Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E7CAE7842CCB11ECA7D2450AD8A014CE.roa
File: E7CAE7842CCB11ECA7D2450AD8A014CE.roa (raw, json)
Hash identifier: UBgaE0TGBCcQXLSqtr27YyqFxTCNXXC+N/gKYkQGiro=
Subject key identifier: E7:D6:E5:60:A7:02:2D:C8:5B:99:50:AD:D3:2A:42:C0:2B:9A:7B:C1
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0128
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E7CAE7842CCB11ECA7D2450AD8A014CE.roa
Signing time: Thu 14 Oct 2021 08:51:22 +0000
ROA not before: Thu 14 Oct 2021 08:51:18 +0000
ROA not after: Fri 14 Oct 2022 08:51:18 +0000
asID: 328227
IP address blocks: 156.0.112.0/24 maxlen: 24
156.0.113.0/24 maxlen: 24
156.0.114.0/24 maxlen: 24
156.0.115.0/24 maxlen: 24
156.0.116.0/24 maxlen: 24
156.0.117.0/24 maxlen: 24
156.0.118.0/24 maxlen: 24
156.0.119.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 296 (0x128)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Oct 14 08:51:18 2021 GMT
Not After : Oct 14 08:51:18 2022 GMT
Subject: CN=6167ef8a-9a0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a6:a3:59:40:d9:d8:97:70:96:ff:0b:cf:25:
63:0d:e0:06:58:5c:d9:b7:e1:bd:b3:e8:a3:b0:ac:
10:f7:ed:be:c3:52:53:78:e6:86:72:ee:5b:d9:ca:
a5:ca:dd:55:40:16:1e:0c:b1:e8:9b:2a:9b:11:35:
5a:b9:cd:d6:bc:1f:c8:a7:43:5e:8d:ce:ce:63:51:
24:99:0f:53:c3:ff:6f:34:c2:b5:87:b9:ba:b7:e3:
fe:93:0a:ed:0b:7e:de:4d:f9:2d:14:04:79:ed:f5:
29:53:a4:95:fb:3c:f6:0b:f1:37:f6:0d:40:19:db:
a3:e9:7a:53:b9:eb:c3:2f:bb:a9:4f:eb:e5:42:a4:
62:29:5e:11:8b:1d:46:b8:be:6c:ce:f2:04:97:93:
1c:17:bc:3d:4d:98:fe:89:f5:fa:db:3d:26:8e:55:
77:83:1e:2e:21:07:71:b2:03:85:a4:08:7c:9b:ce:
71:17:16:31:3a:0c:90:5f:40:bf:1b:72:1c:ce:b6:
3d:48:9c:f1:a1:45:d3:5f:b8:ed:5e:0f:0a:2c:00:
55:19:40:99:73:6e:21:c6:14:3c:28:5b:14:1e:c1:
c6:dd:ca:57:5d:db:9f:33:9c:e5:c4:98:16:5d:9c:
d1:e8:16:5a:f6:6e:9e:61:2b:de:d8:83:e6:b0:91:
49:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:D6:E5:60:A7:02:2D:C8:5B:99:50:AD:D3:2A:42:C0:2B:9A:7B:C1
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E7CAE7842CCB11ECA7D2450AD8A014CE.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.112.0/21
Signature Algorithm: sha256WithRSAEncryption
34:24:32:fb:91:e0:68:84:08:fe:5c:22:44:fe:84:44:73:4b:
07:67:61:ec:57:47:88:af:00:2a:76:fc:5a:22:d8:a1:fa:c2:
a3:34:2f:80:3d:0e:e1:2f:97:82:39:18:2c:98:01:ce:0f:00:
b4:05:27:3e:3f:f5:61:5f:56:94:0e:bd:42:64:60:05:f7:4c:
3a:b5:20:3b:60:53:8b:03:a5:36:3c:03:14:55:1a:1b:52:b2:
5a:fc:36:ab:05:5a:21:1e:47:44:f8:98:82:b0:3a:df:bc:d1:
23:af:d6:2c:7b:ac:db:27:f9:2b:0f:82:8d:02:3e:29:e9:f7:
95:d1:55:92:a3:7f:66:1b:56:ed:e4:06:10:c5:c7:bc:b0:b3:
e6:3d:c0:88:53:c2:18:eb:47:a0:81:94:39:98:bc:a8:9e:16:
98:0f:03:10:4f:5e:46:5c:ac:e8:25:54:7b:91:df:46:48:24:
fd:75:49:64:d2:e3:ae:2e:d4:cb:a9:8c:8e:e6:b0:42:5d:6d:
cb:3e:02:fc:7e:1d:68:f0:e3:13:de:73:a1:d6:93:4b:27:10:
ae:9e:26:18:ca:fb:56:37:bc:cf:a9:e1:47:9d:f0:a1:d4:38:
7b:67:7f:0c:99:8c:04:2e:0b:c6:e3:85:98:99:d2:b2:0b:f3:
1a:4d:8e:75
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICASgwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAxMKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMTEwMTQwODUxMThaFw0yMjEwMTQwODUxMThaMBgxFjAU
BgNVBAMMDTYxNjdlZjhhLTlhMGEwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCypqNZQNnYl3CW/wvPJWMN4AZYXNm34b2z6KOwrBD37b7DUlN45oZy7lvZ
yqXK3VVAFh4MseibKpsRNVq5zda8H8inQ16Nzs5jUSSZD1PD/280wrWHubq34/6T
Cu0Lft5N+S0UBHnt9SlTpJX7PPYL8Tf2DUAZ26PpelO568Mvu6lP6+VCpGIpXhGL
HUa4vmzO8gSXkxwXvD1NmP6J9frbPSaOVXeDHi4hB3GyA4WkCHybznEXFjE6DJBf
QL8bchzOtj1InPGhRdNfuO1eDwosAFUZQJlzbiHGFDwoWxQewcbdyldd258znOXE
mBZdnNHoFlr2bp5hK97Yg+awkUkhAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQU59bl
YKcCLchbmVCt0ypCwCuae8EwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0U3Q0FFNzg0MkNDQjExRUNBN0QyNDUwQUQ4QTAxNENFLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAOcAHAwDQYJKoZIhvcNAQELBQAD
ggEBADQkMvuR4GiECP5cIkT+hERzSwdnYexXR4ivACp2/Foi2KH6wqM0L4A9DuEv
l4I5GCyYAc4PALQFJz4/9WFfVpQOvUJkYAX3TDq1IDtgU4sDpTY8AxRVGhtSslr8
NqsFWiEeR0T4mIKwOt+80SOv1ix7rNsn+SsPgo0CPinp95XRVZKjf2YbVu3kBhDF
x7yws+Y9wIhTwhjrR6CBlDmYvKieFpgPAxBPXkZcrOglVHuR30ZIJP11SWTS464u
1MupjI7msEJdbcs+Avx+HWjw4xPec6HWk0snEK6eJhjK+1Y3vM+p4Ued8KHUOHtn
fwyZjAQuC8bjhZiZ0rIL8xpNjnU=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org