Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E589B5F6174B11EE963922274AD9E6FC.roa
File: E589B5F6174B11EE963922274AD9E6FC.roa (raw, json)
Hash identifier: dUrWkI2wqsaLRg5FbLtYdkZKIypCV9xJ8w8KNxegGHI=
Subject key identifier: 75:D0:F3:8F:03:D7:AD:A7:B2:81:B8:1E:74:ED:F8:F6:F7:BC:D0:00
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0406
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E589B5F6174B11EE963922274AD9E6FC.roa
Signing time: Fri 30 Jun 2023 13:42:04 +0000
ROA not before: Fri 30 Jun 2023 13:42:00 +0000
ROA not after: Sun 30 Jun 2024 13:42:00 +0000
asID: 328227
IP address blocks: 156.0.124.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1030 (0x406)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Jun 30 13:42:00 2023 GMT
Not After : Jun 30 13:42:00 2024 GMT
Subject: CN=649edbab-c34c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:ab:64:4d:30:7d:a4:53:f7:24:98:ac:8f:05:
e1:3f:10:7e:6b:e3:91:54:38:8f:79:db:f7:ed:e3:
70:41:dd:67:df:fc:40:ac:ab:14:2b:f5:40:ec:70:
bb:8b:5a:13:57:54:ba:f1:a8:bb:cc:4a:91:f6:fe:
f5:15:c3:6f:ca:ca:14:a4:9e:f0:53:bb:5d:9b:a0:
74:c7:dc:df:cb:04:ce:9e:ab:5f:fb:48:11:e2:8e:
f8:00:76:7e:45:32:b4:39:03:c9:bb:7c:36:ed:51:
ae:f5:d7:86:73:a1:46:29:7b:68:3c:24:db:64:c5:
53:48:d3:79:8b:ff:94:36:31:cd:97:f2:c3:33:72:
49:46:a0:9b:03:ca:d5:7e:aa:47:28:98:ae:31:bc:
95:ff:3c:c3:d0:4a:cd:b1:13:51:a3:1a:db:b8:83:
13:32:6e:2a:b2:71:89:33:04:50:67:04:4d:45:53:
b5:15:aa:a0:c5:d3:1a:31:fc:c3:c0:0e:63:45:f2:
20:cf:6f:70:01:15:3f:0e:1b:75:63:5a:f6:95:8e:
c6:74:d8:e6:c0:e7:26:a5:09:cf:03:9e:ee:85:bf:
c7:db:91:89:72:51:82:98:9b:5c:9e:4b:f1:59:50:
65:2a:93:0d:ce:0e:75:10:e3:9b:c0:e0:dd:e7:cc:
5a:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:D0:F3:8F:03:D7:AD:A7:B2:81:B8:1E:74:ED:F8:F6:F7:BC:D0:00
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E589B5F6174B11EE963922274AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.124.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:41:ee:c1:56:d5:3d:91:53:db:a0:d8:3c:57:06:c2:7c:34:
a4:0d:85:b7:34:23:09:fa:1a:74:97:7e:f6:48:01:66:09:13:
5e:78:d7:37:fc:2a:fd:24:2e:86:01:56:ef:96:d6:c6:c4:4f:
7a:5a:a6:af:e5:09:fe:a9:16:d0:31:f9:68:34:32:e7:2c:72:
d5:33:c8:8c:ad:49:69:60:0c:8d:63:be:4f:35:2a:7d:8d:65:
89:34:e8:b9:34:50:f7:eb:e1:2c:01:fd:45:eb:68:be:a9:0a:
2e:24:bc:bf:2a:0a:a8:56:7c:91:71:a6:bc:34:84:68:af:a6:
c1:2c:b6:58:b9:e5:95:7c:d8:f6:d6:26:a7:55:21:40:6e:9e:
a0:40:cb:da:fd:b7:2c:1c:bd:b6:45:d0:e1:6c:35:00:2a:cd:
0e:5b:f6:dc:18:98:73:d6:6c:f7:8e:67:55:d7:6c:3c:0c:e9:
1a:99:1b:2b:60:d7:f3:f2:15:29:fc:5b:ec:33:07:97:e1:67:
e7:05:7c:0b:bb:49:0e:43:d7:39:e9:b6:22:c3:07:45:61:75:
7a:01:e5:66:85:1e:8c:e5:fa:a5:e6:27:3b:63:5f:8b:47:c2:
2f:d8:14:59:75:5e:9a:ce:21:f3:e3:af:29:20:79:31:f7:90:
91:59:7c:6c
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBAYwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA2MzAxMzQyMDBaFw0yNDA2MzAxMzQyMDBaMBgxFjAU
BgNVBAMTDTY0OWVkYmFiLWMzNGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDGq2RNMH2kU/ckmKyPBeE/EH5r45FUOI952/ft43BB3Wff/ECsqxQr9UDs
cLuLWhNXVLrxqLvMSpH2/vUVw2/KyhSknvBTu12boHTH3N/LBM6eq1/7SBHijvgA
dn5FMrQ5A8m7fDbtUa7114ZzoUYpe2g8JNtkxVNI03mL/5Q2Mc2X8sMzcklGoJsD
ytV+qkcomK4xvJX/PMPQSs2xE1GjGtu4gxMybiqycYkzBFBnBE1FU7UVqqDF0xox
/MPADmNF8iDPb3ABFT8OG3VjWvaVjsZ02ObA5yalCc8Dnu6Fv8fbkYlyUYKYm1ye
S/FZUGUqkw3ODnUQ45vA4N3nzFqfAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUddDz
jwPXraeygbgedO349ve80AAwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0U1ODlCNUY2MTc0QjExRUU5NjM5MjIyNzRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHwwDQYJKoZIhvcNAQELBQAD
ggEBAKlB7sFW1T2RU9ug2DxXBsJ8NKQNhbc0Iwn6GnSXfvZIAWYJE1541zf8Kv0k
LoYBVu+W1sbET3papq/lCf6pFtAx+Wg0MucsctUzyIytSWlgDI1jvk81Kn2NZYk0
6Lk0UPfr4SwB/UXraL6pCi4kvL8qCqhWfJFxprw0hGivpsEstli55ZV82PbWJqdV
IUBunqBAy9r9tywcvbZF0OFsNQAqzQ5b9twYmHPWbPeOZ1XXbDwM6RqZGytg1/Py
FSn8W+wzB5fhZ+cFfAu7SQ5D1znptiLDB0VhdXoB5WaFHozl+qXmJztjX4tHwi/Y
FFl1XprOIfPjrykgeTH3kJFZfGw=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org