Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E3FD19F4174A11EE970F37244AD9E6FC.roa
File: E3FD19F4174A11EE970F37244AD9E6FC.roa (raw, json)
Hash identifier: IdYXKISFwaKq3OYqqFoM0TPs3QAaXQatf7dbNGZlsuI=
Subject key identifier: 85:F1:0D:BD:F4:AD:DE:EE:62:87:7E:CD:25:3B:65:00:AE:AD:C4:75
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 03FE
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E3FD19F4174A11EE970F37244AD9E6FC.roa
Signing time: Fri 30 Jun 2023 13:34:51 +0000
ROA not before: Fri 30 Jun 2023 13:34:48 +0000
ROA not after: Sun 30 Jun 2024 13:34:48 +0000
asID: 328227
IP address blocks: 156.0.120.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1022 (0x3fe)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 13:34:48 2023 GMT
Not After : Jun 30 13:34:48 2024 GMT
Subject: CN=649ed9fb-7bf1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:f6:89:ca:97:f6:75:f2:8f:50:e6:c8:7a:2c:
4a:df:86:6d:66:6d:72:8f:3b:3e:fc:07:16:f0:c9:
96:0d:4a:31:91:47:61:da:bb:a2:1c:4e:dc:20:ea:
bf:ad:49:fb:cd:78:6e:bb:b4:a4:00:e1:6d:7f:84:
75:77:c6:22:3a:82:81:9b:47:9e:6d:dc:41:c0:bc:
b0:60:b3:d7:7e:70:42:2c:2b:c3:1e:ce:43:a3:1e:
4e:1f:57:5a:72:14:90:bb:46:cb:33:11:aa:b7:32:
c8:6e:23:af:8f:d4:05:82:aa:29:41:a6:46:55:68:
ff:8a:63:38:95:1b:a6:76:6c:5c:42:97:b2:2d:c2:
d7:6a:59:c2:69:f9:98:38:28:66:20:61:9d:a4:d4:
04:f0:cc:cb:4f:04:66:d5:e2:62:0a:9c:d8:bf:db:
4d:bc:39:85:51:a2:d8:8c:24:b5:43:22:f9:a4:21:
f1:06:d6:e7:76:c7:99:70:ed:fe:13:d3:46:f2:7a:
6a:91:0c:6e:c1:fe:f7:55:08:d6:9c:10:06:90:23:
51:72:7c:eb:0f:e2:9f:07:2a:08:ec:e0:32:69:52:
eb:b3:3a:82:3d:07:f0:e4:b7:ee:c9:58:8a:1e:14:
cd:3e:da:4b:01:74:5b:a4:02:e1:67:06:94:71:89:
6a:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:F1:0D:BD:F4:AD:DE:EE:62:87:7E:CD:25:3B:65:00:AE:AD:C4:75
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E3FD19F4174A11EE970F37244AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.120.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:f8:ff:55:8c:61:e8:c2:81:1e:3b:c3:a5:8b:87:ce:d0:da:
29:9f:f2:20:69:62:84:99:bc:8f:6b:d1:0e:7e:78:9a:c3:09:
fa:9e:32:bc:d5:9f:fe:4a:9b:e2:b3:ce:e8:8f:1e:95:5f:0b:
3d:08:ae:1e:1c:36:ba:d5:02:bc:35:92:5b:8e:aa:5f:f4:1d:
77:bf:c8:5c:8a:49:00:8d:f7:56:80:f4:6b:ff:2f:01:cf:44:
25:c5:c9:f4:d0:6d:4c:9f:b8:4a:1b:f6:84:54:13:17:14:a4:
2a:b5:ac:c2:96:2a:6e:90:fb:83:fb:5c:0d:41:86:3d:d7:86:
c4:60:31:30:6a:45:ae:19:29:08:f5:2f:48:cd:91:c2:74:6f:
a7:82:08:d6:44:b1:3a:18:03:bb:6c:38:24:a2:ef:d4:0e:71:
ab:a5:f0:a8:67:1b:23:ac:60:70:5c:89:88:91:1a:70:43:38:
8e:ce:a6:ff:bf:6b:e0:83:c6:4f:95:b0:8b:f4:3f:24:25:d4:
e3:53:25:be:f1:cc:b0:7f:e2:8b:e7:49:a6:19:6d:23:ed:d3:
2f:7c:e0:d8:1c:f5:37:24:7d:51:bf:3f:0a:7e:8c:87:b6:b7:
0f:a0:09:06:59:18:22:ee:ab:30:25:00:ac:4f:d1:e0:d8:50:
a7:1f:e0:c1
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICA/4wDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMzM0NDhaFw0yNDA2MzAxMzM0NDhaMBgxFjAU
BgNVBAMTDTY0OWVkOWZiLTdiZjEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCs9onKl/Z18o9Q5sh6LErfhm1mbXKPOz78BxbwyZYNSjGRR2Hau6IcTtwg
6r+tSfvNeG67tKQA4W1/hHV3xiI6goGbR55t3EHAvLBgs9d+cEIsK8MezkOjHk4f
V1pyFJC7RsszEaq3MshuI6+P1AWCqilBpkZVaP+KYziVG6Z2bFxCl7ItwtdqWcJp
+Zg4KGYgYZ2k1ATwzMtPBGbV4mIKnNi/2028OYVRotiMJLVDIvmkIfEG1ud2x5lw
7f4T00byemqRDG7B/vdVCNacEAaQI1FyfOsP4p8HKgjs4DJpUuuzOoI9B/Dkt+7J
WIoeFM0+2ksBdFukAuFnBpRxiWofAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUhfEN
vfSt3u5ih37NJTtlAK6txHUwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0UzRkQxOUY0MTc0QTExRUU5NzBGMzcyNDRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHgwDQYJKoZIhvcNAQELBQAD
ggEBAJ34/1WMYejCgR47w6WLh87Q2imf8iBpYoSZvI9r0Q5+eJrDCfqeMrzVn/5K
m+KzzuiPHpVfCz0Irh4cNrrVArw1kluOql/0HXe/yFyKSQCN91aA9Gv/LwHPRCXF
yfTQbUyfuEob9oRUExcUpCq1rMKWKm6Q+4P7XA1Bhj3XhsRgMTBqRa4ZKQj1L0jN
kcJ0b6eCCNZEsToYA7tsOCSi79QOcaul8KhnGyOsYHBciYiRGnBDOI7Opv+/a+CD
xk+VsIv0PyQl1ONTJb7xzLB/4ovnSaYZbSPt0y984Ngc9TckfVG/Pwp+jIe2tw+g
CQZZGCLuqzAlAKxP0eDYUKcf4ME=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org