Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/A5DF4962174A11EEB0AF4E224AD9E6FC.roa
File: A5DF4962174A11EEB0AF4E224AD9E6FC.roa (raw, json)
Hash identifier: J2erWGmhZLvZ0HgSf9tk7slamTE1NywnLqbupSHPB/g=
Subject key identifier: 0F:B0:FC:5A:69:D7:44:9E:45:0B:A2:8F:97:81:3B:A6:2E:9D:A4:7B
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 03FC
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/A5DF4962174A11EEB0AF4E224AD9E6FC.roa
Signing time: Fri 30 Jun 2023 13:33:07 +0000
ROA not before: Fri 30 Jun 2023 13:33:04 +0000
ROA not after: Sun 30 Jun 2024 13:33:04 +0000
asID: 328227
IP address blocks: 156.0.119.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1020 (0x3fc)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 13:33:04 2023 GMT
Not After : Jun 30 13:33:04 2024 GMT
Subject: CN=649ed993-6c6d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:a1:de:6a:ef:9b:f0:c9:95:04:82:26:db:d9:
40:5a:c5:fc:3f:67:79:a3:23:e4:c1:a6:e1:22:5b:
e5:dc:d8:8c:86:2a:3d:2c:9b:97:d2:95:81:f3:f2:
dc:6b:44:f3:76:1e:c6:be:c2:87:0f:f1:55:c3:c4:
c5:1b:14:78:1e:2d:27:10:78:d3:24:e6:99:65:17:
22:6c:bb:6e:a6:e2:d8:16:cb:a3:e5:d7:3f:b9:d4:
8c:f0:c7:5e:49:e7:c3:6b:c8:63:82:08:36:55:5f:
18:34:41:b4:40:32:0b:e1:af:35:41:05:e2:b9:63:
1e:64:52:90:87:78:47:6e:7a:38:e6:b5:44:09:99:
e1:16:c1:72:ee:32:f9:b1:50:6e:26:b0:e3:fa:96:
84:bb:db:86:80:ff:a3:20:e8:95:3f:7f:84:66:47:
d5:20:c1:47:01:bb:8c:2d:c9:53:0e:74:57:2b:8b:
5c:6b:d8:50:bf:ec:80:3c:13:8a:7d:cb:7c:e5:64:
f5:8a:f0:14:2c:85:6a:24:0e:00:6a:15:55:f8:54:
44:e3:0d:6b:e6:79:ab:b3:92:1c:e2:90:eb:89:dc:
e0:34:12:e3:a4:a5:3f:36:a2:45:12:e1:9d:b2:fe:
90:f5:97:40:95:4d:ca:39:77:b4:e7:1d:fc:70:b5:
ec:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:B0:FC:5A:69:D7:44:9E:45:0B:A2:8F:97:81:3B:A6:2E:9D:A4:7B
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/A5DF4962174A11EEB0AF4E224AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.119.0/24
Signature Algorithm: sha256WithRSAEncryption
af:61:77:0d:c2:ec:29:19:b6:aa:b7:27:68:77:4e:9a:52:cc:
5b:2e:8e:db:ea:69:46:61:e0:64:cf:ca:15:be:b9:12:b9:5c:
0c:21:0d:b4:12:3f:9d:72:a8:55:f2:a4:14:87:90:ed:b4:20:
bb:6b:ed:f4:71:53:79:ce:b6:7b:14:85:96:07:89:0b:de:9b:
d7:c3:9e:2b:6f:e2:37:cf:12:a8:a6:5c:43:21:2a:b7:d9:fc:
db:af:30:13:62:23:c3:9f:e9:66:7e:fe:1a:5f:37:e6:f3:ef:
28:19:34:9e:c4:0a:aa:6f:ce:b4:42:dc:64:f8:fe:af:30:c7:
1d:9e:1b:eb:5f:fe:38:5d:0a:80:31:f2:cd:20:fb:f7:79:a8:
f4:36:91:44:e0:b5:dd:90:a9:79:ee:8d:d5:c5:6b:b3:8b:75:
e4:9a:8e:77:c7:5b:75:be:2e:83:e6:a4:4f:dd:88:89:05:8a:
d4:2c:37:54:02:0a:ac:46:94:9d:78:c2:83:a2:3e:24:02:66:
eb:30:8f:b0:07:00:44:f7:06:1d:6e:26:9b:70:b8:ac:0f:86:
19:ed:68:a7:11:11:ea:08:60:c1:e5:9b:bd:03:94:f1:ce:45:
ac:83:3e:2f:0c:28:ff:a1:41:f7:31:3c:d3:a0:26:18:8c:3d:
63:d1:ff:12
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA/wwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMzMzMDRaFw0yNDA2MzAxMzMzMDRaMBgxFjAU
BgNVBAMTDTY0OWVkOTkzLTZjNmQwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC+od5q75vwyZUEgibb2UBaxfw/Z3mjI+TBpuEiW+Xc2IyGKj0sm5fSlYHz
8txrRPN2Hsa+wocP8VXDxMUbFHgeLScQeNMk5pllFyJsu26m4tgWy6Pl1z+51Izw
x15J58NryGOCCDZVXxg0QbRAMgvhrzVBBeK5Yx5kUpCHeEduejjmtUQJmeEWwXLu
MvmxUG4msOP6loS724aA/6Mg6JU/f4RmR9UgwUcBu4wtyVMOdFcri1xr2FC/7IA8
E4p9y3zlZPWK8BQshWokDgBqFVX4VETjDWvmeauzkhzikOuJ3OA0EuOkpT82okUS
4Z2y/pD1l0CVTco5d7TnHfxwtewZAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUD7D8
WmnXRJ5FC6KPl4E7pi6dpHswHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0E1REY0OTYyMTc0QTExRUVCMEFGNEUyMjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHcwDQYJKoZIhvcNAQELBQAD
ggEBAK9hdw3C7CkZtqq3J2h3TppSzFsujtvqaUZh4GTPyhW+uRK5XAwhDbQSP51y
qFXypBSHkO20ILtr7fRxU3nOtnsUhZYHiQvem9fDnitv4jfPEqimXEMhKrfZ/Nuv
MBNiI8Of6WZ+/hpfN+bz7ygZNJ7ECqpvzrRC3GT4/q8wxx2eG+tf/jhdCoAx8s0g
+/d5qPQ2kUTgtd2QqXnujdXFa7OLdeSajnfHW3W+LoPmpE/diIkFitQsN1QCCqxG
lJ14woOiPiQCZuswj7AHAET3Bh1uJptwuKwPhhntaKcREeoIYMHlm70DlPHORayD
Pi8MKP+hQfcxPNOgJhiMPWPR/xI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org