Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E8899222426511EE95ECA3774AD9E6FC.roa
File: E8899222426511EE95ECA3774AD9E6FC.roa (raw, json)
Hash identifier: CRh0cFlrJjlIenGCDyHbWH3zmmPIb40i+hD9yqrmDWQ=
Subject key identifier: 99:48:98:1F:18:FE:42:13:F7:D6:F7:A5:01:FC:A0:10:72:15:11:27
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 0490
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E8899222426511EE95ECA3774AD9E6FC.roa
Signing time: Thu 24 Aug 2023 10:06:36 +0000
ROA not before: Thu 24 Aug 2023 10:06:32 +0000
ROA not after: Sat 24 Aug 2024 10:06:32 +0000
asID: 398465
IP address blocks: 156.0.121.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1168 (0x490)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Aug 24 10:06:32 2023 GMT
Not After : Aug 24 10:06:32 2024 GMT
Subject: CN=64e72bab-4d0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:30:62:98:f5:b4:dd:96:9f:21:35:ec:91:44:
a8:03:69:e1:29:a0:46:db:6c:6c:2b:81:bd:36:b8:
4d:d6:ae:59:2e:a7:2b:76:3d:42:7c:c6:f8:bc:ab:
5b:2f:30:cc:3b:96:4b:bf:70:81:6a:80:71:fa:c6:
3f:0a:87:6f:53:89:fb:6f:c4:82:c1:52:21:ed:be:
ea:65:7f:ff:88:87:f9:eb:b9:07:93:0f:e5:1f:b0:
dd:9c:35:aa:01:f5:4d:45:57:1d:00:16:16:ea:bc:
5c:fe:74:1c:8e:f7:f7:bc:30:04:6b:11:fa:50:b5:
40:e1:66:03:ee:35:7c:c5:d7:95:24:35:49:24:67:
c6:17:09:ee:49:5f:28:5b:31:56:ca:f4:5d:3d:3e:
7e:50:2e:91:8f:7a:4e:99:23:21:9f:4b:0f:4a:85:
bf:2f:e5:2a:81:f7:38:72:46:5a:bb:cd:30:62:61:
57:04:88:21:7d:47:b2:01:f7:e9:76:5e:0e:66:27:
79:ba:53:b0:34:d5:0f:f8:d1:96:41:c1:67:e6:37:
b4:e0:40:71:39:b2:d1:d5:54:a6:c6:c2:15:21:d5:
5f:2e:41:d8:be:84:40:9e:2f:86:e3:e2:99:99:d0:
25:74:7b:8f:a2:e5:93:91:bd:11:8b:39:e0:c6:94:
d4:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:48:98:1F:18:FE:42:13:F7:D6:F7:A5:01:FC:A0:10:72:15:11:27
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/E8899222426511EE95ECA3774AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.121.0/24
Signature Algorithm: sha256WithRSAEncryption
20:a4:c8:1a:18:3b:9c:27:0b:92:34:35:a2:17:b0:19:6c:47:
3e:be:d0:22:f4:1c:3e:c9:67:96:24:47:f7:17:3b:2e:1f:2b:
ae:7d:a1:56:7e:54:74:90:7d:92:bf:92:b0:6e:18:56:21:30:
76:f2:e5:57:5f:c0:41:03:4d:18:7a:75:66:57:0e:21:3d:d0:
8a:5a:02:78:95:0c:01:a8:2e:34:bb:93:4f:4b:69:1a:d5:6b:
5a:76:09:2b:0d:d0:de:a4:c0:e1:11:a6:2f:a3:e9:c1:9d:c1:
20:3a:43:67:a5:97:12:3e:0d:70:74:f8:e1:42:7c:87:51:0d:
db:1b:5c:cd:4f:6c:fd:ce:ee:09:d7:72:27:9c:1e:0e:7f:68:
d7:9a:b4:56:f2:21:7d:43:bb:cc:25:b7:7b:4a:51:57:23:00:
30:2e:40:94:77:99:d8:ca:e5:e8:6f:ef:87:5a:d1:4f:d9:02:
77:80:3f:8c:eb:32:7a:8d:e9:c6:b4:03:a3:e3:90:24:dc:d9:
3b:96:a2:d0:14:e7:f1:ca:01:23:de:12:e0:5f:dd:73:3b:2d:
7e:04:ec:d8:48:4f:de:af:7d:cb:66:ae:14:55:4c:40:1b:14:
a9:9e:ba:2b:59:5e:c1:0e:4b:88:1d:d4:0e:ef:d1:f5:09:26:
cc:0a:87:97
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBJAwDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA4MjQxMDA2MzJaFw0yNDA4MjQxMDA2MzJaMBgxFjAU
BgNVBAMTDTY0ZTcyYmFiLTRkMGMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQCsMGKY9bTdlp8hNeyRRKgDaeEpoEbbbGwrgb02uE3Wrlkupyt2PUJ8xvi8
q1svMMw7lku/cIFqgHH6xj8Kh29TiftvxILBUiHtvuplf/+Ih/nruQeTD+UfsN2c
NaoB9U1FVx0AFhbqvFz+dByO9/e8MARrEfpQtUDhZgPuNXzF15UkNUkkZ8YXCe5J
XyhbMVbK9F09Pn5QLpGPek6ZIyGfSw9Khb8v5SqB9zhyRlq7zTBiYVcEiCF9R7IB
9+l2Xg5mJ3m6U7A01Q/40ZZBwWfmN7TgQHE5stHVVKbGwhUh1V8uQdi+hECeL4bj
4pmZ0CV0e4+i5ZORvRGLOeDGlNTJAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUmUiY
Hxj+QhP31velAfygEHIVEScwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0U4ODk5MjIyNDI2NTExRUU5NUVDQTM3NzRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAHkwDQYJKoZIhvcNAQELBQAD
ggEBACCkyBoYO5wnC5I0NaIXsBlsRz6+0CL0HD7JZ5YkR/cXOy4fK659oVZ+VHSQ
fZK/krBuGFYhMHby5VdfwEEDTRh6dWZXDiE90IpaAniVDAGoLjS7k09LaRrVa1p2
CSsN0N6kwOERpi+j6cGdwSA6Q2ellxI+DXB0+OFCfIdRDdsbXM1PbP3O7gnXciec
Hg5/aNeatFbyIX1Du8wlt3tKUVcjADAuQJR3mdjK5ehv74da0U/ZAneAP4zrMnqN
6ca0A6PjkCTc2TuWotAU5/HKASPeEuBf3XM7LX4E7NhIT96vfctmrhRVTEAbFKme
uitZXsEOS4gd1A7v0fUJJswKh5c=
-----END CERTIFICATE-----
Generated at Thu Jun 6 16:47:07 2024 by rpki-client on console-fra.rpki-client.org