Route Origin Authorization
$ rpki-client -vvf rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/F04BC22C382011EEBBF5900E4AD9E6FC.roa
File: F04BC22C382011EEBBF5900E4AD9E6FC.roa (raw, json)
Hash identifier: cKrMl1yJ05aLCo2sgrOYnYxiJ26uq7aRi9eMv5P2xLQ=
Subject key identifier: 2F:D9:D3:C3:EC:30:80:68:C7:9E:E5:16:40:98:87:8E:37:AA:91:E2
Certificate issuer: /CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Certificate serial: 046B
Authority key identifier: B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
Authority info access: rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
Subject info access: rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/F04BC22C382011EEBBF5900E4AD9E6FC.roa
Signing time: Fri 11 Aug 2023 08:27:42 +0000
ROA not before: Fri 11 Aug 2023 08:27:38 +0000
ROA not after: Sun 11 Aug 2024 08:27:38 +0000
asID: 328227
IP address blocks: 156.0.125.0/24 maxlen: 24
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 1131 (0x46b)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=F3626CB6AR/serialNumber=B9FDD8953349716ADAE7A8D1BB13CC27F520FFD6
Validity
Not Before: Aug 11 08:27:38 2023 GMT
Not After : Aug 11 08:27:38 2024 GMT
Subject: CN=64d5f0fe-5c7c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:61:c8:45:fd:4a:7d:f5:ad:d1:5e:c9:d7:7c:
ed:5f:cf:e1:4c:ec:6d:36:15:8b:f9:20:36:d7:ed:
5b:c7:57:af:4b:c9:dd:02:5f:73:71:43:d4:da:ed:
72:1b:a4:c5:57:9f:b1:ac:30:ff:1a:78:d4:d4:94:
9a:9f:74:06:f6:b4:01:90:a4:94:1d:a7:ea:93:4d:
62:cc:6b:ec:0c:f3:14:80:5f:22:3e:c6:63:61:29:
c1:8d:10:77:75:13:c9:1c:d4:19:00:58:a5:f5:ce:
95:40:a1:9d:1a:71:5d:37:36:15:d2:2c:39:17:15:
cd:76:3f:fd:f8:bc:4e:23:e7:c1:08:c3:05:99:61:
8b:f9:ff:9e:a8:29:cf:72:1f:e7:49:c2:f4:0c:5d:
e1:52:3e:e0:6e:0c:ba:55:2c:d3:52:c6:a7:cf:0c:
1b:cd:dd:df:a7:8e:c1:04:9e:cd:fc:ef:16:fe:78:
fd:52:37:94:c1:bd:b4:69:63:b3:b5:94:ea:41:4e:
87:6f:5b:d0:f0:6f:32:05:6a:fa:65:a3:c6:26:77:
99:9b:38:c2:9c:dc:27:0b:7e:bb:b7:12:45:cc:e0:
a8:3a:54:c0:2a:44:b7:9f:e3:6e:7a:44:78:38:82:
1e:b9:52:50:07:4c:fa:be:3b:52:63:db:38:bd:1f:
d7:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:D9:D3:C3:EC:30:80:68:C7:9E:E5:16:40:98:87:8E:37:AA:91:E2
X509v3 Authority Key Identifier:
keyid:B9:FD:D8:95:33:49:71:6A:DA:E7:A8:D1:BB:13:CC:27:F5:20:FF:D6
X509v3 Key Usage: critical
Digital Signature
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.afrinic.net/repository/arin/uf3YlTNJcWra56jRuxPMJ_Ug_9Y.cer
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
CPS: https://rpki.afrinic.net/policy/CPS.pdf
Subject Information Access:
Signed Object - URI:rsync://rpki.afrinic.net/repository/member_repository/F3626CB6/02B8B9488BD911EB91C9A537F8AEA228/F04BC22C382011EEBBF5900E4AD9E6FC.roa
RPKI Notify - URI:https://rrdp.afrinic.net/notification.xml
sbgp-ipAddrBlock: critical
IPv4:
156.0.125.0/24
Signature Algorithm: sha256WithRSAEncryption
88:63:6c:1b:65:ff:6d:3a:e2:d0:0a:2e:28:3d:69:da:bc:97:
