Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/DA8C45260A9211EE9DF171144AD9E6FC.roa
File: DA8C45260A9211EE9DF171144AD9E6FC.roa (raw, json)
Hash identifier: ioC4MhXcya/0aI11AqMsPGAGSZXuJKx6Yim6dqHVNX4=
Subject key identifier: 91:5C:9B:72:40:5D:6F:44:F9:8A:FB:B2:D6:92:B3:F1:48:C8:0A:AD
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 03C4
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/DA8C45260A9211EE9DF171144AD9E6FC.roa
Signing time: Wed 14 Jun 2023 09:07:14 +0000
ROA not before: Wed 14 Jun 2023 09:07:11 +0000
ROA not after: Fri 14 Jun 2024 09:07:11 +0000
asID: 57097
IP address blocks: 156.0.115.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 964 (0x3c4)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 14 09:07:11 2023 GMT
Not After : Jun 14 09:07:11 2024 GMT
Subject: CN=64898342-ec7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:b0:9c:f3:2c:7d:db:68:c0:c5:46:30:19:4e:
ec:2e:d4:6e:ef:5b:0f:f4:90:94:41:18:80:25:7e:
d3:0a:8e:4d:be:e4:62:74:61:c9:6c:b6:ad:8d:a8:
61:6d:7f:3c:94:76:37:3e:b5:51:b3:3a:34:d5:ee:
7e:b6:00:b0:d8:c8:71:32:c1:eb:96:f8:a3:3d:91:
bb:fa:cd:58:36:ce:07:2d:ac:c1:90:8d:fc:ac:d5:
09:33:62:71:b3:23:29:e3:3a:3e:ab:bd:d3:63:66:
05:86:49:65:e0:bd:31:c1:1d:e4:85:3d:da:38:d3:
5e:f9:72:7a:aa:3a:09:ed:19:c9:b0:ca:47:67:96:
e8:c4:3f:90:d8:db:3b:64:f5:00:50:bf:ed:94:5d:
2b:db:81:99:43:a6:03:30:57:6e:7a:c3:f7:88:76:
2c:98:18:18:b0:bf:09:25:a2:f0:84:69:51:27:9e:
05:26:09:00:e1:99:a3:0f:57:d5:dc:3a:9c:46:0e:
93:9b:3f:20:fb:3f:98:dc:68:e5:d9:cc:63:29:ae:
af:bb:2e:a0:ca:6e:de:05:80:c0:f9:bf:50:37:da:
29:20:22:53:ab:dd:66:cd:f5:0c:14:39:22:bd:b1:
d3:2d:b6:41:d5:a1:c9:60:59:ea:7a:7d:4f:2e:b5:
9b:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:5C:9B:72:40:5D:6F:44:F9:8A:FB:B2:D6:92:B3:F1:48:C8:0A:AD
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/DA8C45260A9211EE9DF171144AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.115.0/24
Signature Algorithm: sha256WithRSAEncryption
52:c6:b1:16:e2:34:16:1d:79:b2:c1:f4:ac:9c:cb:a0:14:b3:
cb:39:d4:09:71:34:cc:35:d7:f5:ff:c6:23:22:e0:24:be:62:
a2:8f:01:92:a5:e9:3b:42:06:fa:6d:09:24:56:b0:52:26:74:
ef:88:5c:1d:6f:a9:86:34:b4:cb:28:a9:11:a3:05:30:58:83:
7c:2d:ea:de:c0:77:3a:b7:74:c4:bc:34:d9:62:01:21:62:9c:
2e:40:21:c4:a3:1f:93:1a:16:75:3e:5f:84:0a:f3:f5:08:c9:
0b:69:b8:ae:f1:1b:f7:a9:eb:81:e0:d0:15:0e:a9:6c:94:f3:
fc:95:d1:59:fd:c3:9d:97:91:b7:f2:4e:d8:a7:bb:cb:d2:66:
57:1d:c3:4a:d1:c6:48:80:d8:c1:5d:77:fa:d7:fa:64:62:22:
f9:69:bc:62:76:e9:42:86:58:fe:e2:fa:27:2e:4d:3d:70:b1:
77:6b:2a:81:3e:ba:75:5c:cb:66:b4:49:cb:af:59:5c:d5:a8:
f2:1d:37:12:02:c2:3d:e4:11:07:b4:c1:ff:ea:a1:6b:12:76:
c5:f9:55:fe:24:99:68:02:4a:fc:11:ba:a4:cd:a6:ea:e7:a2:
bf:8f:f1:a8:e3:e6:06:89:0e:3f:a5:d5:a3:1e:c9:69:35:66:
10:99:eb:d4
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA8QwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MTQwOTA3MTFaFw0yNDA2MTQwOTA3MTFaMBgxFjAU
BgNVBAMTDTY0ODk4MzQyLWVjN2UwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDNsJzzLH3baMDFRjAZTuwu1G7vWw/0kJRBGIAlftMKjk2+5GJ0Yclstq2N
qGFtfzyUdjc+tVGzOjTV7n62ALDYyHEyweuW+KM9kbv6zVg2zgctrMGQjfys1Qkz
YnGzIynjOj6rvdNjZgWGSWXgvTHBHeSFPdo40175cnqqOgntGcmwykdnlujEP5DY
2ztk9QBQv+2UXSvbgZlDpgMwV256w/eIdiyYGBiwvwklovCEaVEnngUmCQDhmaMP
V9XcOpxGDpObPyD7P5jcaOXZzGMprq+7LqDKbt4FgMD5v1A32ikgIlOr3WbN9QwU
OSK9sdMttkHVoclgWep6fU8utZuxAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUkVyb
ckBdb0T5ivuy1pKz8UjICq0wHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0RBOEM0NTI2MEE5MjExRUU5REYxNzExNDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHMwDQYJKoZIhvcNAQELBQAD
ggEBAFLGsRbiNBYdebLB9Kycy6AUs8s51AlxNMw11/X/xiMi4CS+YqKPAZKl6TtC
BvptCSRWsFImdO+IXB1vqYY0tMsoqRGjBTBYg3wt6t7Adzq3dMS8NNliASFinC5A
IcSjH5MaFnU+X4QK8/UIyQtpuK7xG/ep64Hg0BUOqWyU8/yV0Vn9w52XkbfyTtin
u8vSZlcdw0rRxkiA2MFdd/rX+mRiIvlpvGJ26UKGWP7i+icuTT1wsXdrKoE+unVc
y2a0ScuvWVzVqPIdNxICwj3kEQe0wf/qoWsSdsX5Vf4kmWgCSvwRuqTNpurnor+P
8ajj5gaJDj+l1aMeyWk1ZhCZ69Q=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:07 2024 by rpki-client on console-fra.rpki-client.org