Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/C6C82C3A384111EE96B09C654AD9E6FC.roa
File: C6C82C3A384111EE96B09C654AD9E6FC.roa (raw, json)
Hash identifier: RVjfNA1s+5BdoMXI1k0chYZO/uOq21xTy3cJgzK134M=
Subject key identifier: 8E:08:67:DE:D9:DF:0C:B4:20:CE:22:24:76:10:CE:96:47:BD:F9:4F
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0471
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/C6C82C3A384111EE96B09C654AD9E6FC.roa
Signing time: Fri 11 Aug 2023 12:22:45 +0000
ROA not before: Fri 11 Aug 2023 12:22:42 +0000
ROA not after: Sun 11 Aug 2024 12:22:42 +0000
asID: 50738
IP address blocks: 156.0.104.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1137 (0x471)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Aug 11 12:22:42 2023 GMT
Not After : Aug 11 12:22:42 2024 GMT
Subject: CN=64d62815-433b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:70:4b:fc:d3:2a:6e:af:46:a2:5b:0c:37:e7:
d8:a9:9c:a8:a6:af:fc:4c:29:6e:ae:03:ba:b7:ae:
d4:ac:d9:40:b2:1b:0b:73:7d:80:16:7e:27:dc:cd:
08:f2:2c:6b:6f:05:c5:62:e2:df:51:7a:e3:96:5a:
26:21:ed:6e:9e:3b:16:47:84:0e:5c:1b:13:c6:41:
a7:02:33:11:dc:05:58:13:6f:62:94:94:c2:d8:28:
a9:c2:ab:47:0d:5b:39:5b:f9:85:92:c5:1a:86:0d:
e0:47:67:03:62:57:2a:4f:b9:9b:a3:50:eb:ac:04:
51:e9:f6:fe:99:5c:d4:f5:5f:77:73:7e:11:a8:30:
57:20:d7:87:f5:07:dd:f4:b9:27:be:57:c7:cc:94:
d0:b6:c2:da:ba:3f:01:69:e1:1b:1c:f9:3a:b4:4a:
7e:49:d0:fb:e0:c1:40:fd:26:b6:d8:75:0b:76:0a:
b7:e1:6e:2e:de:8e:45:56:8c:88:2f:c9:ab:4f:4a:
d3:05:40:47:06:11:5a:26:09:54:51:75:ef:8c:c2:
e3:17:20:5e:ec:5b:e8:0d:99:2d:98:86:41:98:cd:
ac:1f:ee:ff:d1:bf:9e:cc:a4:9b:d3:66:03:b9:e7:
5f:65:43:76:ea:27:8e:07:0c:43:e4:31:d5:f8:ba:
4e:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:08:67:DE:D9:DF:0C:B4:20:CE:22:24:76:10:CE:96:47:BD:F9:4F
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/C6C82C3A384111EE96B09C654AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.104.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:ac:b0:66:da:a2:39:8e:66:e4:39:10:3f:ec:38:69:21:48:
b5:d3:4b:fa:f3:67:14:7e:80:c5:e3:5e:c3:35:69:9b:4d:e5:
34:26:a0:67:eb:d7:27:12:e6:6a:76:1c:a5:44:63:4e:12:2c:
29:7f:d1:20:65:4b:7b:a1:1a:06:c5:bd:c1:88:f2:98:23:ae:
87:98:2d:60:c2:df:2c:18:d9:5e:b8:14:74:1d:4b:91:65:26:
87:c1:ac:54:4a:51:25:ab:d0:47:a2:0e:a2:90:90:d2:a9:51:
b6:2e:aa:dd:21:88:88:fb:7d:8a:46:cc:c0:b7:ed:37:30:4c:
11:c0:2a:3a:19:dc:22:0f:78:e2:3d:ad:6a:f6:6d:99:20:58:
11:45:d7:ed:c8:1d:6d:03:58:62:63:ac:b5:92:df:a3:80:0f:
1b:8a:71:68:2a:85:64:d2:64:dd:20:b2:cb:0c:4f:b6:dd:2a:
cc:67:9b:b2:4f:75:0d:f9:d3:bc:ef:77:a2:99:ae:3e:69:c0:
18:f4:03:52:9e:b6:f5:98:dd:d2:4e:45:ff:31:7a:1b:36:b9:
e1:d9:3e:43:13:9d:dd:53:f4:3b:11:14:db:fe:0d:8b:2e:14:
a5:86:99:9b:ed:8d:66:dd:b6:43:9b:9d:55:bf:d1:bc:96:7c:
13:ef:b3:ee
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBHEwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA4MTExMjIyNDJaFw0yNDA4MTExMjIyNDJaMBgxFjAU
BgNVBAMTDTY0ZDYyODE1LTQzM2IwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDNcEv80ypur0aiWww359ipnKimr/xMKW6uA7q3rtSs2UCyGwtzfYAWfifc
zQjyLGtvBcVi4t9ReuOWWiYh7W6eOxZHhA5cGxPGQacCMxHcBVgTb2KUlMLYKKnC
q0cNWzlb+YWSxRqGDeBHZwNiVypPuZujUOusBFHp9v6ZXNT1X3dzfhGoMFcg14f1
B930uSe+V8fMlNC2wtq6PwFp4Rsc+Tq0Sn5J0PvgwUD9JrbYdQt2Crfhbi7ejkVW
jIgvyatPStMFQEcGEVomCVRRde+MwuMXIF7sW+gNmS2YhkGYzawf7v/Rv57MpJvT
ZgO5519lQ3bqJ44HDEPkMdX4uk7bAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUjghn
3tnfDLQgziIkdhDOlke9+U8wHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0M2QzgyQzNBMzg0MTExRUU5NkIwOUM2NTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAGgwDQYJKoZIhvcNAQELBQAD
ggEBAKmssGbaojmOZuQ5ED/sOGkhSLXTS/rzZxR+gMXjXsM1aZtN5TQmoGfr1ycS
5mp2HKVEY04SLCl/0SBlS3uhGgbFvcGI8pgjroeYLWDC3ywY2V64FHQdS5FlJofB
rFRKUSWr0EeiDqKQkNKpUbYuqt0hiIj7fYpGzMC37TcwTBHAKjoZ3CIPeOI9rWr2
bZkgWBFF1+3IHW0DWGJjrLWS36OADxuKcWgqhWTSZN0gsssMT7bdKsxnm7JPdQ35
07zvd6KZrj5pwBj0A1KetvWY3dJORf8xehs2ueHZPkMTnd1T9DsRFNv+DYsuFKWG
mZvtjWbdtkObnVW/0byWfBPvs+4=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org