Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/9F30B58E74AA11EE952F42444AD9E6FC.roa
File: 9F30B58E74AA11EE952F42444AD9E6FC.roa (raw, json)
Hash identifier: F9pHvpBa+tDPAi7VbXP3ENpk/gKZV3xYIGZ0+s3EHbQ=
Subject key identifier: 57:7E:1E:4D:45:EC:1A:69:64:2B:9E:BD:32:CA:16:7C:C6:FA:78:22
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0502
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/9F30B58E74AA11EE952F42444AD9E6FC.roa
Signing time: Fri 27 Oct 2023 09:24:26 +0000
ROA not before: Fri 27 Oct 2023 09:24:22 +0000
ROA not after: Sun 27 Oct 2024 09:24:22 +0000
asID: 328227
IP address blocks: 156.0.120.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1282 (0x502)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Oct 27 09:24:22 2023 GMT
Not After : Oct 27 09:24:22 2024 GMT
Subject: CN=653b81ca-40fe
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:f0:bf:28:f2:ec:85:16:ff:bf:57:a5:90:94:
9b:81:9c:b8:47:71:23:a5:fc:88:8d:45:61:36:88:
6d:a3:eb:44:b3:82:e0:8c:f0:92:89:bc:f8:d7:60:
bb:47:82:8f:58:92:e5:2d:dc:06:38:cb:af:42:72:
aa:99:34:c9:fe:3e:f5:0d:41:ab:4b:46:57:28:3b:
7b:8a:3f:80:68:7d:d7:6d:55:68:45:69:da:87:ab:
6e:0d:c2:3c:9d:45:6b:7a:6c:08:65:03:15:d8:3c:
77:75:b5:79:68:b9:e0:d6:24:2b:e2:7a:5c:85:21:
92:9d:50:73:74:30:79:ee:a3:a3:ed:ce:fd:4c:19:
8e:3f:40:6d:13:1b:d6:c2:37:c8:54:a0:26:81:03:
42:de:2f:ee:66:3b:29:21:a2:94:74:99:7e:49:81:
77:b0:14:52:af:43:cb:37:5f:ee:15:b5:0f:0f:15:
21:c6:63:3d:5c:ca:71:63:60:d8:13:38:c1:b5:03:
a8:ab:60:ab:23:90:74:98:4b:89:91:72:32:bb:68:
7c:1b:62:ce:99:70:85:6a:d1:d7:57:da:39:48:4d:
73:a3:7f:4c:6d:95:8b:ea:93:01:06:2e:fc:e9:f7:
67:27:8e:ea:ab:8e:70:ee:5c:89:4f:15:82:08:b9:
3e:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:7E:1E:4D:45:EC:1A:69:64:2B:9E:BD:32:CA:16:7C:C6:FA:78:22
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/9F30B58E74AA11EE952F42444AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.120.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:0e:0b:fb:39:93:d8:8d:91:b4:3a:49:04:8e:79:c7:b2:30:
ac:24:87:14:05:b6:47:00:c2:be:98:18:b8:b6:10:2c:39:c7:
22:14:79:50:d6:29:87:bc:f4:b6:e4:3c:17:3a:89:fc:08:5f:
d7:9d:8d:69:1f:d0:8a:28:e6:78:a2:ed:c3:66:ec:08:01:fd:
62:a5:b2:4d:c2:ef:98:e9:6c:1b:81:09:a8:55:c5:8d:1e:42:
48:3f:aa:d0:c1:ef:8b:fa:97:6d:a7:84:71:2f:19:a4:60:8d:
24:42:9a:df:24:c6:c6:3b:2d:03:05:32:bb:98:96:00:6c:be:
4d:51:43:1c:da:04:f1:66:33:05:94:b8:83:4f:20:21:ed:e8:
53:2e:b6:f2:b0:2f:65:1b:78:86:b1:a8:24:18:99:42:7c:a9:
b5:7d:97:f6:49:93:8c:2d:f5:8e:45:fd:d2:d2:3c:7b:dc:94:
7d:9b:89:e6:5a:cf:ea:4f:a0:9f:68:6f:18:7c:2b:87:c8:7e:
8a:9f:20:51:67:dc:66:cf:d0:96:c7:d7:0f:d4:b6:57:cc:e3:
67:a0:ab:76:e1:1b:5c:99:4a:23:c0:33:0a:97:c5:91:c5:4b:
58:c0:39:7d:05:01:5a:af:52:e5:6f:c6:61:9c:34:f9:34:f3:
0d:34:6e:87
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBQIwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzEwMjcwOTI0MjJaFw0yNDEwMjcwOTI0MjJaMBgxFjAU
BgNVBAMTDTY1M2I4MWNhLTQwZmUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDb8L8o8uyFFv+/V6WQlJuBnLhHcSOl/IiNRWE2iG2j60SzguCM8JKJvPjX
YLtHgo9YkuUt3AY4y69CcqqZNMn+PvUNQatLRlcoO3uKP4BofddtVWhFadqHq24N
wjydRWt6bAhlAxXYPHd1tXloueDWJCvielyFIZKdUHN0MHnuo6Ptzv1MGY4/QG0T
G9bCN8hUoCaBA0LeL+5mOykhopR0mX5JgXewFFKvQ8s3X+4VtQ8PFSHGYz1cynFj
YNgTOMG1A6irYKsjkHSYS4mRcjK7aHwbYs6ZcIVq0ddX2jlITXOjf0xtlYvqkwEG
Lvzp92cnjuqrjnDuXIlPFYIIuT7fAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUV34e
TUXsGmlkK569MsoWfMb6eCIwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4LzlGMzBCNThFNzRBQTExRUU5NTJGNDI0NDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHgwDQYJKoZIhvcNAQELBQAD
ggEBAG0OC/s5k9iNkbQ6SQSOeceyMKwkhxQFtkcAwr6YGLi2ECw5xyIUeVDWKYe8
9LbkPBc6ifwIX9edjWkf0Ioo5nii7cNm7AgB/WKlsk3C75jpbBuBCahVxY0eQkg/
qtDB74v6l22nhHEvGaRgjSRCmt8kxsY7LQMFMruYlgBsvk1RQxzaBPFmMwWUuINP
ICHt6FMutvKwL2UbeIaxqCQYmUJ8qbV9l/ZJk4wt9Y5F/dLSPHvclH2bieZaz+pP
oJ9obxh8K4fIfoqfIFFn3GbP0JbH1w/UtlfM42egq3bhG1yZSiPAMwqXxZHFS1jA
OX0FAVqvUuVvxmGcNPk08w00boc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org