Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/BA27125E3A7E11EE9067EA324AD9E6FC.roa
File: BA27125E3A7E11EE9067EA324AD9E6FC.roa (raw, json)
Hash identifier: sAwuw8RvMWp9aZyTSmiJAd6wbQqhp8tPL0bxubYY4Lk=
Subject key identifier: A5:A5:52:AB:96:FA:D6:15:77:A3:EC:9C:2A:E6:1A:20:26:CA:CD:63
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0480
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/BA27125E3A7E11EE9067EA324AD9E6FC.roa
Signing time: Mon 14 Aug 2023 08:44:06 +0000
ROA not before: Mon 14 Aug 2023 08:44:03 +0000
ROA not after: Wed 14 Aug 2024 08:44:03 +0000
asID: 60539
IP address blocks: 156.0.105.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1152 (0x480)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Aug 14 08:44:03 2023 GMT
Not After : Aug 14 08:44:03 2024 GMT
Subject: CN=64d9e956-5a41
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dd:6b:18:0e:f6:b2:cf:3a:89:9b:dc:1d:10:a7:
92:1f:5a:31:93:5c:db:1e:0d:f8:47:1f:14:b4:b0:
3b:37:57:fc:6c:44:23:03:7f:e7:22:eb:98:8a:2a:
a6:21:23:e6:73:63:31:89:b5:89:6b:3d:34:c0:78:
55:a4:a7:e9:77:d1:53:db:ba:8f:82:2f:d8:71:07:
85:8f:29:22:df:94:83:27:98:cb:f1:20:05:c6:2a:
9c:cd:c6:b2:1d:fd:70:dd:ce:55:c8:c4:d3:e1:29:
78:30:47:9b:98:90:dd:5a:4b:2d:60:17:7f:fd:1f:
78:b0:f3:43:22:be:5a:83:c8:54:0e:33:d2:a8:46:
ae:bf:bf:7d:fc:fe:e9:39:b8:4a:16:4a:35:ee:1a:
dd:1e:e2:1f:a8:8e:3e:32:b7:da:aa:2a:35:4d:6e:
59:69:30:5a:83:07:25:c9:7c:e0:92:fb:17:6a:09:
7b:cf:f9:f1:b8:6c:43:bc:bb:f0:dc:76:d8:c7:7f:
3b:6f:fa:bd:4a:7c:6b:9c:e8:aa:e9:e6:14:06:13:
ee:c7:ca:ed:5f:b3:46:7e:43:01:f5:e0:bc:6f:31:
a7:95:72:28:f2:6b:a8:4a:a5:ee:13:5d:13:fd:4d:
6c:f6:2e:a7:4f:5f:9d:71:be:d0:89:78:5a:15:97:
06:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:A5:52:AB:96:FA:D6:15:77:A3:EC:9C:2A:E6:1A:20:26:CA:CD:63
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/BA27125E3A7E11EE9067EA324AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.105.0/24
Signature Algorithm: sha256WithRSAEncryption
53:93:1e:bc:78:03:3f:55:70:fe:0c:1e:38:69:f2:6f:09:fd:
3f:ea:ea:f8:af:71:db:4c:83:d0:fe:97:ee:10:5e:b8:f1:ae:
48:94:45:2c:b5:96:36:bd:e4:6c:fb:73:c3:87:b6:d9:9c:74:
88:9a:7d:7b:d0:fc:95:65:81:93:78:30:6d:e5:46:50:f1:1d:
11:62:d8:be:fc:6f:24:b9:2e:08:7b:a8:dd:2f:31:60:af:9d:
78:67:33:00:61:3c:11:6b:32:96:2f:8f:9d:70:85:61:7f:08:
03:d1:33:39:18:7d:9a:a8:17:7b:95:6b:9b:4d:c0:85:c8:f0:
6a:9c:7a:a5:bd:be:ff:d9:85:4c:d7:ea:59:d8:51:ee:5d:0f:
14:a2:61:5a:56:b6:fa:91:b7:4f:a7:73:91:f0:d2:8c:d2:b4:
4a:01:98:89:f5:2b:8a:ab:d7:e4:38:b9:bc:2f:04:9f:d0:39:
9f:6a:39:3d:69:81:40:3b:5a:98:81:dc:e5:ff:88:52:1d:6b:
2c:f3:cd:a0:bf:78:bd:03:dc:7f:23:59:9d:c2:9b:f8:d8:66:
c1:a1:0a:e7:bd:f7:91:a5:4c:99:c5:2e:e8:58:5f:ca:40:97:
e3:07:20:f8:76:9f:f6:e2:f3:d2:b4:4c:c8:27:aa:a6:57:81:
30:2e:ca:d4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBIAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA4MTQwODQ0MDNaFw0yNDA4MTQwODQ0MDNaMBgxFjAU
BgNVBAMTDTY0ZDllOTU2LTVhNDEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDdaxgO9rLPOomb3B0Qp5IfWjGTXNseDfhHHxS0sDs3V/xsRCMDf+ci65iK
KqYhI+ZzYzGJtYlrPTTAeFWkp+l30VPbuo+CL9hxB4WPKSLflIMnmMvxIAXGKpzN
xrId/XDdzlXIxNPhKXgwR5uYkN1aSy1gF3/9H3iw80MivlqDyFQOM9KoRq6/v338
/uk5uEoWSjXuGt0e4h+ojj4yt9qqKjVNbllpMFqDByXJfOCS+xdqCXvP+fG4bEO8
u/DcdtjHfztv+r1KfGuc6Krp5hQGE+7Hyu1fs0Z+QwH14LxvMaeVcijya6hKpe4T
XRP9TWz2LqdPX51xvtCJeFoVlwZzAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUpaVS
q5b61hV3o+ycKuYaICbKzWMwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0JBMjcxMjVFM0E3RTExRUU5MDY3RUEzMjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAGkwDQYJKoZIhvcNAQELBQAD
ggEBAFOTHrx4Az9VcP4MHjhp8m8J/T/q6vivcdtMg9D+l+4QXrjxrkiURSy1lja9
5Gz7c8OHttmcdIiafXvQ/JVlgZN4MG3lRlDxHRFi2L78byS5Lgh7qN0vMWCvnXhn
MwBhPBFrMpYvj51whWF/CAPRMzkYfZqoF3uVa5tNwIXI8GqceqW9vv/ZhUzX6lnY
Ue5dDxSiYVpWtvqRt0+nc5Hw0ozStEoBmIn1K4qr1+Q4ubwvBJ/QOZ9qOT1pgUA7
WpiB3OX/iFIdayzzzaC/eL0D3H8jWZ3Cm/jYZsGhCue995GlTJnFLuhYX8pAl+MH
IPh2n/bi89K0TMgnqqZXgTAuytQ=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org