Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/BC6278CE5EA011EE8F63D1824AD9E6FC.roa
File: BC6278CE5EA011EE8F63D1824AD9E6FC.roa (raw, json)
Hash identifier: rhzan571sJ6M/rYzLDYUw39nDkX55zMsXzvdMHxkNXo=
Subject key identifier: C7:74:2D:8B:48:1D:6A:2F:D1:8A:67:38:D6:E4:FA:B7:4D:0E:C5:C8
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 04C9
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/BC6278CE5EA011EE8F63D1824AD9E6FC.roa
Signing time: Fri 29 Sep 2023 08:18:14 +0000
ROA not before: Fri 29 Sep 2023 08:18:11 +0000
ROA not after: Sun 29 Sep 2024 08:18:11 +0000
asID: 328227
IP address blocks: 156.0.116.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1225 (0x4c9)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Sep 29 08:18:11 2023 GMT
Not After : Sep 29 08:18:11 2024 GMT
Subject: CN=65168846-e649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:33:d6:17:b6:80:d1:e1:4c:18:b4:68:97:a8:
e5:2e:07:6d:2f:6f:5d:73:8a:11:f1:04:61:f2:dd:
c9:58:78:32:6d:44:28:fc:25:bf:8c:b7:97:2a:b7:
74:15:e3:9f:81:66:87:fe:af:86:41:de:e0:4c:b2:
c6:32:84:c0:cf:d7:f9:23:8f:1b:49:40:7e:6b:06:
b1:11:23:ba:08:07:60:3f:9d:59:73:a9:62:1e:54:
32:e7:ee:dd:7b:c1:17:81:11:68:eb:a7:5c:bb:e1:
45:d4:49:fd:17:5f:90:9c:95:3f:f1:71:93:92:d3:
18:f2:c5:68:24:d4:9a:15:18:d9:f7:8b:69:48:00:
b6:93:f0:65:50:b4:e1:65:a4:a0:72:5d:d2:29:3a:
e7:af:8d:9b:e8:83:87:1e:77:a1:eb:d9:f6:80:65:
4f:9a:9d:c8:be:e0:a5:38:10:b8:e8:f9:4e:51:4e:
35:c3:0f:72:c1:42:bc:35:c7:1b:f3:5e:44:4d:67:
58:03:8b:ed:e0:82:5c:3b:37:03:38:df:db:0b:c6:
33:ec:69:32:e3:c8:fc:b8:3d:9a:a7:36:5d:8c:be:
1d:8b:cf:88:1d:44:29:15:d3:bb:62:97:2e:4e:6e:
ea:b1:14:2b:d4:ef:b5:c1:86:c9:b9:1e:1d:ab:5d:
47:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C7:74:2D:8B:48:1D:6A:2F:D1:8A:67:38:D6:E4:FA:B7:4D:0E:C5:C8
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/BC6278CE5EA011EE8F63D1824AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.116.0/24
Signature Algorithm: sha256WithRSAEncryption
50:df:5d:00:ec:aa:fb:30:e5:d1:2d:67:fb:73:9f:0c:88:71:
77:96:6e:47:ae:34:4d:ee:d7:20:1f:32:a1:75:08:f9:75:e6:
64:20:3a:9e:e9:09:66:6e:ce:37:b1:87:4e:94:92:27:8d:a1:
fc:75:70:5d:ec:a1:02:41:00:33:08:ab:6c:9f:20:02:91:3e:
4e:6c:ff:dc:b4:2f:07:82:f0:c9:0d:2b:66:20:ef:72:92:86:
fc:e5:02:15:bd:2b:0b:55:cc:d5:85:10:d0:1d:7a:96:5b:17:
af:c2:4b:54:7e:2c:e5:03:6a:2f:85:9f:7c:89:b0:36:23:27:
3c:85:bf:75:06:1f:29:4c:40:16:1f:fd:4f:f1:61:0d:51:2a:
b5:80:34:5e:34:b4:8f:e9:33:af:1a:64:1a:5b:d9:ea:cc:b4:
c0:2b:d4:fc:e9:6b:cc:7c:7d:c8:ed:14:3d:1e:21:e9:1f:64:
be:86:b2:35:d8:bb:4d:e5:0a:88:b3:37:2b:16:b3:bf:41:27:
d4:50:f1:56:67:8e:f8:c5:07:51:58:b4:9b:35:01:7d:66:64:
de:41:de:37:3c:9d:6e:99:cc:be:34:ad:d2:78:4f:eb:20:6c:
fa:26:3e:ac:7c:be:6e:2a:b5:6e:8e:63:bd:1c:ea:c5:b9:b5:
dd:71:9e:be
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBMkwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA5MjkwODE4MTFaFw0yNDA5MjkwODE4MTFaMBgxFjAU
BgNVBAMTDTY1MTY4ODQ2LWU2NDkwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDCM9YXtoDR4UwYtGiXqOUuB20vb11zihHxBGHy3clYeDJtRCj8Jb+Mt5cq
t3QV45+BZof+r4ZB3uBMssYyhMDP1/kjjxtJQH5rBrERI7oIB2A/nVlzqWIeVDLn
7t17wReBEWjrp1y74UXUSf0XX5CclT/xcZOS0xjyxWgk1JoVGNn3i2lIALaT8GVQ
tOFlpKByXdIpOuevjZvog4ced6Hr2faAZU+anci+4KU4ELjo+U5RTjXDD3LBQrw1
xxvzXkRNZ1gDi+3gglw7NwM439sLxjPsaTLjyPy4PZqnNl2Mvh2Lz4gdRCkV07ti
ly5ObuqxFCvU77XBhsm5Hh2rXUcXAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUx3Qt
i0gdai/Rimc41uT6t00OxcgwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0JDNjI3OENFNUVBMDExRUU4RjYzRDE4MjRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHQwDQYJKoZIhvcNAQELBQAD
ggEBAFDfXQDsqvsw5dEtZ/tznwyIcXeWbkeuNE3u1yAfMqF1CPl15mQgOp7pCWZu
zjexh06UkieNofx1cF3soQJBADMIq2yfIAKRPk5s/9y0LweC8MkNK2Yg73KShvzl
AhW9KwtVzNWFENAdepZbF6/CS1R+LOUDai+Fn3yJsDYjJzyFv3UGHylMQBYf/U/x
YQ1RKrWANF40tI/pM68aZBpb2erMtMAr1Pzpa8x8fcjtFD0eIekfZL6GsjXYu03l
CoizNysWs79BJ9RQ8VZnjvjFB1FYtJs1AX1mZN5B3jc8nW6ZzL40rdJ4T+sgbPom
Pqx8vm4qtW6OY70c6sW5td1xnr4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org