Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/AB460C1E382011EE90D6C50D4AD9E6FC.roa
File: AB460C1E382011EE90D6C50D4AD9E6FC.roa (raw, json)
Hash identifier: eSTqKnRr524tG9v9/yXwv+2ZNbLh7UFgOd6JSe6hMuM=
Subject key identifier: 8C:E4:70:61:01:F9:31:A9:91:75:86:67:13:1E:38:61:A0:10:C6:41
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0468
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/AB460C1E382011EE90D6C50D4AD9E6FC.roa
Signing time: Fri 11 Aug 2023 08:25:46 +0000
ROA not before: Fri 11 Aug 2023 08:25:43 +0000
ROA not after: Sun 11 Aug 2024 08:25:43 +0000
asID: 328227
IP address blocks: 156.0.123.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1128 (0x468)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Aug 11 08:25:43 2023 GMT
Not After : Aug 11 08:25:43 2024 GMT
Subject: CN=64d5f08a-6e40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:a8:eb:7d:7b:ca:04:cb:b1:0e:23:a7:d3:a9:
e6:a6:7b:cc:fd:b4:71:9f:45:a9:6f:f0:ed:cd:30:
d2:51:57:cd:3e:80:f2:14:14:40:1b:63:f9:6d:6e:
3f:36:fa:fa:41:9f:5b:0c:1f:d6:49:90:19:68:9d:
08:1d:41:d0:6c:02:d5:75:53:8f:e3:9d:cd:35:2f:
09:03:99:3a:97:29:25:1d:cb:0d:cf:2c:c3:61:3f:
ae:64:64:e3:2d:65:57:ce:e1:3a:4d:de:3d:2d:37:
58:25:69:69:7f:fc:48:5b:4c:b2:29:97:b0:4c:76:
63:71:99:77:c9:fe:95:fe:47:a2:f7:0b:1a:e0:f0:
43:34:3b:2c:87:ec:75:e9:71:07:34:d0:9b:aa:75:
45:41:ae:d0:9e:cf:a1:17:95:ef:aa:5c:ed:d8:a9:
bd:3d:53:c4:61:df:de:2a:ed:a5:76:5e:6d:3d:ba:
99:b8:b8:b3:48:b3:14:4b:5d:9c:6f:57:30:da:69:
d3:eb:9a:bc:bb:7a:e5:99:5b:23:3c:39:a0:8e:34:
5e:63:22:90:7a:45:a1:90:4d:7c:d1:30:63:d7:5f:
f5:eb:7f:f0:13:70:89:b4:78:2d:c7:66:67:74:f3:
89:c9:ca:d3:bb:8e:2d:38:eb:f8:4d:29:c9:ac:37:
db:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:E4:70:61:01:F9:31:A9:91:75:86:67:13:1E:38:61:A0:10:C6:41
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/AB460C1E382011EE90D6C50D4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.123.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:e5:d0:b6:aa:fa:bd:43:b4:f8:6e:f3:ea:be:54:e0:77:93:
ca:6c:b6:06:2d:86:a4:4e:8e:0a:e6:b9:45:1c:a3:09:89:de:
cb:99:63:8f:55:55:b7:a2:08:55:b5:70:cc:9c:92:42:68:f2:
c0:6e:d2:4d:d5:a6:7b:49:b7:bb:99:01:c8:b7:a1:81:70:5a:
c5:38:86:5e:b1:6e:86:42:91:09:74:49:d7:21:a9:c7:37:2e:
c7:72:72:3b:8e:fb:85:73:78:48:40:a9:ce:c7:49:5a:69:45:
a8:08:cd:66:23:28:af:71:ad:da:93:55:d5:e4:b1:e3:00:cc:
63:e8:dd:76:02:f2:07:08:b5:96:e9:7b:17:63:e2:58:69:ad:
68:dd:c7:bb:dd:56:3d:21:de:f8:59:5b:eb:f7:c2:f3:92:cf:
0c:8b:d1:de:f9:78:83:78:99:39:30:ea:55:61:4a:67:a5:be:
e1:7f:96:2f:63:b1:71:71:6b:07:35:c4:cd:e1:6e:c3:24:a7:
5a:a6:22:28:ff:00:e9:73:50:f5:20:7b:98:45:ba:6f:ba:6a:
3e:2a:b5:85:1c:18:7e:33:9d:9f:09:17:5a:b0:2f:2a:97:f2:
18:1e:a1:3f:4e:cb:f7:e9:ce:6c:40:53:d5:f4:92:ec:e5:50:
ba:08:06:62
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBGgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA4MTEwODI1NDNaFw0yNDA4MTEwODI1NDNaMBgxFjAU
BgNVBAMTDTY0ZDVmMDhhLTZlNDAwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2qOt9e8oEy7EOI6fTqeame8z9tHGfRalv8O3NMNJRV80+gPIUFEAbY/lt
bj82+vpBn1sMH9ZJkBlonQgdQdBsAtV1U4/jnc01LwkDmTqXKSUdyw3PLMNhP65k
ZOMtZVfO4TpN3j0tN1glaWl//EhbTLIpl7BMdmNxmXfJ/pX+R6L3Cxrg8EM0OyyH
7HXpcQc00JuqdUVBrtCez6EXle+qXO3Yqb09U8Rh394q7aV2Xm09upm4uLNIsxRL
XZxvVzDaadPrmry7euWZWyM8OaCONF5jIpB6RaGQTXzRMGPXX/Xrf/ATcIm0eC3H
Zmd084nJytO7ji046/hNKcmsN9vzAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUjORw
YQH5MamRdYZnEx44YaAQxkEwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0FCNDYwQzFFMzgyMDExRUU5MEQ2QzUwRDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHswDQYJKoZIhvcNAQELBQAD
ggEBAErl0Laq+r1DtPhu8+q+VOB3k8pstgYthqROjgrmuUUcowmJ3suZY49VVbei
CFW1cMyckkJo8sBu0k3VpntJt7uZAci3oYFwWsU4hl6xboZCkQl0Sdchqcc3Lsdy
cjuO+4VzeEhAqc7HSVppRagIzWYjKK9xrdqTVdXkseMAzGPo3XYC8gcItZbpexdj
4lhprWjdx7vdVj0h3vhZW+v3wvOSzwyL0d75eIN4mTkw6lVhSmelvuF/li9jsXFx
awc1xM3hbsMkp1qmIij/AOlzUPUge5hFum+6aj4qtYUcGH4znZ8JF1qwLyqX8hge
oT9Oy/fpzmxAU9X0kuzlULoIBmI=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org