Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/BFC0C5B2174611EEBBE01F174AD9E6FC.roa
File: BFC0C5B2174611EEBBE01F174AD9E6FC.roa (raw, json)
Hash identifier: VPTEjXjEPjuF46WP6Ap8CN5H2VRvoTBwCJKQvWYN1ik=
Subject key identifier: 2F:34:43:EB:BD:0F:37:58:0B:B5:73:FF:50:5D:41:93:1D:F7:A9:67
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 03E8
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/BFC0C5B2174611EEBBE01F174AD9E6FC.roa
Signing time: Fri 30 Jun 2023 13:05:13 +0000
ROA not before: Fri 30 Jun 2023 13:05:09 +0000
ROA not after: Sun 30 Jun 2024 13:05:09 +0000
asID: 328227
IP address blocks: 156.0.107.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1000 (0x3e8)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 13:05:09 2023 GMT
Not After : Jun 30 13:05:09 2024 GMT
Subject: CN=649ed309-84ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:07:1e:b9:26:78:0f:08:d7:d2:ea:13:31:41:
06:48:9e:4e:b2:bb:3b:fd:26:4b:bc:49:45:07:7e:
50:00:0c:fa:64:8f:39:35:95:25:f8:ae:2e:43:93:
2b:db:13:5b:6b:78:dd:fd:d5:14:32:52:7e:e6:46:
37:c8:98:b6:0f:a1:21:21:5a:d8:6c:ba:46:83:59:
e6:e0:e4:e6:0b:2d:6f:43:e8:98:ed:b0:0d:47:07:
f0:91:c4:b7:bc:b3:4c:c5:00:4b:c3:5c:4a:a2:95:
a7:a7:33:d1:92:f0:e6:aa:b1:41:3e:d4:eb:91:f8:
3d:1c:09:bd:12:ef:50:b5:db:33:cf:02:67:92:22:
38:41:7a:aa:71:62:e8:41:61:9c:47:64:9f:a2:9b:
7b:d4:5b:4f:25:fb:14:67:e4:ff:a3:1e:83:76:cf:
71:d5:bf:09:ff:bb:85:fc:1a:9e:5c:23:63:96:31:
61:f3:4e:f2:cf:1f:88:5d:3e:ce:2e:fe:0f:24:29:
4a:49:23:34:10:0b:8f:b1:5c:bc:0f:a7:f1:c7:60:
f6:e3:1c:a2:9b:58:eb:3e:a0:aa:e8:d8:c3:9d:bf:
2e:db:7a:c5:52:9c:0e:98:09:f7:dd:34:fa:4d:93:
ad:12:d5:1d:68:83:20:f4:3f:ae:b1:40:3c:dd:55:
a0:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:34:43:EB:BD:0F:37:58:0B:B5:73:FF:50:5D:41:93:1D:F7:A9:67
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/BFC0C5B2174611EEBBE01F174AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.107.0/24
Signature Algorithm: sha256WithRSAEncryption
99:f8:ab:4d:98:0a:1d:6d:35:b2:10:84:fa:e9:8a:38:12:3a:
3b:5b:d2:6d:fe:e3:a4:39:be:fa:31:b6:26:41:60:d1:8c:e3:
c3:94:8a:3a:33:a9:1d:d8:02:c7:4d:87:dd:ec:23:e7:17:96:
fc:fc:eb:d5:d3:de:e3:7a:e3:07:f3:21:91:6c:91:0f:c6:f9:
5f:89:ac:21:ba:b7:06:35:27:c0:fe:88:25:b3:e3:60:bf:d6:
a9:06:35:22:aa:71:17:f1:30:25:af:4b:12:3d:5b:50:f6:62:
ce:71:3b:94:94:4e:30:47:8c:e8:bf:c2:4f:3d:6e:9b:aa:96:
67:08:5f:91:17:2b:e7:6a:c4:64:47:2e:02:ed:df:58:fe:1b:
06:23:18:27:b0:6f:ae:df:54:eb:65:a3:05:fe:74:f1:5f:19:
5a:04:38:a8:7d:44:47:12:0a:b7:4a:f9:32:a4:4b:d9:90:b8:
38:e3:54:83:7a:24:22:57:70:90:c0:cd:39:4a:f4:b3:03:b9:
fd:b9:64:22:a6:44:20:fa:53:2a:95:2e:54:94:90:80:31:1c:
9f:28:6d:6e:e0:47:80:13:d4:b0:62:33:5d:96:95:cb:fd:0f:
21:79:a2:2b:76:27:05:07:33:26:ec:dd:eb:c3:59:37:a1:ad:
49:8e:61:a1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA+gwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMzA1MDlaFw0yNDA2MzAxMzA1MDlaMBgxFjAU
BgNVBAMTDTY0OWVkMzA5LTg0YWIwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCZBx65JngPCNfS6hMxQQZInk6yuzv9Jku8SUUHflAADPpkjzk1lSX4ri5D
kyvbE1treN391RQyUn7mRjfImLYPoSEhWthsukaDWebg5OYLLW9D6JjtsA1HB/CR
xLe8s0zFAEvDXEqilaenM9GS8OaqsUE+1OuR+D0cCb0S71C12zPPAmeSIjhBeqpx
YuhBYZxHZJ+im3vUW08l+xRn5P+jHoN2z3HVvwn/u4X8Gp5cI2OWMWHzTvLPH4hd
Ps4u/g8kKUpJIzQQC4+xXLwPp/HHYPbjHKKbWOs+oKro2MOdvy7besVSnA6YCffd
NPpNk60S1R1ogyD0P66xQDzdVaA5AgMBAAGjggKiMIICnjAdBgNVHQ4EFgQULzRD
670PN1gLtXP/UF1Bkx33qWcwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0JGQzBDNUIyMTc0NjExRUVCQkUwMUYxNzRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAGswDQYJKoZIhvcNAQELBQAD
ggEBAJn4q02YCh1tNbIQhPrpijgSOjtb0m3+46Q5vvoxtiZBYNGM48OUijozqR3Y
AsdNh93sI+cXlvz869XT3uN64wfzIZFskQ/G+V+JrCG6twY1J8D+iCWz42C/1qkG
NSKqcRfxMCWvSxI9W1D2Ys5xO5SUTjBHjOi/wk89bpuqlmcIX5EXK+dqxGRHLgLt
31j+GwYjGCewb67fVOtlowX+dPFfGVoEOKh9REcSCrdK+TKkS9mQuDjjVIN6JCJX
cJDAzTlK9LMDuf25ZCKmRCD6UyqVLlSUkIAxHJ8obW7gR4AT1LBiM12Wlcv9DyF5
oit2JwUHMybs3evDWTehrUmOYaE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org