Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/CC07B174174511EEBA8DFF134AD9E6FC.roa
File: CC07B174174511EEBA8DFF134AD9E6FC.roa (raw, json)
Hash identifier: 0pXdYiCoxB4vHQ9Aw9nXSKOIdng5kRkKT5cjIrxiPYo=
Subject key identifier: E8:D7:1B:BF:9A:DF:13:C3:D8:DE:A6:FC:E7:3B:B4:31:50:F9:73:41
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 03E2
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/CC07B174174511EEBA8DFF134AD9E6FC.roa
Signing time: Fri 30 Jun 2023 12:58:24 +0000
ROA not before: Fri 30 Jun 2023 12:58:20 +0000
ROA not after: Sun 30 Jun 2024 12:58:20 +0000
asID: 328227
IP address blocks: 156.0.104.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 994 (0x3e2)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 12:58:20 2023 GMT
Not After : Jun 30 12:58:20 2024 GMT
Subject: CN=649ed170-0a7d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5d:d3:08:8d:a1:08:e8:18:48:65:11:25:2a:
a0:ea:3f:b9:6c:c1:33:73:a0:f8:34:27:89:2e:60:
2a:c2:d4:21:a1:45:48:a7:bf:86:ab:86:f0:f2:5c:
d5:b9:c3:43:82:4b:ed:28:d9:7c:9d:22:b5:a1:5c:
09:f5:00:67:c5:f1:3c:68:7f:3f:14:4d:22:c2:e3:
d0:aa:2c:20:59:9d:5f:b2:a2:4c:08:8e:4d:b6:c3:
a4:8a:e6:a5:ac:53:a5:73:d0:53:b3:1a:00:1a:48:
5c:87:36:ed:4f:f5:6a:64:a1:ca:3f:ba:d6:1d:33:
6a:52:ad:39:b4:51:f4:e0:ff:f5:42:1a:9e:8c:95:
1a:9f:b2:aa:6b:87:d5:20:0e:ee:87:8e:ae:42:c9:
2d:5c:4c:ae:6b:f8:01:e9:ce:86:bd:0d:f4:07:32:
82:1a:54:f5:b8:16:f3:63:e7:2b:d0:99:01:ac:4f:
bf:45:c7:b1:53:09:5d:d3:5c:37:76:69:74:62:92:
e2:2c:68:1a:35:44:c9:5c:6a:7c:72:25:f0:bc:0d:
f7:2a:87:d0:51:06:2e:d0:65:33:6b:34:40:ff:3f:
d7:32:1b:e1:0d:5b:c7:10:cb:30:1c:42:36:5b:39:
81:0a:bc:f7:c4:21:22:2f:78:ca:2a:71:50:3e:35:
45:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:D7:1B:BF:9A:DF:13:C3:D8:DE:A6:FC:E7:3B:B4:31:50:F9:73:41
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/CC07B174174511EEBA8DFF134AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.104.0/24
Signature Algorithm: sha256WithRSAEncryption
64:a3:10:25:97:08:79:62:9b:b1:f9:45:ce:02:0d:3b:8b:78:
15:13:bd:a2:ee:69:5c:5b:50:0f:a0:56:4e:99:2e:38:36:38:
50:bc:79:16:b1:ab:ab:53:89:cc:03:40:97:18:49:fa:78:ee:
49:08:15:a8:5c:f4:23:bc:47:41:8e:43:c6:4d:f0:47:2e:97:
09:74:5e:2d:b9:00:d7:7f:18:e8:e1:df:14:93:f9:10:78:e6:
ec:b4:67:05:87:10:b2:7b:e0:30:a7:80:12:12:9c:32:1f:40:
b6:2c:33:fc:d1:7d:ec:0d:fb:07:9a:a7:7a:a0:a5:01:33:68:
e0:98:e1:55:1c:db:c9:14:c6:c3:03:d1:3a:d3:ac:36:fd:9f:
fa:4f:55:04:fe:ae:82:a4:0a:10:c2:d4:56:3a:33:01:fe:20:
72:56:04:4b:d3:2c:06:b0:42:03:14:f9:dd:5e:69:3f:93:c1:
ca:fb:3a:65:46:37:dc:a1:af:09:67:f6:fc:02:9d:20:8a:97:
c4:12:fe:b0:d0:f3:42:c4:d2:b4:97:78:e8:ce:25:e7:09:3b:
58:00:ed:32:ef:77:bd:02:ba:e1:0f:94:dd:2e:4e:61:11:11:
3b:7e:21:b4:9d:82:88:c3:e6:f8:db:ed:3b:4c:ec:4e:d1:31:
81:ea:c9:77
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA+IwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMjU4MjBaFw0yNDA2MzAxMjU4MjBaMBgxFjAU
BgNVBAMTDTY0OWVkMTcwLTBhN2QwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCrXdMIjaEI6BhIZRElKqDqP7lswTNzoPg0J4kuYCrC1CGhRUinv4arhvDy
XNW5w0OCS+0o2XydIrWhXAn1AGfF8Txofz8UTSLC49CqLCBZnV+yokwIjk22w6SK
5qWsU6Vz0FOzGgAaSFyHNu1P9Wpkoco/utYdM2pSrTm0UfTg//VCGp6MlRqfsqpr
h9UgDu6Hjq5CyS1cTK5r+AHpzoa9DfQHMoIaVPW4FvNj5yvQmQGsT79Fx7FTCV3T
XDd2aXRikuIsaBo1RMlcanxyJfC8Dfcqh9BRBi7QZTNrNED/P9cyG+ENW8cQyzAc
QjZbOYEKvPfEISIveMoqcVA+NUVnAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU6Ncb
v5rfE8PY3qb85zu0MVD5c0EwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0NDMDdCMTc0MTc0NTExRUVCQThERkYxMzRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAGgwDQYJKoZIhvcNAQELBQAD
ggEBAGSjECWXCHlim7H5Rc4CDTuLeBUTvaLuaVxbUA+gVk6ZLjg2OFC8eRaxq6tT
icwDQJcYSfp47kkIFahc9CO8R0GOQ8ZN8Eculwl0Xi25ANd/GOjh3xST+RB45uy0
ZwWHELJ74DCngBISnDIfQLYsM/zRfewN+weap3qgpQEzaOCY4VUc28kUxsMD0TrT
rDb9n/pPVQT+roKkChDC1FY6MwH+IHJWBEvTLAawQgMU+d1eaT+Twcr7OmVGN9yh
rwln9vwCnSCKl8QS/rDQ80LE0rSXeOjOJecJO1gA7TLvd70CuuEPlN0uTmERETt+
IbSdgojD5vjb7TtM7E7RMYHqyXc=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:07 2024 by rpki-client on console-fra.rpki-client.org