Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/AD9938AE2C8311EE9DF2374F4AD9E6FC.roa
File: AD9938AE2C8311EE9DF2374F4AD9E6FC.roa (raw, json)
Hash identifier: x8o2ArUPkYH7jqLaZb3rYZSUB/qaQhUtxqYpd8jqGhQ=
Subject key identifier: 24:8B:90:B7:09:1E:2C:98:03:1A:D9:2B:8B:34:06:DE:86:F0:A4:C8
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0443
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/AD9938AE2C8311EE9DF2374F4AD9E6FC.roa
Signing time: Thu 27 Jul 2023 13:44:16 +0000
ROA not before: Thu 27 Jul 2023 13:44:12 +0000
ROA not after: Sat 27 Jul 2024 13:44:12 +0000
asID: 209181
IP address blocks: 156.0.127.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1091 (0x443)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jul 27 13:44:12 2023 GMT
Not After : Jul 27 13:44:12 2024 GMT
Subject: CN=64c274b0-f582
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:81:e4:96:10:ba:c8:d8:ce:c2:eb:2f:53:c1:
1d:3b:93:3b:07:7b:b5:7b:e1:16:3f:46:1c:0e:62:
e9:0f:91:1c:0f:6d:8b:54:61:75:dd:aa:f2:09:80:
01:14:59:56:64:de:52:c4:3c:4a:41:68:fc:75:55:
14:ca:28:4f:fb:86:15:50:34:5d:ee:91:2d:5b:9a:
d0:d9:28:44:ea:8a:c6:90:de:9c:dd:bc:6e:46:8c:
97:3d:7b:97:9e:44:5f:74:7e:6c:e9:61:fa:d6:6e:
eb:ca:d9:7b:38:43:65:e4:e9:c2:0e:b6:db:72:b4:
3a:d1:cd:24:36:76:18:48:97:1c:70:76:ff:fd:4a:
5d:7a:47:8c:34:05:b1:43:5a:00:cf:f3:8b:0a:0f:
6e:f0:75:2e:98:5f:f6:38:6d:ac:c4:eb:e6:1e:a0:
a6:c8:9b:b2:ee:7c:ba:5b:d7:9f:c7:a6:87:37:02:
ca:b1:3f:ea:9e:97:85:8c:9e:42:62:ce:8d:d2:41:
db:06:5e:c2:df:c6:73:ad:0d:28:38:a8:48:88:fb:
77:e0:68:3a:72:46:f4:d6:29:de:b2:f6:2a:a8:09:
28:36:f2:b4:27:e3:af:0b:c8:80:0a:5b:eb:33:ce:
9a:54:ad:56:df:fc:91:6e:40:75:6f:b5:d0:10:da:
8d:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
24:8B:90:B7:09:1E:2C:98:03:1A:D9:2B:8B:34:06:DE:86:F0:A4:C8
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/AD9938AE2C8311EE9DF2374F4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.127.0/24
Signature Algorithm: sha256WithRSAEncryption
bd:af:7a:e3:a6:af:7a:86:47:fa:75:99:5c:47:61:f6:36:05:
d8:0a:a5:66:4d:82:5b:69:a5:ea:5c:2f:67:23:96:6d:6a:4a:
b2:0a:54:f7:bf:cd:67:3e:31:48:91:c0:aa:98:f9:ee:10:e0:
db:de:bd:cf:a1:6b:bc:ca:de:f5:f5:09:e1:98:ef:ab:02:c3:
d0:00:c9:62:40:2c:e1:d2:63:a2:49:f3:1f:b8:40:f2:4f:be:
57:5f:1d:ac:38:18:96:81:c0:0c:13:6c:d8:82:f2:9b:b4:e6:
1f:73:97:e4:9d:bb:e5:bd:f3:62:fa:31:31:b5:53:dd:2b:3a:
c7:92:04:42:b1:25:15:17:da:c2:9a:b7:76:e0:5a:9f:f0:4f:
50:77:6c:1f:00:b9:c5:a7:68:50:21:dc:74:79:b7:95:ec:c8:
36:d1:65:77:f9:dd:a6:5e:24:55:e9:f1:97:80:8b:35:c4:af:
46:38:b1:f1:bc:c6:8c:7b:58:89:6d:be:33:d5:bf:92:1a:29:
48:42:d5:fe:34:22:f0:bc:d6:24:df:18:27:9e:21:eb:54:14:
c9:49:59:00:6e:f3:36:6a:16:a6:53:16:8e:07:3f:c9:42:40:
63:98:56:60:91:be:ad:78:0d:f3:b1:13:c2:a5:aa:85:3b:b3:
bf:8a:73:a9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBEMwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA3MjcxMzQ0MTJaFw0yNDA3MjcxMzQ0MTJaMBgxFjAU
BgNVBAMTDTY0YzI3NGIwLWY1ODIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC5geSWELrI2M7C6y9TwR07kzsHe7V74RY/RhwOYukPkRwPbYtUYXXdqvIJ
gAEUWVZk3lLEPEpBaPx1VRTKKE/7hhVQNF3ukS1bmtDZKETqisaQ3pzdvG5GjJc9
e5eeRF90fmzpYfrWbuvK2Xs4Q2Xk6cIOtttytDrRzSQ2dhhIlxxwdv/9Sl16R4w0
BbFDWgDP84sKD27wdS6YX/Y4bazE6+YeoKbIm7LufLpb15/Hpoc3AsqxP+qel4WM
nkJizo3SQdsGXsLfxnOtDSg4qEiI+3fgaDpyRvTWKd6y9iqoCSg28rQn468LyIAK
W+szzppUrVbf/JFuQHVvtdAQ2o0zAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUJIuQ
twkeLJgDGtkrizQG3obwpMgwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0FEOTkzOEFFMkM4MzExRUU5REYyMzc0RjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAH8wDQYJKoZIhvcNAQELBQAD
ggEBAL2veuOmr3qGR/p1mVxHYfY2BdgKpWZNgltppepcL2cjlm1qSrIKVPe/zWc+
MUiRwKqY+e4Q4Nvevc+ha7zK3vX1CeGY76sCw9AAyWJALOHSY6JJ8x+4QPJPvldf
Haw4GJaBwAwTbNiC8pu05h9zl+Sdu+W982L6MTG1U90rOseSBEKxJRUX2sKat3bg
Wp/wT1B3bB8AucWnaFAh3HR5t5XsyDbRZXf53aZeJFXp8ZeAizXEr0Y4sfG8xox7
WIltvjPVv5IaKUhC1f40IvC81iTfGCeeIetUFMlJWQBu8zZqFqZTFo4HP8lCQGOY
VmCRvq14DfOxE8KlqoU7s7+Kc6k=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:07 2024 by rpki-client on console-fra.rpki-client.org