Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/B5F7EB72174711EE9448D4194AD9E6FC.roa
File: B5F7EB72174711EE9448D4194AD9E6FC.roa (raw, json)
Hash identifier: Q0Iq+Es2V+swEQcjVQoSGNA4tW28cBD13bNfLQSy+H8=
Subject key identifier: 60:15:DA:5D:E4:95:89:E2:6B:93:28:FB:97:41:04:3B:76:A5:D9:79
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 03EE
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/B5F7EB72174711EE9448D4194AD9E6FC.roa
Signing time: Fri 30 Jun 2023 13:12:06 +0000
ROA not before: Fri 30 Jun 2023 13:12:02 +0000
ROA not after: Sun 30 Jun 2024 13:12:02 +0000
asID: 21082
IP address blocks: 156.0.111.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1006 (0x3ee)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 13:12:02 2023 GMT
Not After : Jun 30 13:12:02 2024 GMT
Subject: CN=649ed4a6-eb06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:78:a7:ab:d9:53:a7:94:8c:54:24:22:29:8e:
4f:a5:d0:13:52:6b:d6:78:9f:1a:9a:7a:7d:d5:d7:
d9:0c:09:5a:42:8e:ba:65:ad:53:4b:e3:bf:7c:1c:
b4:82:8a:30:09:f3:27:fa:dc:61:f6:96:78:64:e1:
4f:ed:12:13:f3:be:31:b2:db:52:31:1e:26:12:68:
6e:d1:b0:df:b0:5a:44:95:f6:51:e1:03:13:59:c1:
48:50:2f:2b:c0:0d:96:53:d7:12:91:19:49:c5:c1:
b2:5c:38:f6:f4:43:fe:d1:c6:6b:89:54:fc:b2:11:
99:9f:a2:16:78:54:b2:e8:36:a1:d2:6f:2f:9f:e3:
70:b9:d6:99:a6:15:8d:a0:38:c6:cf:94:43:22:77:
26:70:bb:ff:ab:34:8b:b0:d6:71:da:48:e9:40:09:
73:de:5c:8d:6e:2f:ce:80:87:c9:e4:4c:ab:19:4e:
c3:8b:da:9b:77:6f:fc:03:a5:72:d5:21:a5:16:0c:
e3:01:16:8a:66:d8:e0:2b:dc:a2:aa:13:b7:5c:40:
8c:23:d5:aa:08:a8:f2:e8:8f:0a:eb:29:65:15:6b:
42:7f:d7:ff:8a:b7:73:bb:03:bb:ef:02:a1:2c:5b:
a3:dc:bd:29:15:7a:55:a0:5e:02:dd:2d:01:3f:73:
17:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
60:15:DA:5D:E4:95:89:E2:6B:93:28:FB:97:41:04:3B:76:A5:D9:79
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/B5F7EB72174711EE9448D4194AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.111.0/24
Signature Algorithm: sha256WithRSAEncryption
94:8f:de:d0:45:a2:87:e0:a7:48:d1:c5:b8:39:f0:48:ed:fa:
83:f0:0d:eb:65:a2:4c:ff:40:73:ae:14:63:f0:1a:00:0e:89:
65:bb:1a:66:9f:77:dd:74:12:23:7e:14:21:87:2a:72:3b:cb:
cf:78:1b:a5:ae:17:7f:b6:c0:e2:ef:ed:42:78:15:2f:d1:1a:
2d:98:21:49:95:bd:e9:e0:78:d0:79:33:ae:5c:f3:c0:7e:8b:
54:f4:f9:fd:7b:f9:54:f3:b1:89:f9:36:29:f6:a3:25:28:ed:
f9:2d:f7:e1:5e:c4:51:2a:e1:35:47:e3:00:1a:34:6a:5c:a9:
50:41:a7:e7:21:84:49:e5:46:9c:da:9f:3d:68:4a:59:26:4d:
a7:b3:f2:6d:e4:91:54:40:41:c0:a0:0a:e8:9b:4f:63:59:54:
cb:a8:cb:7a:55:d6:1f:8a:9c:7d:b0:8d:38:e5:11:e5:72:49:
10:45:51:98:c8:1b:90:1f:70:45:50:81:cd:7e:43:70:7a:13:
73:c0:4c:42:5f:64:07:85:5e:c2:0d:67:d1:f5:69:b8:a4:f8:
79:4a:40:7b:88:0b:30:78:dd:1a:ab:f6:c6:be:f4:d4:51:f5:
08:e3:8c:f8:52:69:6a:3f:74:ab:2c:30:8f:03:72:44:f9:8f:
e1:08:34:7b
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA+4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMzEyMDJaFw0yNDA2MzAxMzEyMDJaMBgxFjAU
BgNVBAMTDTY0OWVkNGE2LWViMDYwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQC2eKer2VOnlIxUJCIpjk+l0BNSa9Z4nxqaen3V19kMCVpCjrplrVNL4798
HLSCijAJ8yf63GH2lnhk4U/tEhPzvjGy21IxHiYSaG7RsN+wWkSV9lHhAxNZwUhQ
LyvADZZT1xKRGUnFwbJcOPb0Q/7RxmuJVPyyEZmfohZ4VLLoNqHSby+f43C51pmm
FY2gOMbPlEMidyZwu/+rNIuw1nHaSOlACXPeXI1uL86Ah8nkTKsZTsOL2pt3b/wD
pXLVIaUWDOMBFopm2OAr3KKqE7dcQIwj1aoIqPLojwrrKWUVa0J/1/+Kt3O7A7vv
AqEsW6PcvSkVelWgXgLdLQE/cxeJAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUYBXa
XeSVieJrkyj7l0EEO3al2XkwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0I1RjdFQjcyMTc0NzExRUU5NDQ4RDQxOTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAG8wDQYJKoZIhvcNAQELBQAD
ggEBAJSP3tBFoofgp0jRxbg58Ejt+oPwDetlokz/QHOuFGPwGgAOiWW7Gmafd910
EiN+FCGHKnI7y894G6WuF3+2wOLv7UJ4FS/RGi2YIUmVvengeNB5M65c88B+i1T0
+f17+VTzsYn5Nin2oyUo7fkt9+FexFEq4TVH4wAaNGpcqVBBp+chhEnlRpzanz1o
SlkmTaez8m3kkVRAQcCgCuibT2NZVMuoy3pV1h+KnH2wjTjlEeVySRBFUZjIG5Af
cEVQgc1+Q3B6E3PATEJfZAeFXsINZ9H1abik+HlKQHuICzB43Rqr9sa+9NRR9Qjj
jPhSaWo/dKssMI8DckT5j+EINHs=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:07 2024 by rpki-client on console-fra.rpki-client.org