Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E7A6A53C32CC11EEBAF090684AD9E6FC.roa
File: E7A6A53C32CC11EEBAF090684AD9E6FC.roa (raw, json)
Hash identifier: u4CjGbfrSri56kPRTnYc18rn1opumDAiV8Y8od4DHyQ=
Subject key identifier: 18:C8:16:A6:B7:6D:AC:14:1A:95:C3:6D:02:FE:04:2F:BC:40:98:11
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0454
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E7A6A53C32CC11EEBAF090684AD9E6FC.roa
Signing time: Fri 04 Aug 2023 13:43:34 +0000
ROA not before: Fri 04 Aug 2023 13:43:30 +0000
ROA not after: Sun 04 Aug 2024 13:43:30 +0000
asID: 328227
IP address blocks: 156.0.112.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1108 (0x454)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Aug 4 13:43:30 2023 GMT
Not After : Aug 4 13:43:30 2024 GMT
Subject: CN=64cd0086-99d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f6:98:d2:85:8b:10:70:ff:1b:fa:4d:b0:38:
bf:44:5a:c2:94:ad:b1:04:7f:e1:ea:5c:0b:14:62:
58:76:e4:b8:c2:a1:3a:b9:b4:d5:bf:52:c5:b8:6f:
4c:e6:58:3b:6c:e4:d2:3f:f2:05:a6:52:29:48:24:
67:92:f4:b9:43:06:f9:38:69:06:74:b1:ec:2a:73:
72:29:94:3b:7d:50:41:23:ea:57:b4:d4:82:e1:25:
4b:37:e8:b0:c0:e2:c4:22:66:40:32:93:9e:29:58:
eb:47:41:ce:d8:bc:65:51:9a:ed:1b:8b:cf:6f:46:
59:37:46:2b:ce:f8:95:9f:11:0a:c7:e4:f5:9c:2d:
29:57:04:96:ef:96:a4:c3:01:09:56:6e:42:73:eb:
0a:58:48:7a:f8:95:0e:63:7e:75:ea:8d:48:89:27:
3f:1c:a0:bf:f1:08:59:df:75:e8:58:f0:ac:59:65:
b1:61:0e:c3:9a:59:07:eb:39:98:38:d9:01:0c:f4:
57:14:75:c6:f0:63:52:9e:0d:88:a3:46:ae:00:45:
99:8f:01:44:25:a5:1b:41:63:a3:43:6c:76:63:f4:
ca:58:37:49:88:aa:2f:d4:f4:22:48:1c:2f:1b:1b:
b7:0c:13:38:71:9f:68:e8:bb:c7:44:8e:c9:5d:3a:
37:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
18:C8:16:A6:B7:6D:AC:14:1A:95:C3:6D:02:FE:04:2F:BC:40:98:11
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E7A6A53C32CC11EEBAF090684AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.112.0/24
Signature Algorithm: sha256WithRSAEncryption
61:14:76:a1:5a:fd:07:15:9b:c2:00:df:5a:fa:dc:e6:99:a1:
e8:bf:47:5d:e7:60:9e:97:c9:b8:ca:db:37:94:75:3a:51:dc:
fb:09:98:62:23:7c:9d:8b:c3:dd:54:f3:7c:28:d7:82:e8:6d:
d4:ab:b5:e3:7f:ba:66:29:bd:a2:e5:28:28:e5:b6:61:44:72:
d0:7f:f6:6b:bb:4d:75:48:fe:68:8d:2c:93:5e:2c:c0:a6:ee:
5c:23:47:7f:c3:9b:31:6e:4e:d0:07:e2:30:77:45:59:c1:f2:
73:67:f2:7b:6e:5f:13:64:d1:35:ba:5e:0a:ff:1c:06:e9:ad:
41:49:66:b3:ff:de:1e:f2:f2:d7:bc:ac:36:c4:e2:fc:3c:82:
a3:f7:0a:89:c4:f6:c1:ed:21:0a:24:ed:b7:f7:e3:22:c7:2d:
f0:a5:2a:b3:91:9a:52:10:94:ee:21:5b:ee:0d:e4:99:69:cd:
e6:07:f6:7e:a3:bc:82:c1:7d:ee:19:7b:48:a8:1f:ff:83:2e:
c6:ca:37:d0:d3:1c:a5:40:08:d2:8f:e4:b5:82:fd:40:3d:a6:
9e:9b:57:d1:58:6e:38:4d:1a:d2:fc:1a:88:38:9b:aa:66:84:
49:0d:a7:d2:0e:4b:82:b2:7b:04:5c:17:a9:43:8c:ae:42:0b:
d6:e2:16:c9
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBFQwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA4MDQxMzQzMzBaFw0yNDA4MDQxMzQzMzBaMBgxFjAU
BgNVBAMTDTY0Y2QwMDg2LTk5ZDUwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCm9pjShYsQcP8b+k2wOL9EWsKUrbEEf+HqXAsUYlh25LjCoTq5tNW/UsW4
b0zmWDts5NI/8gWmUilIJGeS9LlDBvk4aQZ0sewqc3IplDt9UEEj6le01ILhJUs3
6LDA4sQiZkAyk54pWOtHQc7YvGVRmu0bi89vRlk3RivO+JWfEQrH5PWcLSlXBJbv
lqTDAQlWbkJz6wpYSHr4lQ5jfnXqjUiJJz8coL/xCFnfdehY8KxZZbFhDsOaWQfr
OZg42QEM9FcUdcbwY1KeDYijRq4ARZmPAUQlpRtBY6NDbHZj9MpYN0mIqi/U9CJI
HC8bG7cMEzhxn2jou8dEjsldOjdRAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUGMgW
prdtrBQalcNtAv4EL7xAmBEwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0U3QTZBNTNDMzJDQzExRUVCQUYwOTA2ODRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHAwDQYJKoZIhvcNAQELBQAD
ggEBAGEUdqFa/QcVm8IA31r63OaZoei/R13nYJ6XybjK2zeUdTpR3PsJmGIjfJ2L
w91U83wo14LobdSrteN/umYpvaLlKCjltmFEctB/9mu7TXVI/miNLJNeLMCm7lwj
R3/DmzFuTtAH4jB3RVnB8nNn8ntuXxNk0TW6Xgr/HAbprUFJZrP/3h7y8te8rDbE
4vw8gqP3ConE9sHtIQok7bf34yLHLfClKrORmlIQlO4hW+4N5JlpzeYH9n6jvILB
fe4Ze0ioH/+DLsbKN9DTHKVACNKP5LWC/UA9pp6bV9FYbjhNGtL8Gog4m6pmhEkN
p9IOS4KyewRcF6lDjK5CC9biFsk=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org