28:18:c3:6f:d0:0a:54:62:39:47:5f:62:64:ad:65:80:cd:78:
6a:16:fd:ce:f7:64:19:0a:d8:d7:3b:e3:bc:2e:3e:b7:14:ec:
c2:f6:d7:15:87:68:79:f1:4c:cd:de:67:6f:ae:98:d5:6a:fe:
b0:59:78:70:5b:9b:3a:38:95:d3:18:e0:92:69:44:a8:55:fa:
4d:52:0e:ff:e0:2b:d0:87:a2:77:6d:34:75:b6:b9:16:7a:7b:
2d:14:59:75:fa:33:4b:2f:87:43:24:0f:37:2b:7e:65:b4:60:
19:c0:07:23:60:3a:6d:17:3c:fe:57:25:1f:24:35:d6:37:94:
a7:56:96:44:7e:cf:4e:93:39:27:37:83:6e:bd:3d:f6:82:c2:
3c:e5:26:6d:63:69:eb:a6:e0:5a:b1:b8:94:1a:c9:05:8f:f2:
fd:03:f3:8b:7f:bd:33:f6:09:eb:33:2e:42:c2:78:fc:1c:97:
2d:33:a7:7e:3a:1b:d5:64:eb:41:35:6c:20:c6:96:79:61:11:
ec:b5:8b:0b:b6:7e:16:60:9b:2a:3d:8f:a0:54:cc:07:e1:93:
9f:de:ea:e0:ae:59:af:d3:31:a7:ef:e4:98:18:f6:9b:8d:a5:
27:59:ee:61
-----BEGIN CERTIFICATE-----
MIIFgDCCBGigAwIBAgICBGswDQYJKoZIhvcNAQELBQAwSDETMBEGA1UEAwwKRjM2
MjZDQjZBUjExMC8GA1UEBRMoQjlGREQ4OTUzMzQ5NzE2QURBRTdBOEQxQkIxM0ND
MjdGNTIwRkZENjAeFw0yMzA4MTEwODI3MzhaFw0yNDA4MTEwODI3MzhaMBgxFjAU
BgNVBAMTDTY0ZDVmMGZlLTVjN2MwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEK
AoIBAQDKYchF/Up99a3RXsnXfO1fz+FM7G02FYv5IDbX7VvHV69Lyd0CX3NxQ9Ta
7XIbpMVXn7GsMP8aeNTUlJqfdAb2tAGQpJQdp+qTTWLMa+wM8xSAXyI+xmNhKcGN
EHd1E8kc1BkAWKX1zpVAoZ0acV03NhXSLDkXFc12P/34vE4j58EIwwWZYYv5/56o
Kc9yH+dJwvQMXeFSPuBuDLpVLNNSxqfPDBvN3d+njsEEns387xb+eP1SN5TBvbRp
Y7O1lOpBTodvW9DwbzIFavplo8Ymd5mbOMKc3CcLfru3EkXM4Kg6VMAqRLef4256
RHg4gh65UlAHTPq+O1Jj2zi9H9ctAgMBAAGjggKiMIICnjAdBgNVHQ4EFgQUL9nT
w+wwgGjHnuUWQJiHjjeqkeIwHwYDVR0jBBgwFoAUuf3YlTNJcWra56jRuxPMJ/Ug
/9YwDgYDVR0PAQH/BAQDAgeAMIGVBgNVHR8EgY0wgYowgYeggYSggYGGf3JzeW5j
Oi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9yZXBvc2l0b3J5
L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVBMjI4L3VmM1ls
VE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jcmwwZAYIKwYBBQUHAQEEWDBWMFQGCCsG
AQUFBzAChkhyc3luYzovL3Jwa2kuYWZyaW5pYy5uZXQvcmVwb3NpdG9yeS9hcmlu
L3VmM1lsVE5KY1dyYTU2alJ1eFBNSl9VZ185WS5jZXIwTwYDVR0gAQH/BEUwQzBB
BggrBgEFBQcOAjA1MDMGCCsGAQUFBwIBFidodHRwczovL3Jwa2kuYWZyaW5pYy5u
ZXQvcG9saWN5L0NQUy5wZGYwgdsGCCsGAQUFBwELBIHOMIHLMIGRBggrBgEFBQcw
C4aBhHJzeW5jOi8vcnBraS5hZnJpbmljLm5ldC9yZXBvc2l0b3J5L21lbWJlcl9y
ZXBvc2l0b3J5L0YzNjI2Q0I2LzAyQjhCOTQ4OEJEOTExRUI5MUM5QTUzN0Y4QUVB
MjI4L0YwNEJDMjJDMzgyMDExRUVCQkY1OTAwRTRBRDlFNkZDLnJvYTA1BggrBgEF
BQcwDYYpaHR0cHM6Ly9ycmRwLmFmcmluaWMubmV0L25vdGlmaWNhdGlvbi54bWww
HwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBACcAH0wDQYJKoZIhvcNAQELBQAD
ggEBAIhjbBtl/2064tAKLig9adq8lygYw2/QClRiOUdfYmStZYDNeGoW/c73ZBkK
2Nc747wuPrcU7ML21xWHaHnxTM3eZ2+umNVq/rBZeHBbmzo4ldMY4JJpRKhV+k1S
Dv/gK9CHondtNHW2uRZ6ey0UWXX6M0svh0MkDzcrfmW0YBnAByNgOm0XPP5XJR8k
NdY3lKdWlkR+z06TOSc3g269PfaCwjzlJm1jaeum4FqxuJQayQWP8v0D84t/vTP2
CeszLkLCePwcly0zp346G9Vk60E1bCDGlnlhEey1iwu2fhZgmyo9j6BUzAfhk5/e
6uCuWa/TMafv5JgY9puNpSdZ7mE=
-----END CERTIFICATE-----
Generated at Thu Jun 6 17:58:31 2024 by rpki-client on console-ams.rpki-client.org