:7e:19:4f:74:a4:d0:ae:26:
72:b1:d6:11:b8:4d:3e:49:a2:11:78:35:6d:dd:ab:6e:58:e4:
1a:75:0a:62
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBI0wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA4MjQwOTU3MTFaFw0yNDA4MjQwOTU3MTFaMBgxFjAU
BgNVBAMTDTY0ZTcyOTdhLTg5ZTMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDrMPmWCHzD82LySkgjdGJI9YfikAT7fZow24ugdCshBFzFkxtv9fdiBd5m
JguK+W+UwNlEakRRwT2hFGBdVsc/IH0qGMSLVxlBhwzWbngVDyM/NHnMHG8VLs7/
3po5I4Th+KZ4WXbTWIQudC1HBoSDeKqadmsNZYJatEip0mkyZkFPZ28am5I5HYlA
A98NCdWoFm29rbM0GIwTwhhkvpX0bRxkJQuO7qskKpDAO0sDHjqFaUMWWrl9QmU6
Amo34NQ1p5oZ7tCn258iWYm1BdonajnoHDRX9wolPWDa2aPUKGj3kyS4Bzi4iNcf
CYWws+VrV6mwr/hHW6nOiWYFOcoRAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUY+xN
KDGLccXO75Q4Zc/PcPRhRyEwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4Lzk5RjExMzk4NDI2NDExRUVCNEMzOUM3MzRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHgwDQYJKoZIhvcNAQELBQAD
ggEBAA1RBIqllVMunzqeoUudpEDivxqlFkkfXiMDH9LjHxLzE62rDkUQEBYoZLub
/wTOiZVA3pbuM1jTooyovWTQNgICBAjcuPD/X3Lre5Bj9yNvnofZAhnyJVBuiaq6
fMVzLq/N4Y3aPT5a8VaTEbwZwWdDiMl190uomj5OQRsPh1iqnD1LWV2M0+fhy556
BAnBkyjQMNIBgAY7N1yDLKUnsAIakG2gKwOBz76RDHdj4x0NbxxE53AbSvyzb2o5
sDF3rgWF2vXfQWhJccnUcZKBS/AsUCBBBnrasOsEztrpbK8nQcx+GU90pNCuJnKx
1hG4TT5JohF4NW3dq25Y5Bp1CmI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:07 2024 by rpki-client on console-fra.rpki-client.org